Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pc keine Verbindung obwohl es unten angezeigt wird

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.12.2014, 23:25   #1
Johnny123456
 
Pc keine Verbindung obwohl es unten angezeigt wird - Unglücklich

Pc keine Verbindung obwohl es unten angezeigt wird



Also ich habe keine Ahnung wieso aber mein pc verbindet sich nicht mit dem Internet bzw unten steht er ist verbunden aber steam und Origin sagen was anderes und die Browser reagieren nicht mal mehr richtig Kann mir jemand helfen? Ach und habe heute cloned files Scanner durchlaufen lassen und hab den Tube up runtergeladen um ihn zu aktivieren da mein Laufwerk nicht funktioniert hat ,das mal als Info

Geändert von Johnny123456 (13.12.2014 um 23:58 Uhr)

Alt 14.12.2014, 10:32   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



hi,

von einem andern Rechner laden.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Und Satzzeichen wären cool.
__________________

__________________

Alt 14.12.2014, 15:53   #3
Johnny123456
 
Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Ich habe nur zugriff auf diesen pc und habe auch keinen USB stick

FRST.text
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014
Ran by Dilan (administrator) on DIYAR-PC on 14-12-2014 15:37:57
Running from E:\
Loaded Profile: Dilan (Available profiles: Diyar & Plan b & Dilan & ümit & Gast)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => TTIME
HKLM\...\Run: [VirtualCloneDrive] => N.EXE" /S
HKLM\...\Run: [HP Software Update] => FTWARE UPDATE\HPWUSCHD.EXE"
HKLM\...\Run: [HP Component Manager] => RETECH\HPCMPMGR.EXE"
HKLM\...\Run: [SunJavaUpdateSched] => N FILES\JAVA\JAVA UPDATE\JUSCHED.EXE"
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Run: [SmartRAM] => C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\RunOnce: [Adobe Speed Launcher] => 1418564410
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
Startup: C:\Users\Plan b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {192a6019-26d2-4611-aead-07cd7733b146} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007 -> DefaultScope {D3D2BF91-3DFC-4D43-9DB5-CBC0F1DFBE71} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE0D20140110&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D121314-AB747CC590BEC44CD91F&form=CONBDF&conlogo=CT3330962&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007 -> {D3D2BF91-3DFC-4D43-9DB5-CBC0F1DFBE71} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE0D20140110&p={SearchTerms}
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No File
BHO: mySecureSurfer -> {52EA1989-D16E-4560-9021-F0AD247DE4D1} -> C:\Users\Dilan\AppData\LocalLow\mySecureSurfer\IE\mySecureSurfer.dll (Soft-Ware International Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 29 C:\Windows\system32\MyOSProtect.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2244397687-2994677012-3856678615-1007: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dilan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2244397687-2994677012-3856678615-1007: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dilan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: SparPilot - Gutscheine &amp; mehr... - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\sparpilot@sparpilot.com [2014-12-13]
FF Extension: {10688ffe-50ac-46ae-a40c-b393e967575e} - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\{10688ffe-50ac-46ae-a40c-b393e967575e}.xpi [2014-12-13]
FF Extension: Adblock Plus - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-13]
FF Extension: No Name - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\extensions\iobitascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-20]
CHR Extension: (Google Präsentationen) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (McAfee SafeKey) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Google-Suche) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Google Tabellen) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Google Mail) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR HKLM\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Diyar\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files\SafeKey\lpchrome.crx [2013-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 Origin Client Service; D:\origin\OriginClientService.exe [1900400 2014-12-01] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-01-30] ()
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [569024 2014-09-16] (Valve Corporation) [File not signed]
S2 c67abfdb; "C:\Windows\system32\rundll32.exe" "c:\progra~1\sw-boo~1\AssistantSvc.dll",service
S3 MyOSProtect; C:\Program Files\Web Protect\MyOSProtect.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 65006428; C:\Windows\System32\DRIVERS\65006428.sys [133208 2013-08-30] (Kaspersky Lab ZAO)
R0 AFS; C:\Windows\system32\Drivers\AFS.sys [77004 2014-09-07] (Oak Technology Inc.) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2012-07-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] () [File not signed]
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2008-12-13] () [File not signed]
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi_oem; C:\Windows\System32\DRIVERS\gan_adapter.sys [10664 2006-08-28] (Applied Networking Inc.) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-07-08] ()
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
S3 nocashio; C:\Windows\System32\drivers\nocashio.sys [4096 2011-08-23] () [File not signed]
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [154752 2005-10-18] (PixArt Imaging Inc.)
R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [89648 2009-10-20] (Philips Applied Technologies)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SPC620; C:\Windows\System32\drivers\SPC620.sys [484352 2007-09-28] (Philips                                                     )
R3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [7680 2007-09-28] (Philips                                                     )
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-08-15] (Avira GmbH)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2011-06-24] (Acronis)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 cpuz137; \??\C:\Users\Dilan\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U4 RDSessMgr; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-05-21 16:14 - 9514-05-21 16:27 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Apps\2.0
2099-05-21 16:14 - 2014-09-06 10:55 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Deployment
2099-05-21 16:09 - 9514-05-21 16:09 - 00000000 ____D () C:\Users\Diyar\Documents\Optimizer Pro
2099-05-21 16:09 - 9514-05-21 16:09 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Optimizer Pro
2099-05-21 16:04 - 9514-05-21 16:22 - 00000000 ____D () C:\Program Files\webget
2099-05-21 16:04 - 9514-05-21 16:21 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\loadtbs
2099-05-21 16:04 - 9514-05-21 16:04 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Speedial
2099-05-21 16:04 - 9514-05-21 16:04 - 00000000 ____D () C:\Program Files\Speedial
2014-12-14 15:37 - 2014-12-14 15:38 - 00000000 ____D () C:\FRST
2014-12-14 13:43 - 2014-12-14 13:43 - 00000000 __SHD () C:\Users\Diyar\AppData\Local\EmieBrowserModeList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieUserList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieSiteList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieBrowserModeList
2014-12-13 23:49 - 2014-12-13 23:49 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\Avira
2014-12-13 23:44 - 2014-12-14 11:08 - 00000000 ____D () C:\Users\ümit
2014-12-13 23:44 - 2014-12-13 23:44 - 00110064 _____ () C:\Users\ümit\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 23:44 - 2014-12-13 23:44 - 00001425 _____ () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-13 23:44 - 2014-12-13 23:44 - 00000482 __RSH () C:\Users\ümit\ntuser.pol
2014-12-13 23:44 - 2014-12-13 23:44 - 00000020 ___SH () C:\Users\ümit\ntuser.ini
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Startmenü
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Netzwerkumgebung
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Druckumgebung
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Documents\Eigene Musik
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Documents\Eigene Bilder
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\AppData\Local\Verlauf
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\ATI
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\Adobe
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Local\ATI
2014-12-13 23:44 - 2014-12-09 18:59 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\IObit
2014-12-13 23:44 - 2012-04-11 23:59 - 00000000 ____D () C:\Users\ümit\AppData\Local\Microsoft Help
2014-12-13 23:44 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-13 23:44 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-13 22:33 - 2014-12-14 14:39 - 00000336 _____ () C:\Windows\setupact.log
2014-12-13 22:33 - 2014-12-13 22:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-13 22:20 - 2014-12-13 22:20 - 00003748 _____ () C:\Windows\PFRO.log
2014-12-13 22:00 - 2014-12-13 22:00 - 29741056 _____ () C:\Windows\system32\config\components.iobit
2014-12-13 21:53 - 2014-12-13 21:53 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\ProductData
2014-12-13 20:16 - 2014-12-13 20:16 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\TuneUp Software
2014-12-13 20:10 - 2014-12-13 20:10 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\IObit
2014-12-13 18:42 - 2014-12-13 18:42 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\TuneUp Software
2014-12-13 18:38 - 2014-12-13 18:38 - 00004616 _____ () C:\Windows\system32\LavasoftTcpService.ini
2014-12-13 18:38 - 2014-12-13 18:38 - 00002448 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-12-13 18:37 - 2014-11-27 10:44 - 00312424 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2014-12-13 18:36 - 2014-12-13 18:36 - 00001288 _____ () C:\Users\Dilan\Desktop\Cloned Files Scanner.lnk
2014-12-13 18:35 - 2014-12-13 18:35 - 00598912 _____ () C:\Users\Dilan\Downloads\TuneUpUtilities2013_de-DE.exe
2014-12-10 16:59 - 2014-12-10 17:59 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-12-09 19:52 - 2014-12-09 22:35 - 00000704 _____ () C:\Windows\Tasks\OpenCandyHelperRunAA747FB84C99428893401EAD6DC44017.job
2014-12-09 19:00 - 2014-12-09 19:00 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\ProductData
2014-12-09 18:59 - 2014-12-09 18:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2014-12-09 18:59 - 2014-12-09 18:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2014-12-08 22:53 - 2014-12-08 22:54 - 00880784 _____ (Google Inc.) C:\Users\Diyar\Downloads\ChromeSetup.exe
2014-12-08 22:51 - 2014-12-08 22:51 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Macromedia
2014-12-08 22:50 - 2014-12-08 22:57 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\IObit
2014-12-08 22:17 - 2014-12-09 22:35 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA.job
2014-12-08 22:17 - 2014-12-09 22:35 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core.job
2014-12-08 22:17 - 2014-12-08 22:18 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Facebook
2014-12-08 22:17 - 2014-12-08 22:17 - 00501248 _____ (Facebook Inc.) C:\Users\Dilan\Downloads\FacebookVideoCallSetup_v1.2.205.0(1).exe
2014-12-07 14:53 - 2014-12-07 14:53 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(3).msi
2014-12-07 14:49 - 2014-12-07 14:49 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(2).msi
2014-12-07 14:08 - 2014-12-02 10:27 - 00000216 _____ () C:\Users\Dilan\Desktop\Tomb Raider.url
2014-12-06 21:18 - 2014-12-06 21:18 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed(2).zip
2014-12-06 21:09 - 2014-12-06 21:09 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:18 - 00001080 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-12-06 21:08 - 2014-12-06 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:18 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:08 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed(1).zip
2014-12-06 21:08 - 2011-12-07 19:42 - 00255496 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2014-12-06 20:31 - 2012-05-12 12:31 - 00099400 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2014-12-06 20:30 - 2014-12-06 20:30 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed.zip
2014-12-06 20:29 - 2014-12-06 20:29 - 01174352 _____ () C:\Users\Dilan\Downloads\MotioninJoy - CHIP-Installer.exe
2014-12-06 20:25 - 2014-12-06 20:26 - 00000000 ____D () C:\Users\Dilan\AppData\Local\BetterDS3
2014-12-06 20:24 - 2014-12-06 20:24 - 00759932 _____ () C:\Users\Dilan\Downloads\BetterDS3_1.5.3.zip
2014-12-06 20:23 - 2014-12-06 20:23 - 01174352 _____ () C:\Users\Dilan\Downloads\Better DS3 - CHIP-Installer.exe
2014-12-06 20:19 - 2014-12-06 20:19 - 04115757 _____ () C:\Users\Dilan\Downloads\MotioninJoy_070000_signed.zip
2014-12-06 20:04 - 2014-12-06 20:04 - 00804491 _____ () C:\Users\Dilan\Downloads\x360ce.App-2.1.2.191.zip
2014-12-06 19:53 - 2014-12-06 19:53 - 00000000 ____D () C:\Program Files\VID_0E8F&PID_3075
2014-12-06 19:52 - 2014-12-06 19:52 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\InstallShield
2014-12-05 12:29 - 2014-12-05 12:29 - 61407232 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00368640 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00098304 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-12-04 21:34 - 2014-12-04 21:34 - 00001216 _____ () C:\Users\Dilan\Desktop\Smart RAM.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00001144 _____ () C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00001132 _____ () C:\Users\Public\Desktop\Game Booster 3.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2014-12-04 21:02 - 2014-12-13 22:00 - 61423616 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00372736 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-12-04 21:02 - 2014-10-16 10:27 - 00024352 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-12-04 20:10 - 2014-12-04 20:10 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\ProductData
2014-12-04 20:08 - 2014-12-13 22:16 - 00002131 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-04 20:08 - 2014-12-04 22:17 - 00000000 ____D () C:\ProgramData\IObit
2014-12-04 20:08 - 2014-12-04 22:16 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-04 20:08 - 2014-12-04 21:21 - 00000000 ____D () C:\Program Files\IObit
2014-12-04 20:08 - 2014-12-04 20:10 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\IObit
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\Program Files\Common Files\IObit
2014-12-04 20:06 - 2014-12-04 20:07 - 43183800 _____ (IObit ) C:\Users\Dilan\Downloads\advanced-systemcare-setup_v8.0.3.exe
2014-12-03 19:04 - 2014-12-03 19:04 - 01174352 _____ () C:\Users\Dilan\Downloads\Wise Registry Cleaner - CHIP-Installer.exe
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Plan b\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Gast.Diyar-PC\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Diyar\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Dilan\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:25 - 2014-12-03 18:25 - 00313875 _____ () C:\Users\Dilan\Downloads\skse_1_07_01_installer.exe
2014-12-03 08:42 - 2014-12-03 08:42 - 00394347 _____ (Ray Siegl ) C:\Users\Dilan\Downloads\ram_clean_tool_setup.exe
2014-12-02 19:45 - 2014-12-02 19:45 - 00000000 ____D () C:\Windows\pss
2014-12-02 15:43 - 2014-12-12 16:20 - 00008598 _____ () C:\Users\Dilan\Documents\TombRaider.log
2014-12-02 10:10 - 2014-12-02 10:10 - 00250760 _____ () C:\Users\Dilan\Documents\ts3_clientui-win32-1407159763-2014-12-02 10_10_29.027026.dmp
2014-11-30 15:28 - 2014-12-04 22:34 - 00007609 _____ () C:\Users\Dilan\AppData\Local\Resmon.ResmonCfg
2014-11-30 15:12 - 2011-11-11 07:48 - 00002940 _____ () C:\Users\Dilan\Desktop\SkyrimPrefs.ini
2014-11-30 15:11 - 2014-11-30 15:12 - 00000000 ____D () C:\Users\Dilan\Desktop\Saves
2014-11-30 12:13 - 2014-11-30 12:13 - 00000000 ____D () C:\ProgramData\ATI
2014-11-30 12:12 - 2014-11-30 12:12 - 00000000 ____D () C:\ProgramData\AMD
2014-11-30 12:12 - 2014-11-30 12:12 - 00000000 ____D () C:\Program Files\AMD AVT
2014-11-30 12:11 - 2014-11-30 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-30 12:05 - 2014-11-30 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\ATI
2014-11-30 12:05 - 2014-11-30 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Local\ATI
2014-11-30 12:04 - 2014-11-30 12:04 - 00000000 ____D () C:\Program Files\AMD
2014-11-30 11:59 - 2014-11-30 11:59 - 00000000 ____D () C:\AMD
2014-11-30 11:52 - 2014-11-30 11:52 - 00891224 _____ (AMD) C:\Users\Dilan\Downloads\amddriverdownloader.exe
2014-11-30 10:50 - 2014-12-02 10:08 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\TS3Client
2014-11-30 10:50 - 2014-11-30 10:50 - 00001211 _____ () C:\Users\Dilan\Desktop\TeamSpeak 3 Client.lnk
2014-11-30 10:50 - 2014-11-30 10:50 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-11-30 10:49 - 2014-11-30 10:50 - 00000000 ____D () C:\Users\Dilan\AppData\Local\TeamSpeak 3 Client
2014-11-30 10:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-11-30 10:48 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-11-30 10:46 - 2014-11-30 10:47 - 01174352 _____ () C:\Users\Dilan\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-11-30 10:30 - 2014-11-30 10:30 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(1).msi
2014-11-30 10:29 - 2014-12-14 14:04 - 00000000 ____D () C:\Program Files\Steam
2014-11-30 10:29 - 2014-11-30 10:29 - 01142392 _____ () C:\Users\Dilan\Downloads\SteamSetup.exe
2014-11-30 10:29 - 2014-11-30 10:29 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-11-30 10:29 - 2014-11-30 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 13:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-26 13:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-26 13:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-26 13:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-26 13:35 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-26 13:35 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-26 13:35 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-26 13:34 - 2014-11-30 15:15 - 00000000 ____D () C:\Users\Dilan\Documents\My Games
2014-11-26 13:34 - 2014-11-30 15:01 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Skyrim
2014-11-26 13:34 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-26 13:34 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-26 13:32 - 2014-11-26 13:32 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Unity
2014-11-26 13:31 - 2014-11-26 13:31 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Unity
2014-11-26 13:30 - 2014-11-26 13:30 - 01081992 _____ (Unity Technologies ApS) C:\Users\Dilan\Downloads\UnityWebPlayer.exe
2014-11-21 14:24 - 2014-11-21 14:24 - 00000000 __SHD () C:\Users\Dilan\AppData\Local\EmieBrowserModeList
2014-11-17 22:04 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-17 22:04 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-17 22:04 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-17 22:04 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-17 22:04 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-17 22:04 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-17 22:04 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-17 22:04 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-17 22:04 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-17 22:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-17 22:03 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-17 22:03 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-17 22:03 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-17 22:03 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-17 22:03 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-17 22:03 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-17 22:03 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-17 22:03 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-17 22:03 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-17 22:03 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-17 22:03 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-17 22:03 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-17 22:03 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-17 22:03 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-17 22:03 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-17 22:03 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-17 22:03 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-17 22:03 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-17 22:03 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-17 22:03 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-17 22:03 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-17 22:03 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-17 22:03 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-17 22:03 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-17 22:03 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-17 22:03 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-17 22:03 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-17 22:03 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-17 22:03 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-17 22:03 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-17 21:55 - 2014-11-17 21:55 - 01557060 _____ (TeamExtreme) C:\Users\Dilan\Downloads\Minecraft Cracked Launcher.exe
2014-11-17 21:47 - 2014-11-17 21:47 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection.msi
2014-11-17 21:43 - 2014-11-26 13:43 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\.minecraft
2014-11-17 21:40 - 2014-11-17 21:40 - 00675988 _____ () C:\Users\Dilan\Downloads\Minecraft.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-05-21 16:21 - 2011-11-11 14:02 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-14 15:37 - 2011-06-24 16:03 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 15:22 - 2011-06-24 15:55 - 01791427 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 15:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-14 14:46 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-14 14:46 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-14 14:39 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-14 14:39 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-14 14:04 - 2012-05-27 19:11 - 00000000 ____D () C:\Users\Plan b\Tracing
2014-12-14 13:48 - 2011-10-22 10:57 - 00000000 ____D () C:\Users\Plan b
2014-12-14 13:41 - 2011-06-24 15:58 - 00000000 ____D () C:\Users\Diyar
2014-12-14 11:13 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-12-14 11:09 - 2014-09-13 11:54 - 00000000 ____D () C:\Users\Dilan
2014-12-14 11:08 - 2014-09-12 19:57 - 00000000 ____D () C:\Users\Gast.Diyar-PC
2014-12-14 11:08 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-13 23:43 - 2013-02-02 12:02 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-12-13 22:20 - 2011-06-24 16:48 - 00000000 ____D () C:\Windows\Panther
2014-12-13 21:59 - 2014-10-02 16:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 20:42 - 2014-09-20 18:48 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Microsoft Games
2014-12-13 18:50 - 2014-09-05 14:34 - 00000000 ____D () C:\Program Files\GUM3AEE.tmp
2014-12-13 18:50 - 2012-01-19 16:51 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Oblivion
2014-12-13 18:50 - 2011-12-29 20:43 - 00000000 ____D () C:\Users\Plan b\AppData\Local\Skyrim
2014-12-13 18:49 - 2014-09-20 17:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-13 18:49 - 2014-09-09 16:41 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Gameo
2014-12-10 17:59 - 2013-01-09 20:33 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 17:59 - 2013-01-09 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-09 19:50 - 2014-09-06 11:08 - 00000000 ____D () C:\Users\Diyar\Desktop\Unused Shortcut(CU)
2014-12-09 19:50 - 2012-01-15 23:12 - 00000000 ____D () C:\Program Files\Prince of Persia
2014-12-09 19:50 - 2011-12-09 17:27 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-09 19:50 - 2011-11-11 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
2014-12-09 19:50 - 2011-08-01 10:21 - 00000000 ____D () C:\Users\Diyar\Desktop\Ümit
2014-12-09 19:09 - 2013-04-11 19:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 19:02 - 2014-05-21 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 19:00 - 2012-05-23 18:29 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Skype
2014-12-09 13:58 - 2014-09-20 13:53 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-09 13:58 - 2014-09-20 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-09 13:58 - 2014-09-20 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-09 13:58 - 2014-09-20 13:53 - 00000000 ____D () C:\Program Files\Avira
2014-12-09 12:18 - 2012-01-09 22:37 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-09 12:16 - 2011-06-24 18:50 - 00000000 ____D () C:\Program Files\Windows Live
2014-12-09 12:14 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-08 23:01 - 2011-11-11 14:02 - 00000000 ____D () C:\Users\Diyar\AppData\Local\PMB Files
2014-12-08 22:59 - 2011-06-24 16:05 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Google
2014-12-08 22:51 - 2012-04-21 16:13 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Akamai
2014-12-07 17:13 - 2013-09-23 16:24 - 00000000 ____D () C:\Program Files\SafeKey
2014-12-07 14:53 - 2011-10-21 17:40 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-12-06 19:53 - 2011-08-21 22:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-06 11:04 - 2013-07-14 14:36 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA.job
2014-12-06 11:04 - 2013-07-14 14:36 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core.job
2014-12-06 11:04 - 2011-10-19 19:00 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA.job
2014-12-06 11:04 - 2011-10-19 19:00 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core.job
2014-12-04 22:29 - 2013-05-13 14:26 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-12-04 22:29 - 2013-05-13 14:26 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-12-04 22:17 - 2013-02-09 09:44 - 00000000 ____D () C:\Fraps
2014-12-04 22:15 - 2014-10-09 20:22 - 00000000 ____D () C:\ProgramData\Origin
2014-12-04 21:38 - 2012-01-02 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC2 server emulator
2014-12-04 21:38 - 2011-06-24 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SBMAV Disk Cleaner
2014-12-04 20:09 - 2014-09-13 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Apple Computer
2014-12-03 19:14 - 2009-07-14 03:03 - 64487424 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-03 13:24 - 2011-12-19 15:11 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-12-03 08:50 - 2011-12-29 23:30 - 00000000 ____D () C:\Program Files\SpeedFan
2014-12-01 18:05 - 2014-10-09 20:25 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Origin
2014-12-01 18:05 - 2014-10-09 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-30 15:23 - 2012-04-21 16:39 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-11-30 15:21 - 2011-07-30 18:36 - 00000000 ____D () C:\Program Files\Google
2014-11-30 12:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-30 12:10 - 2013-01-31 16:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-28 23:02 - 2011-06-24 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-28 18:55 - 2014-09-10 17:18 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-11-27 13:24 - 2009-07-14 05:33 - 00409800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-26 13:57 - 2011-06-24 16:14 - 00110064 _____ () C:\Users\Diyar\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 21:03 - 2012-10-08 13:10 - 00000000 ____D () C:\Users\Plan b\AppData\Local\Google
2014-11-21 13:13 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-21 12:25 - 2012-04-01 17:20 - 00110064 _____ () C:\Users\Plan b\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 12:21 - 2014-05-22 12:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-21 12:16 - 2014-09-13 11:57 - 00110064 _____ () C:\Users\Dilan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-17 22:13 - 2014-01-02 03:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-17 22:13 - 2014-01-01 11:43 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-11-17 22:06 - 2011-06-24 18:35 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2244397687-2994677012-3856678615-1001\$9f114d5ed76ce9597dec2519af199e16

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$9f114d5ed76ce9597dec2519af199e16

Files to move or delete:
====================
C:\Users\Diyar\GeoGebra-Windows-Installer-3-2-46-0.exe
C:\Users\Diyar\PhotoScapeSetup_V3.5.exe


Some content of TEMP:
====================
C:\Users\Dilan\AppData\Local\Temp\avgnt.exe
C:\Users\Diyar\AppData\Local\Temp\avgnt.exe
C:\Users\Plan b\AppData\Local\Temp\avgnt.exe
C:\Users\ümit\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-04-18 18:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

AdditionFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-12-2014
Ran by Dilan at 2014-12-14 15:39:36
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AC2 server emulator 0.44 by Dormine (HKLM\...\{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1) (Version:  - bjamikel)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Airfoil (HKLM\...\Airfoil) (Version: 3.5.3 - Rogue Amoeba)
AMD Catalyst Install Manager (HKLM\...\{319271B3-E2AA-F623-928E-245C9EBF16F7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Avira (HKLM\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BrowserSafeguard with RocketTab (HKLM\...\RocketTab) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
BurnAware Free 3.0.3 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CPUID CPU-Z 1.67 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DeleteAd (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - DeleteAd) <==== ATTENTION
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formelrechner (HKLM\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
GeoGebra (HKLM\...\GeoGebra) (Version: 3.2.46.0 - International GeoGebra Institute)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP Scanjet G2410 and 2400 (HKLM\...\{E5B04674-1885-4B08-BAE7-ECDEC1F84677}) (Version: 13.0 - HP)
HP Speicher-Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
hpg2410 (Version: 13.0.0.0 - Ihr Firmenname) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
McAfee SafeKey(uninstall only) (HKLM\...\safekey) (Version:  - McAfee, Inc.)
MegaTrainer eXperience V1.2.1.3 (HKLM\...\MegaTrainer eXperience_is1) (Version:  - )
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Morrowind (HKLM\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - MotioninJoy | Playstation 3|Xbox 360|Dualshock 3|Sixaxis|Game|Driver|)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
NVIDIA PhysX (HKLM\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Oblivion (HKLM\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Philips SPC620NC Webcam (HKLM\...\{5CA6F170-E18D-4B4C-8670-3ED096478C41}) (Version: 1.00.000 - Philips)
Philips VLounge (HKLM\...\{EA57A1B9-0DD2-44DD-9B70-64E8DA553F6F}) (Version:  - ArcSoft)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Remote Mouse version 2.56 (HKLM\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse)
S.T.A.L.K.E.R. - Clear Sky [v1.0003] (HKLM\...\S.T.A.L.K.E.R. - Clear Sky_is1) (Version: 1.0003 - Deep Silver)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SBMAV Disk Cleaner 3 (HKLM\...\SBMAV Disk Cleaner_is1) (Version:  - SBMAV Software)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Web Plugin (HKLM\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Startup Booster v2.4 (HKLM\...\Startup Booster_is1) (Version: 2.4 - Smart PC Solutions)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SW-Booster (HKLM\...\S-792098896) (Version: 2.2.0.1111 - PremiumSoft) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SW-Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}) (Version:  - Certified Publisher) <==== ATTENTION
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{1AAE7ACD-816D-4982-A16B-4B724EBC1139}) (Version: 2.2.3.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TES Construction Set (HKLM\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Unity Web Player (HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Web Protect for Windows (HKLM\...\wp-adinject-adk) (Version: 10.0.0 - Web Protect) <==== ATTENTION
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.5.5 - Shark007)
Windows 7 Manager (HKLM\...\{EA027ED9-3A1E-426C-A8F1-D29B69C8E207}) (Version: 1.2.4 - Yamicsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Dilan\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Dilan\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Dilan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2011-12-27 23:20 - 00001052 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       static3.cdn.ubi.com
127.0.0.1       ubisoft-orbit.s3.amazonaws.com
127.0.0.1       onlineconfigservice.ubi.com
127.0.0.1       orbitservice.ubi.com
127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0287347F-A494-40A6-80A7-79332DD6FCDF} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2014-12-04] ()
Task: {0393DB74-93FA-4C14-9A1A-912851F854E1} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files\RocketTab\Client.exe" /Preferred=true <==== ATTENTION
Task: {09CB0658-D38A-429B-8689-FF55D3D736F1} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {209B2B82-0027-40A1-9A39-D184D960369D} - System32\Tasks\{36BFCFFA-0D1F-4AC9-BFA0-DB8E2A24399D} => D:\ds spiele 2011\assassino\AssassinsCreed_Launcher.exe [2008-02-22] (Ubisoft)
Task: {240AAF96-D29C-4A96-A93B-37C0975C1337} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {26DE445F-319D-4E5B-9C91-8875EF2AE392} - System32\Tasks\RocketTab Update Task => C:\Program Files\RocketTab\uninstall.exe <==== ATTENTION
Task: {33B714B5-A3A0-4EDC-BE19-38C19AE6B87A} - System32\Tasks\{2C903AF0-4B97-4152-92F4-AD248E3C39DD} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {40AE8109-5676-4B67-A920-8149CBF4554A} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-10] (IObit)
Task: {42777146-01BD-4275-AF2E-8EE21B9B9589} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {47A214F6-D248-4BD8-8300-BEFE5DAC03E7} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe [2014-11-13] (MyPC Backup) <==== ATTENTION
Task: {49A8D5A1-100A-4ACF-AA67-6397372ADC19} - System32\Tasks\{43494C23-39CF-4CB7-AE22-A9011C268D9C} => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {550A0356-ACC0-4AFB-8DDD-3FBC4345694B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2244397687-2994677012-3856678615-1007
Task: {60D5985A-52AC-40D2-8AA3-D805A78C9A27} - System32\Tasks\{4DBA4EFA-5763-471B-AEBE-4312DE7BB6F8} => D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe [2009-07-07] ()
Task: {61424186-3346-4140-80A8-C93CF4CD2489} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {78A06E16-66E1-4670-B681-6D1FACF285C1} - System32\Tasks\OpenCandyHelperRunAA747FB84C99428893401EAD6DC44017 => Rundll32.exe "C:\Users\Diyar\AppData\Roaming\OpenCandy\6D7FCDBD763F4E7B8DC17972DF6EC147\OCBrowserHelper_1.0.4.106.dll",_OCRestartDll@16
Task: {8EF48CA0-8074-4B72-A1F0-19606C512BD8} - System32\Tasks\ASC8_SkipUac_Dilan => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit)
Task: {9EEAEB29-1CAF-4506-83A3-C43A1D4EC9EB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {AB158445-097D-4E6D-A487-F37DE12E7F2B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B81CE756-FD0E-49D9-A7CD-7AA53D4D5E6A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D65BE0E9-D7A6-4A5A-A924-649EE8323671} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {FC8F0631-F614-4F0C-A14A-15745614A35D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core.job => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA.job => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core.job => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA.job => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core.job => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA.job => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\OpenCandyHelperRunAA747FB84C99428893401EAD6DC44017.job => C:\Users\Diyar\AppData\Roaming\OpenCandy\6D7FCDBD763F4E7B8DC17972DF6EC147\OCBrowserHelper_1.0.4.106.dll

==================== Loaded Modules (whitelisted) =============

2014-12-04 20:08 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 8\sqlite3.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-04 20:08 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
2014-12-04 20:08 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-12-04 20:08 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-12-04 20:08 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-11-13 10:59 - 2014-11-13 10:57 - 00270336 _____ () C:\Program Files\MyPC Backup\AlphaFS.dll
2014-11-13 10:59 - 2014-11-13 10:57 - 00060928 _____ () C:\Program Files\MyPC Backup\LinqBridge.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CC2DDA0D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install SafeKey IE RunOnce.lnk => C:\Windows\pss\Install SafeKey IE RunOnce.lnk.CommonStartup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2244397687-2994677012-3856678615-500 - Administrator - Disabled)
Dilan (S-1-5-21-2244397687-2994677012-3856678615-1007 - Administrator - Enabled) => C:\Users\Dilan
Diyar (S-1-5-21-2244397687-2994677012-3856678615-1001 - Limited - Enabled) => C:\Users\Diyar
Gast (S-1-5-21-2244397687-2994677012-3856678615-501 - Limited - Disabled) => C:\Users\Gast.Diyar-PC
HomeGroupUser$ (S-1-5-21-2244397687-2994677012-3856678615-1002 - Limited - Enabled)
Plan b (S-1-5-21-2244397687-2994677012-3856678615-1003 - Limited - Enabled) => C:\Users\Plan b
ümit (S-1-5-21-2244397687-2994677012-3856678615-1008 - Limited - Enabled) => C:\Users\ümit

==================== Faulty Device Manager Devices =============

Name: hp scanjet scanner
Description: hp scanjet scanner
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: TSSTcorp DVD-ROM SH-D163B
Description: TSSTcorp DVD-ROM SH-D163B
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2014 02:41:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:41:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:40:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:39:42 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (12/14/2014 02:24:52 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (12/14/2014 02:24:52 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 02:24:18 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (12/14/2014 02:18:12 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 02:18:12 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 01:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Name des fehlerhaften Moduls: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Ausnahmecode: 0x40000015
Fehleroffset: 0x00bd336e
ID des fehlerhaften Prozesses: 0xec8
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3


System errors:
=============
Error: (12/14/2014 03:28:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (12/14/2014 03:28:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (12/14/2014 03:24:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (12/14/2014 03:24:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (12/14/2014 03:22:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790

Error: (12/14/2014 03:21:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790

Error: (12/14/2014 03:21:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790

Error: (12/14/2014 03:20:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790

Error: (12/14/2014 03:20:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790

Error: (12/14/2014 03:19:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147014790


Microsoft Office Sessions:
=========================
Error: (12/14/2014 02:41:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:41:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:40:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/14/2014 02:39:42 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (12/14/2014 02:24:52 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (12/14/2014 02:24:52 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 02:24:18 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (12/14/2014 02:18:12 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 02:18:12 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/14/2014 01:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dSkype.exe6.18.0.10653d13f6d4000001500bd336eec801d0179b46751714C:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Skype\Phone\Skype.exe896da725-838e-11e4-92f7-001e8cb6cc4d


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 2047.29 MB
Available physical RAM: 1051.4 MB
Total Pagefile: 2047.29 MB
Available Pagefile: 1017.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.55 GB) (Free:19.57 GB) NTFS
Drive d: () (Fixed) (Total:195.7 GB) (Free:24.51 GB) NTFS
Drive e: () (Removable) (Total:14.98 GB) (Free:5.63 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=139.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 15 GB) (Disk ID: 99BE69B9)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 14.12.2014, 23:34   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    BrowserSafeguard with RocketTab (HKLM\...\RocketTab) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION

    DeleteAd

    MyPC Backup

    SW-Booster

    SW-Sustainer 1.80

    Web Protect for Windows


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.12.2014, 13:19   #5
Johnny123456
 
Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Hey

Ich habe vorhin das Programm runtergeladen und ausgeführt. Auf der Suche nach den Programmen zum Deinstalieren fand ich aber nichts.
Kein einziges, die von dir aufgezählten Programme, werden bei mir angezeigt, was nun ?



Name:  Programme.jpg
Hits: 346
Größe:  147,9 KB


Alt 15.12.2014, 21:02   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Schau mal ob Du sie unter WIndows findest zum Deinstallieren, dann dort deinstallieren.

Egal ob ja oder nein, direkt weiter mit dem Rest von oben.
__________________
--> Pc keine Verbindung obwohl es unten angezeigt wird

Alt 17.12.2014, 17:46   #7
Johnny123456
 
Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Ich krieg die Sachen nicht weg hab's mit 4 Programmen versucht

Alt 17.12.2014, 21:11   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Zitat:
Ich krieg die Sachen nicht weg hab's mit 4 Programmen versucht
Was ist das für ne Aussage?
Was versucht weg zu bekommen?
Mit was?

Mach doch einfach was oben steht! Sachen deinstallieren mit Revo. Geht nit? Dann wie oben beschrieben in Windows schauen zum Deinstallieren. Geht nit, dann steht oben schon gleich die nächste Anweisung.
Zitat:
Egal ob ja oder nein, direkt weiter mit dem Rest von oben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.12.2014, 15:33   #9
Johnny123456
 
Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



Also, ich weiß zwar nicht wie aber der Pc hat wieder Verbindung zum Internet

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-12-2014
Ran by Dilan at 2014-12-18 15:27:01
Running from C:\Users\Dilan\Desktop\Neuer Ordner\Neuer Ordner\Neuer Ordner
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AC2 server emulator 0.44 by Dormine (HKLM\...\{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1) (Version:  - bjamikel)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Airfoil (HKLM\...\Airfoil) (Version: 3.5.3 - Rogue Amoeba)
AMD Catalyst Install Manager (HKLM\...\{319271B3-E2AA-F623-928E-245C9EBF16F7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Avira (HKLM\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
BurnAware Free 3.0.3 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CPUID CPU-Z 1.67 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2 (HKLM\...\Driver Booster_is1) (Version: 2.0 - IObit)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formelrechner (HKLM\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
GeoGebra (HKLM\...\GeoGebra) (Version: 3.2.46.0 - International GeoGebra Institute)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP Scanjet G2410 and 2400 (HKLM\...\{E5B04674-1885-4B08-BAE7-ECDEC1F84677}) (Version: 13.0 - HP)
HP Speicher-Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
hpg2410 (Version: 13.0.0.0 - Ihr Firmenname) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IObit Malware Fighter (HKLM\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 72 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SafeKey(uninstall only) (HKLM\...\safekey) (Version:  - McAfee, Inc.)
MegaTrainer eXperience V1.2.1.3 (HKLM\...\MegaTrainer eXperience_is1) (Version:  - )
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Morrowind (HKLM\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Oblivion (HKLM\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Philips SPC620NC Webcam (HKLM\...\{5CA6F170-E18D-4B4C-8670-3ED096478C41}) (Version: 1.00.000 - Philips)
Philips VLounge (HKLM\...\{EA57A1B9-0DD2-44DD-9B70-64E8DA553F6F}) (Version:  - ArcSoft)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Remote Mouse version 2.56 (HKLM\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S.T.A.L.K.E.R. - Clear Sky [v1.0003] (HKLM\...\S.T.A.L.K.E.R. - Clear Sky_is1) (Version: 1.0003 - Deep Silver)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SBMAV Disk Cleaner 3 (HKLM\...\SBMAV Disk Cleaner_is1) (Version:  - SBMAV Software)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version:  - 5th Cell Media)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Web Plugin (HKLM\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Startup Booster v2.4 (HKLM\...\Startup Booster_is1) (Version: 2.4 - Smart PC Solutions)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{1AAE7ACD-816D-4982-A16B-4B724EBC1139}) (Version: 2.2.3.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TES Construction Set (HKLM\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Unity Web Player (HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Web Protect for Windows (HKLM\...\wp-adinject-adk) (Version: 10.0.0 - Web Protect) <==== ATTENTION
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.5.5 - Shark007)
Windows 7 Manager (HKLM\...\{EA027ED9-3A1E-426C-A8F1-D29B69C8E207}) (Version: 1.2.4 - Yamicsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Dilan\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Dilan\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Dilan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points  =========================

18-12-2014 13:10:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2011-12-27 23:20 - 00001052 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       static3.cdn.ubi.com
127.0.0.1       ubisoft-orbit.s3.amazonaws.com
127.0.0.1       onlineconfigservice.ubi.com
127.0.0.1       orbitservice.ubi.com
127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0287347F-A494-40A6-80A7-79332DD6FCDF} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2014-12-04] ()
Task: {09CB0658-D38A-429B-8689-FF55D3D736F1} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {209B2B82-0027-40A1-9A39-D184D960369D} - System32\Tasks\{36BFCFFA-0D1F-4AC9-BFA0-DB8E2A24399D} => D:\ds spiele 2011\assassino\AssassinsCreed_Launcher.exe [2008-02-22] (Ubisoft)
Task: {240AAF96-D29C-4A96-A93B-37C0975C1337} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {33B714B5-A3A0-4EDC-BE19-38C19AE6B87A} - System32\Tasks\{2C903AF0-4B97-4152-92F4-AD248E3C39DD} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {40AE8109-5676-4B67-A920-8149CBF4554A} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-10] (IObit)
Task: {42777146-01BD-4275-AF2E-8EE21B9B9589} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-17] (Adobe Systems Incorporated)
Task: {49A8D5A1-100A-4ACF-AA67-6397372ADC19} - System32\Tasks\{43494C23-39CF-4CB7-AE22-A9011C268D9C} => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {550A0356-ACC0-4AFB-8DDD-3FBC4345694B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2244397687-2994677012-3856678615-1007
Task: {60D5985A-52AC-40D2-8AA3-D805A78C9A27} - System32\Tasks\{4DBA4EFA-5763-471B-AEBE-4312DE7BB6F8} => D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe [2009-07-07] ()
Task: {61424186-3346-4140-80A8-C93CF4CD2489} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {78A06E16-66E1-4670-B681-6D1FACF285C1} - \OpenCandyHelperRunAA747FB84C99428893401EAD6DC44017 No Task File <==== ATTENTION
Task: {8EF48CA0-8074-4B72-A1F0-19606C512BD8} - System32\Tasks\ASC8_SkipUac_Dilan => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit)
Task: {9EEAEB29-1CAF-4506-83A3-C43A1D4EC9EB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {AB158445-097D-4E6D-A487-F37DE12E7F2B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B81CE756-FD0E-49D9-A7CD-7AA53D4D5E6A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D65BE0E9-D7A6-4A5A-A924-649EE8323671} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {FC8F0631-F614-4F0C-A14A-15745614A35D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Scan.job => C:\Program Files\IObit\Driver Booster\Scheduler.exe
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Dilan).job => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core.job => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA.job => C:\Users\Diyar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core.job => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA.job => C:\Users\Plan b\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core.job => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA.job => C:\Users\Dilan\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-04 20:08 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 8\sqlite3.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-04 21:21 - 2014-12-04 21:21 - 00801304 _____ () C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
2014-12-04 20:08 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-12-04 20:08 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-12-04 20:08 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-12-04 20:08 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-12-04 20:08 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
2014-12-17 19:53 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Malware Fighter\madExcept_.bpl
2014-12-17 19:53 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Malware Fighter\madBasic_.bpl
2014-12-17 19:53 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-12-17 19:53 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files\IObit\IObit Malware Fighter\WebUI.dll
2014-12-17 19:53 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2014-12-17 19:53 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files\IObit\IObit Malware Fighter\libcurl-4.dll
2014-12-17 19:53 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CC2DDA0D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install SafeKey IE RunOnce.lnk => C:\Windows\pss\Install SafeKey IE RunOnce.lnk.CommonStartup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2244397687-2994677012-3856678615-500 - Administrator - Disabled)
Dilan (S-1-5-21-2244397687-2994677012-3856678615-1007 - Administrator - Enabled) => C:\Users\Dilan
Diyar (S-1-5-21-2244397687-2994677012-3856678615-1001 - Limited - Enabled) => C:\Users\Diyar
Gast (S-1-5-21-2244397687-2994677012-3856678615-501 - Limited - Disabled) => C:\Users\Gast.Diyar-PC
HomeGroupUser$ (S-1-5-21-2244397687-2994677012-3856678615-1002 - Limited - Enabled)
Plan b (S-1-5-21-2244397687-2994677012-3856678615-1003 - Limited - Enabled) => C:\Users\Plan b
ümit (S-1-5-21-2244397687-2994677012-3856678615-1008 - Limited - Enabled) => C:\Users\ümit

==================== Faulty Device Manager Devices =============

Name: TSSTcorp DVD-ROM SH-D163B
Description: TSSTcorp DVD-ROM SH-D163B
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2014 00:33:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (12/17/2014 10:26:48 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 10:26:48 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 10:03:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.711, Zeitstempel: 0x542b53ec
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (12/17/2014 09:12:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Name des fehlerhaften Moduls: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000d9c3a
ID des fehlerhaften Prozesses: 0xa60
Startzeit der fehlerhaften Anwendung: 0xTombRaider.exe0
Pfad der fehlerhaften Anwendung: TombRaider.exe1
Pfad des fehlerhaften Moduls: TombRaider.exe2
Berichtskennung: TombRaider.exe3

Error: (12/17/2014 09:09:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.0.8.1, Zeitstempel: 0x546e4a58
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.0.8.1, Zeitstempel: 0x546e4a58
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008f796
ID des fehlerhaften Prozesses: 0x848
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3

Error: (12/17/2014 08:54:37 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files\Steam\steam.exe

Error: (12/17/2014 08:22:51 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 07:56:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {801d3d3d-75e3-476c-803d-17b5191ca3f6}


System errors:
=============
Error: (12/18/2014 03:19:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UrlFilter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1753

Error: (12/18/2014 03:18:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (12/18/2014 03:18:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (12/18/2014 03:18:31 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "MBAMWebAccessControl" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (12/18/2014 03:18:30 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "MBAMWebAccessControl" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (12/18/2014 03:17:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (12/18/2014 03:16:40 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (12/18/2014 00:35:52 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/18/2014 00:35:52 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/18/2014 00:33:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (12/18/2014 00:33:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425c6401d01ab629d5a9f3C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllb7a114e3-86a9-11e4-8325-001e8cb6cc4d

Error: (12/17/2014 10:26:48 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 10:26:48 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 10:03:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711542b53ecMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd3c01d01a3cc054cbd5C:\Program Files\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files\ Malwarebytes Anti-Malware \MSVCR100.dll14e58de8-8630-11e4-ab3a-001e8cb6cc4d

Error: (12/17/2014 09:12:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TombRaider.exe1.1.748.0519379a7TombRaider.exe1.1.748.0519379a7c0000005000d9c3aa6001d01a35bddc92f3C:\Program Files\Steam\steamapps\common\Tomb Raider\TombRaider.exeC:\Program Files\Steam\steamapps\common\Tomb Raider\TombRaider.exefba51a55-8628-11e4-ab3a-001e8cb6cc4d

Error: (12/17/2014 09:09:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.8.1546e4a58mbamservice.exe3.0.8.1546e4a58400000150008f79684801d01a31cec22843C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exeC:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exeab1ec27e-8628-11e4-ab3a-001e8cb6cc4d

Error: (12/17/2014 08:54:37 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files\Steam\steam.exe

Error: (12/17/2014 08:22:51 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/17/2014 07:56:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {801d3d3d-75e3-476c-803d-17b5191ca3f6}


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 93%
Total physical RAM: 2047.23 MB
Available physical RAM: 133.93 MB
Total Pagefile: 2047.23 MB
Available Pagefile: 141.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.55 GB) (Free:16.24 GB) NTFS
Drive d: () (Fixed) (Total:195.7 GB) (Free:24.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=139.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2014
Ran by Dilan (administrator) on DIYAR-PC on 18-12-2014 15:19:42
Running from C:\Users\Dilan\Desktop\Neuer Ordner\Neuer Ordner\Neuer Ordner
Loaded Profile: Dilan (Available profiles: Diyar & Plan b & Dilan & ümit & Gast)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\IObit\Game Booster 3\Autoupdate.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => TTIME
HKLM\...\Run: [VirtualCloneDrive] => N.EXE" /S
HKLM\...\Run: [HP Software Update] => FTWARE UPDATE\HPWUSCHD.EXE"
HKLM\...\Run: [HP Component Manager] => RETECH\HPCMPMGR.EXE"
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-12-17] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Run: [SmartRAM] => C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\RunOnce: [Adobe Speed Launcher] => 1418912295
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2244397687-2994677012-3856678615-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {192a6019-26d2-4611-aead-07cd7733b146} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2244397687-2994677012-3856678615-1007 -> {D3D2BF91-3DFC-4D43-9DB5-CBC0F1DFBE71} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE0D20140110&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2244397687-2994677012-3856678615-1007: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dilan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2244397687-2994677012-3856678615-1007: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dilan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Ads Removal - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\adremoveext@adremoveext.net [2014-12-18]
FF Extension: {10688ffe-50ac-46ae-a40c-b393e967575e} - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\{10688ffe-50ac-46ae-a40c-b393e967575e}.xpi [2014-12-13]
FF Extension: Adblock Plus - C:\Users\Dilan\AppData\Roaming\Mozilla\Firefox\Profiles\uj6owbww.default-1417512113460\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-13]

Chrome: 
=======
CHR Profile: C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-09-20]
CHR Extension: (Google Präsentationen) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (McAfee SafeKey) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Google-Suche) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Google Tabellen) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Google Mail) - C:\Users\Dilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR HKLM\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Diyar\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files\SafeKey\lpchrome.crx [2013-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 Origin Client Service; D:\origin\OriginClientService.exe [1900400 2014-12-01] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-01-30] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-12-17] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 65006428; C:\Windows\System32\DRIVERS\65006428.sys [133208 2013-08-30] (Kaspersky Lab ZAO)
R0 AFS; C:\Windows\system32\Drivers\AFS.sys [77004 2014-09-07] (Oak Technology Inc.) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2012-07-08] ()
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] () [File not signed]
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2008-12-13] () [File not signed]
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi_oem; C:\Windows\System32\DRIVERS\gan_adapter.sys [10664 2006-08-28] (Applied Networking Inc.) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-07-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
S3 nocashio; C:\Windows\System32\drivers\nocashio.sys [4096 2011-08-23] () [File not signed]
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [154752 2005-10-18] (PixArt Imaging Inc.)
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [89648 2009-10-20] (Philips Applied Technologies)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [28656 2014-12-17] (Synaptics Incorporated)
R3 SPC620; C:\Windows\System32\drivers\SPC620.sys [484352 2007-09-28] (Philips                                                     )
R3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [7680 2007-09-28] (Philips                                                     )
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2011-06-24] (Acronis)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 cpuz137; \??\C:\Users\Dilan\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U4 RDSessMgr; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-05-21 16:14 - 9514-05-21 16:27 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Apps\2.0
2099-05-21 16:14 - 2014-09-06 10:55 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Deployment
2014-12-18 12:40 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 21:02 - 2014-12-17 21:19 - 00006113 _____ () C:\Users\ümit\Documents\TombRaider.log
2014-12-17 20:57 - 2014-12-17 20:57 - 00000000 ____D () C:\Users\ümit\Documents\My Games
2014-12-17 20:56 - 2014-12-17 20:56 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\MotioninJoy
2014-12-17 20:52 - 2014-12-17 20:52 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\Macromedia
2014-12-17 20:48 - 2014-12-17 20:49 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\Origin
2014-12-17 20:48 - 2014-12-17 20:49 - 00000000 ____D () C:\Users\ümit\AppData\Local\Origin
2014-12-17 20:34 - 2014-12-18 15:16 - 00005558 _____ () C:\Windows\PFRO.log
2014-12-17 20:34 - 2014-12-17 20:44 - 00409800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-17 20:08 - 2014-12-18 15:19 - 00000000 ____D () C:\Users\Dilan\Desktop\Neuer Ordner
2014-12-17 20:05 - 2014-12-17 20:05 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-17 20:05 - 2014-12-17 20:04 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-17 20:04 - 2014-12-17 20:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-17 20:04 - 2014-12-17 20:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-17 20:04 - 2014-12-17 20:04 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-17 20:04 - 2014-12-17 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-17 20:02 - 2014-12-17 20:02 - 00719064 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2014-12-17 20:02 - 2014-12-17 20:02 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2014-12-17 20:02 - 2014-12-17 20:02 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2014-12-17 20:02 - 2014-12-17 20:02 - 00028656 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-12-17 20:02 - 2014-12-17 20:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-12-17 20:02 - 2014-12-17 20:02 - 00000000 ____D () C:\Program Files\Synaptics
2014-12-17 19:58 - 2014-12-17 19:58 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-12-17 19:57 - 2014-12-17 19:57 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-12-17 19:57 - 2014-12-17 19:57 - 03086040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-12-17 19:57 - 2014-12-17 19:57 - 02566872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-12-17 19:57 - 2014-12-17 19:57 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-12-17 19:57 - 2014-12-17 19:57 - 00916696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00214352 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXProc.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00078672 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXComm.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXSAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXHAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXDAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-12-17 19:57 - 2014-12-17 19:57 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-12-17 19:53 - 2014-12-17 19:53 - 00001135 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-12-17 19:53 - 2014-12-17 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-12-17 19:52 - 2014-12-17 20:06 - 00002096 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-17 19:52 - 2014-12-17 19:52 - 00000272 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-12-17 19:52 - 2014-12-17 19:52 - 00000270 _____ () C:\Windows\Tasks\Driver Booster Scan.job
2014-12-17 19:52 - 2014-12-17 19:52 - 00000236 _____ () C:\Windows\Tasks\Driver Booster SkipUAC (Dilan).job
2014-12-17 19:52 - 2014-12-17 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-17 19:49 - 2014-12-17 19:49 - 00000216 _____ () C:\Users\Dilan\Desktop\Scribblenauts Unlimited.url
2014-12-17 19:27 - 2014-12-17 19:27 - 00110064 _____ () C:\Users\Dilan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-17 19:23 - 2014-12-18 15:17 - 00001307 _____ () C:\Windows\setupact.log
2014-12-17 19:23 - 2014-12-17 19:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-17 12:47 - 2014-12-17 12:47 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-17 07:17 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-17 07:17 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-17 07:17 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-17 07:17 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-17 07:17 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-17 04:29 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-17 04:29 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-17 04:29 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-17 04:29 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-17 04:29 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-17 04:29 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-17 04:29 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-17 04:29 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-17 04:29 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-17 04:29 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-17 04:29 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-17 04:29 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-17 04:29 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-17 04:29 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-17 04:29 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-17 04:29 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-17 04:29 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-17 04:29 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-17 04:29 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-17 04:29 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-17 04:29 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-17 04:29 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-17 04:29 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-17 04:29 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-17 04:29 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-17 04:29 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-17 04:29 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-17 04:29 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-17 04:29 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-17 04:29 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-17 04:29 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-17 04:29 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-17 04:29 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-17 04:29 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-17 04:28 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-17 04:28 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-17 04:28 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-17 04:28 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-17 04:28 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-17 04:28 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-17 04:28 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-16 22:54 - 2014-12-17 16:44 - 00000000 ____D () C:\AdwCleaner
2014-12-16 22:53 - 2014-12-16 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-12-15 15:46 - 2014-12-15 15:46 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\WinBatch
2014-12-15 12:34 - 2014-12-15 13:32 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-14 15:57 - 2014-12-18 15:18 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-14 15:57 - 2014-12-14 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-14 15:57 - 2014-12-14 15:57 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-12-14 15:57 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-14 15:57 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-14 15:57 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-14 15:37 - 2014-12-18 15:19 - 00000000 ____D () C:\FRST
2014-12-14 13:43 - 2014-12-14 13:43 - 00000000 __SHD () C:\Users\Diyar\AppData\Local\EmieBrowserModeList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieUserList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieSiteList
2014-12-13 23:57 - 2014-12-13 23:57 - 00000000 __SHD () C:\Users\ümit\AppData\Local\EmieBrowserModeList
2014-12-13 23:44 - 2014-12-17 20:45 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\IObit
2014-12-13 23:44 - 2014-12-14 16:42 - 00000000 ____D () C:\Users\ümit
2014-12-13 23:44 - 2014-12-13 23:44 - 00110064 _____ () C:\Users\ümit\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 23:44 - 2014-12-13 23:44 - 00001425 _____ () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-13 23:44 - 2014-12-13 23:44 - 00000482 __RSH () C:\Users\ümit\ntuser.pol
2014-12-13 23:44 - 2014-12-13 23:44 - 00000020 ___SH () C:\Users\ümit\ntuser.ini
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Startmenü
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Netzwerkumgebung
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Druckumgebung
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Documents\Eigene Musik
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\Documents\Eigene Bilder
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 _SHDL () C:\Users\ümit\AppData\Local\Verlauf
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\ATI
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Roaming\Adobe
2014-12-13 23:44 - 2014-12-13 23:44 - 00000000 ____D () C:\Users\ümit\AppData\Local\ATI
2014-12-13 23:44 - 2012-04-11 23:59 - 00000000 ____D () C:\Users\ümit\AppData\Local\Microsoft Help
2014-12-13 23:44 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-13 23:44 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\ümit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-13 22:00 - 2014-12-13 22:00 - 29741056 _____ () C:\Windows\system32\config\components.iobit
2014-12-13 21:53 - 2014-12-13 21:53 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\ProductData
2014-12-13 20:16 - 2014-12-13 20:16 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\TuneUp Software
2014-12-13 20:10 - 2014-12-13 20:10 - 00000000 ____D () C:\Users\Plan b\AppData\Roaming\IObit
2014-12-13 18:42 - 2014-12-13 18:42 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\TuneUp Software
2014-12-13 18:38 - 2014-12-13 18:38 - 00004616 _____ () C:\Windows\system32\LavasoftTcpService.ini
2014-12-13 18:38 - 2014-12-13 18:38 - 00002448 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-12-13 18:37 - 2014-11-27 10:44 - 00312424 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2014-12-13 18:36 - 2014-12-13 18:36 - 00001288 _____ () C:\Users\Dilan\Desktop\Cloned Files Scanner.lnk
2014-12-10 16:59 - 2014-12-10 17:59 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-12-09 19:00 - 2014-12-09 19:00 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\ProductData
2014-12-09 18:59 - 2014-12-09 18:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2014-12-09 18:59 - 2014-12-09 18:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2014-12-08 22:53 - 2014-12-08 22:54 - 00880784 _____ (Google Inc.) C:\Users\Diyar\Downloads\ChromeSetup.exe
2014-12-08 22:51 - 2014-12-08 22:51 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Macromedia
2014-12-08 22:50 - 2014-12-08 22:57 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\IObit
2014-12-08 22:17 - 2014-12-09 22:35 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007UA.job
2014-12-08 22:17 - 2014-12-09 22:35 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1007Core.job
2014-12-08 22:17 - 2014-12-08 22:18 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Facebook
2014-12-08 22:17 - 2014-12-08 22:17 - 00501248 _____ (Facebook Inc.) C:\Users\Dilan\Downloads\FacebookVideoCallSetup_v1.2.205.0(1).exe
2014-12-07 14:53 - 2014-12-07 14:53 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(3).msi
2014-12-07 14:49 - 2014-12-07 14:49 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(2).msi
2014-12-07 14:08 - 2014-12-02 10:27 - 00000216 _____ () C:\Users\Dilan\Desktop\Tomb Raider.url
2014-12-06 21:18 - 2014-12-06 21:18 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed(2).zip
2014-12-06 21:09 - 2014-12-06 21:09 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:18 - 00001080 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-12-06 21:08 - 2014-12-06 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:18 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-12-06 21:08 - 2014-12-06 21:08 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed(1).zip
2014-12-06 21:08 - 2011-12-07 19:42 - 00255496 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2014-12-06 20:31 - 2012-05-12 12:31 - 00099400 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2014-12-06 20:30 - 2014-12-06 20:30 - 04117346 _____ () C:\Users\Dilan\Downloads\MotioninJoy_071001_signed.zip
2014-12-06 20:29 - 2014-12-06 20:29 - 01174352 _____ () C:\Users\Dilan\Downloads\MotioninJoy - CHIP-Installer.exe
2014-12-06 20:25 - 2014-12-06 20:26 - 00000000 ____D () C:\Users\Dilan\AppData\Local\BetterDS3
2014-12-06 20:24 - 2014-12-06 20:24 - 00759932 _____ () C:\Users\Dilan\Downloads\BetterDS3_1.5.3.zip
2014-12-06 20:23 - 2014-12-06 20:23 - 01174352 _____ () C:\Users\Dilan\Downloads\Better DS3 - CHIP-Installer.exe
2014-12-06 20:19 - 2014-12-06 20:19 - 04115757 _____ () C:\Users\Dilan\Downloads\MotioninJoy_070000_signed.zip
2014-12-06 20:04 - 2014-12-06 20:04 - 00804491 _____ () C:\Users\Dilan\Downloads\x360ce.App-2.1.2.191.zip
2014-12-06 19:53 - 2014-12-06 19:53 - 00000000 ____D () C:\Program Files\VID_0E8F&PID_3075
2014-12-06 19:52 - 2014-12-06 19:52 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\InstallShield
2014-12-05 12:29 - 2014-12-05 12:29 - 61407232 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00368640 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00098304 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-12-05 12:29 - 2014-12-05 12:29 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-12-04 21:34 - 2014-12-04 21:34 - 00001216 _____ () C:\Users\Dilan\Desktop\Smart RAM.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00001144 _____ () C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00001132 _____ () C:\Users\Public\Desktop\Game Booster 3.lnk
2014-12-04 21:21 - 2014-12-04 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2014-12-04 21:02 - 2014-12-13 22:00 - 61423616 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00372736 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-12-04 21:02 - 2014-12-13 22:00 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-12-04 21:02 - 2014-10-16 10:27 - 00024352 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-12-04 20:10 - 2014-12-04 20:10 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\ProductData
2014-12-04 20:08 - 2014-12-17 19:53 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\IObit
2014-12-04 20:08 - 2014-12-17 19:53 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-04 20:08 - 2014-12-17 19:53 - 00000000 ____D () C:\Program Files\IObit
2014-12-04 20:08 - 2014-12-17 19:52 - 00000000 ____D () C:\ProgramData\IObit
2014-12-04 20:08 - 2014-12-16 22:52 - 00002131 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-04 20:08 - 2014-12-04 20:08 - 00000000 ____D () C:\Program Files\Common Files\IObit
2014-12-04 20:06 - 2014-12-04 20:07 - 43183800 _____ (IObit ) C:\Users\Dilan\Downloads\advanced-systemcare-setup_v8.0.3.exe
2014-12-03 19:04 - 2014-12-03 19:04 - 01174352 _____ () C:\Users\Dilan\Downloads\Wise Registry Cleaner - CHIP-Installer.exe
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Plan b\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Gast.Diyar-PC\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Diyar\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:26 - 2014-12-03 18:26 - 00002247 _____ () C:\Users\Dilan\Desktop\Skyrim (SKSE).lnk
2014-12-03 18:25 - 2014-12-03 18:25 - 00313875 _____ () C:\Users\Dilan\Downloads\skse_1_07_01_installer.exe
2014-12-03 08:42 - 2014-12-03 08:42 - 00394347 _____ (Ray Siegl ) C:\Users\Dilan\Downloads\ram_clean_tool_setup.exe
2014-12-02 19:45 - 2014-12-02 19:45 - 00000000 ____D () C:\Windows\pss
2014-12-02 15:43 - 2014-12-17 22:26 - 00008089 _____ () C:\Users\Dilan\Documents\TombRaider.log
2014-12-02 10:10 - 2014-12-02 10:10 - 00250760 _____ () C:\Users\Dilan\Documents\ts3_clientui-win32-1407159763-2014-12-02 10_10_29.027026.dmp
2014-11-30 15:28 - 2014-12-04 22:34 - 00007609 _____ () C:\Users\Dilan\AppData\Local\Resmon.ResmonCfg
2014-11-30 15:12 - 2011-11-11 07:48 - 00002940 _____ () C:\Users\Dilan\Desktop\SkyrimPrefs.ini
2014-11-30 15:11 - 2014-11-30 15:12 - 00000000 ____D () C:\Users\Dilan\Desktop\Saves
2014-11-30 12:13 - 2014-11-30 12:13 - 00000000 ____D () C:\ProgramData\ATI
2014-11-30 12:12 - 2014-11-30 12:12 - 00000000 ____D () C:\ProgramData\AMD
2014-11-30 12:12 - 2014-11-30 12:12 - 00000000 ____D () C:\Program Files\AMD AVT
2014-11-30 12:11 - 2014-11-30 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-30 12:05 - 2014-11-30 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\ATI
2014-11-30 12:05 - 2014-11-30 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Local\ATI
2014-11-30 12:04 - 2014-11-30 12:04 - 00000000 ____D () C:\Program Files\AMD
2014-11-30 11:59 - 2014-11-30 11:59 - 00000000 ____D () C:\AMD
2014-11-30 11:52 - 2014-11-30 11:52 - 00891224 _____ (AMD) C:\Users\Dilan\Downloads\amddriverdownloader.exe
2014-11-30 10:50 - 2014-12-02 10:08 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\TS3Client
2014-11-30 10:50 - 2014-11-30 10:50 - 00001211 _____ () C:\Users\Dilan\Desktop\TeamSpeak 3 Client.lnk
2014-11-30 10:50 - 2014-11-30 10:50 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-11-30 10:49 - 2014-11-30 10:50 - 00000000 ____D () C:\Users\Dilan\AppData\Local\TeamSpeak 3 Client
2014-11-30 10:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-11-30 10:48 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-11-30 10:46 - 2014-11-30 10:47 - 01174352 _____ () C:\Users\Dilan\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-11-30 10:30 - 2014-11-30 10:30 - 00651264 _____ () C:\Users\Dilan\Downloads\Detection(1).msi
2014-11-30 10:29 - 2014-12-17 21:27 - 00000000 ____D () C:\Program Files\Steam
2014-11-30 10:29 - 2014-11-30 10:29 - 01142392 _____ () C:\Users\Dilan\Downloads\SteamSetup.exe
2014-11-30 10:29 - 2014-11-30 10:29 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-11-30 10:29 - 2014-11-30 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 13:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-26 13:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-26 13:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-26 13:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-26 13:35 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-26 13:35 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-26 13:35 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-26 13:34 - 2014-11-30 15:15 - 00000000 ____D () C:\Users\Dilan\Documents\My Games
2014-11-26 13:34 - 2014-11-30 15:01 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Skyrim
2014-11-26 13:34 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-26 13:34 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-26 13:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-26 13:32 - 2014-11-26 13:32 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Unity
2014-11-26 13:31 - 2014-12-17 20:34 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Unity
2014-11-26 13:30 - 2014-11-26 13:30 - 01081992 _____ (Unity Technologies ApS) C:\Users\Dilan\Downloads\UnityWebPlayer.exe
2014-11-21 14:24 - 2014-11-21 14:24 - 00000000 __SHD () C:\Users\Dilan\AppData\Local\EmieBrowserModeList
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-05-21 16:21 - 2011-11-11 14:02 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-18 15:24 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 15:24 - 2009-07-14 05:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 15:23 - 2011-06-24 15:55 - 01592537 _____ () C:\Windows\WindowsUpdate.log
2014-12-18 15:17 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 12:59 - 2014-10-02 16:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-18 12:27 - 2014-09-20 13:53 - 00000000 ____D () C:\Program Files\Avira
2014-12-17 21:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-17 21:25 - 2014-09-20 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-17 21:25 - 2012-10-06 23:41 - 00000000 ____D () C:\ProgramData\Avira
2014-12-17 20:54 - 2011-12-03 18:06 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-17 20:48 - 2014-10-09 20:22 - 00000000 ____D () C:\ProgramData\Origin
2014-12-17 20:44 - 2014-09-01 20:13 - 00000442 __RSH () C:\ProgramData\ntuser.pol
2014-12-17 20:06 - 2013-01-09 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-17 20:06 - 2013-01-09 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-17 20:06 - 2012-01-03 00:57 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-12-17 20:06 - 2012-01-03 00:57 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-12-17 20:06 - 2012-01-03 00:57 - 00000000 ____D () C:\Program Files\OpenAL
2014-12-17 20:05 - 2011-10-16 10:39 - 00000000 ____D () C:\Windows\system32\Adobe
2014-12-17 19:58 - 2011-06-24 18:19 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-12-17 19:48 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-17 16:45 - 2011-08-21 22:55 - 00000000 ____D () C:\Windows\Philips
2014-12-17 12:48 - 2014-05-22 12:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-17 12:48 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-17 12:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-17 07:18 - 2011-06-24 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-17 07:14 - 2014-01-02 03:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-17 07:14 - 2014-01-01 11:43 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-12-17 07:10 - 2011-06-24 18:35 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-17 07:06 - 2011-12-29 23:30 - 00000000 ____D () C:\Program Files\SpeedFan
2014-12-16 23:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-12-16 23:11 - 2014-09-13 11:54 - 00000000 ____D () C:\Users\Dilan
2014-12-14 16:52 - 2012-05-28 00:02 - 00000000 ____D () C:\ProgramData\InstallMate
2014-12-14 16:42 - 2014-09-12 19:57 - 00000000 ____D () C:\Users\Gast.Diyar-PC
2014-12-14 15:37 - 2011-06-24 16:03 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 14:04 - 2012-05-27 19:11 - 00000000 ____D () C:\Users\Plan b\Tracing
2014-12-14 13:48 - 2011-10-22 10:57 - 00000000 ____D () C:\Users\Plan b
2014-12-14 13:41 - 2011-06-24 15:58 - 00000000 ____D () C:\Users\Diyar
2014-12-14 11:08 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-13 23:43 - 2013-02-02 12:02 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-12-13 22:20 - 2011-06-24 16:48 - 00000000 ____D () C:\Windows\Panther
2014-12-13 20:42 - 2014-09-20 18:48 - 00000000 ____D () C:\Users\Dilan\AppData\Local\Microsoft Games
2014-12-13 18:50 - 2014-09-05 14:34 - 00000000 ____D () C:\Program Files\GUM3AEE.tmp
2014-12-13 18:50 - 2012-01-19 16:51 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Oblivion
2014-12-13 18:50 - 2011-12-29 20:43 - 00000000 ____D () C:\Users\Plan b\AppData\Local\Skyrim
2014-12-13 18:49 - 2014-09-20 17:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-13 18:49 - 2014-09-09 16:41 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Gameo
2014-12-09 19:50 - 2014-09-06 11:08 - 00000000 ____D () C:\Users\Diyar\Desktop\Unused Shortcut(CU)
2014-12-09 19:50 - 2012-01-15 23:12 - 00000000 ____D () C:\Program Files\Prince of Persia
2014-12-09 19:50 - 2011-12-09 17:27 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-09 19:50 - 2011-11-11 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
2014-12-09 19:50 - 2011-08-01 10:21 - 00000000 ____D () C:\Users\Diyar\Desktop\Ümit
2014-12-09 19:09 - 2013-04-11 19:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 19:02 - 2014-05-21 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 19:00 - 2012-05-23 18:29 - 00000000 ____D () C:\Users\Diyar\AppData\Roaming\Skype
2014-12-09 13:58 - 2014-09-20 13:53 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-09 13:58 - 2014-09-20 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-09 12:18 - 2012-01-09 22:37 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-09 12:16 - 2011-06-24 18:50 - 00000000 ____D () C:\Program Files\Windows Live
2014-12-09 12:14 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-08 23:01 - 2011-11-11 14:02 - 00000000 ____D () C:\Users\Diyar\AppData\Local\PMB Files
2014-12-08 22:59 - 2011-06-24 16:05 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Google
2014-12-08 22:51 - 2012-04-21 16:13 - 00000000 ____D () C:\Users\Diyar\AppData\Local\Akamai
2014-12-07 17:13 - 2013-09-23 16:24 - 00000000 ____D () C:\Program Files\SafeKey
2014-12-07 14:53 - 2011-10-21 17:40 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-12-06 19:53 - 2011-08-21 22:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-06 11:04 - 2013-07-14 14:36 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003UA.job
2014-12-06 11:04 - 2013-07-14 14:36 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1003Core.job
2014-12-06 11:04 - 2011-10-19 19:00 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001UA.job
2014-12-06 11:04 - 2011-10-19 19:00 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2244397687-2994677012-3856678615-1001Core.job
2014-12-04 22:29 - 2013-05-13 14:26 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-12-04 22:29 - 2013-05-13 14:26 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-12-04 22:17 - 2013-02-09 09:44 - 00000000 ____D () C:\Fraps
2014-12-04 21:38 - 2012-01-02 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC2 server emulator
2014-12-04 21:38 - 2011-06-24 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SBMAV Disk Cleaner
2014-12-04 20:09 - 2014-09-13 12:05 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Apple Computer
2014-12-03 19:14 - 2009-07-14 03:03 - 64487424 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-03 19:14 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-03 13:24 - 2011-12-19 15:11 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-12-01 18:05 - 2014-10-09 20:25 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\Origin
2014-12-01 18:05 - 2014-10-09 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-30 15:21 - 2011-07-30 18:36 - 00000000 ____D () C:\Program Files\Google
2014-11-30 12:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-30 12:10 - 2013-01-31 16:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-26 13:57 - 2011-06-24 16:14 - 00110064 _____ () C:\Users\Diyar\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-26 13:43 - 2014-11-17 21:43 - 00000000 ____D () C:\Users\Dilan\AppData\Roaming\.minecraft
2014-11-21 21:03 - 2012-10-08 13:10 - 00000000 ____D () C:\Users\Plan b\AppData\Local\Google
2014-11-21 12:25 - 2012-04-01 17:20 - 00110064 _____ () C:\Users\Plan b\AppData\Local\GDIPFONTCACHEV1.DAT

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2244397687-2994677012-3856678615-1001\$9f114d5ed76ce9597dec2519af199e16

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$9f114d5ed76ce9597dec2519af199e16

Files to move or delete:
====================
C:\Users\Diyar\GeoGebra-Windows-Installer-3-2-46-0.exe
C:\Users\Diyar\PhotoScapeSetup_V3.5.exe


Some content of TEMP:
====================
C:\Users\Dilan\AppData\Local\Temp\avgnt.exe
C:\Users\Dilan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dilan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Dilan\AppData\Local\Temp\sqlite3.dll
C:\Users\Diyar\AppData\Local\Temp\avgnt.exe
C:\Users\Plan b\AppData\Local\Temp\avgnt.exe
C:\Users\ümit\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-04-18 18:20

==================== End Of Log ============================
         
--- --- ---

Alt 18.12.2014, 21:28   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Pc keine Verbindung obwohl es unten angezeigt wird - Standard

Pc keine Verbindung obwohl es unten angezeigt wird



http://www.trojaner-board.de/161821-...ml#post1397051
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Pc keine Verbindung obwohl es unten angezeigt wird
aktiviere, aktivieren, angezeigt, bluescreen 0x80070005, deletead entfernen, fehlercode 0x40000015, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 28, fehlercode windows, funktionier, funktioniert, keine ahnung, keine verbindung, laufwerk, mypc backup entfernen, probleme, runtergeladen, sw-booster entfernen, sw-sustainer 1.80 entfernen, verbindet, verbindung, verbunden, web protect for windows entfernen




Ähnliche Themen: Pc keine Verbindung obwohl es unten angezeigt wird


  1. Firefox lässt sich nicht mehr starten, obwohl in Taskmanager angezeigt
    Plagegeister aller Art und deren Bekämpfung - 24.09.2015 (3)
  2. Ts abstürze/ Internet hat keine Verbindung obwohl sie mir angezeigt wird/ Laden von seiten hat fehler
    Plagegeister aller Art und deren Bekämpfung - 24.04.2015 (28)
  3. Keine einzige Internetseite wird geöffnet trotz Verbindung
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (5)
  4. WIN 7 Professional Antivir kann keine Verbindung herstellen obwohl I-Net funtzt.
    Log-Analyse und Auswertung - 09.12.2014 (2)
  5. Windows 7 : Keine Netzwerkverbindung - Icon wird angezeigt, jedoch funzt Internet ohne Probleme
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (3)
  6. Frage zu einer Verbindung die in Sysinternals TCPView angezeigt wird
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (1)
  7. Keine Verbindung Zum WLAN-Router obwohl verbindung lt Meldung hergestellt
    Plagegeister aller Art und deren Bekämpfung - 31.12.2012 (0)
  8. Modemrouter wird nicht erkannt, keine LAN Verbindung möglich, garnichts geht!
    Netzwerk und Hardware - 18.08.2012 (3)
  9. Verbindung zu allen Antivirusseiten blokiert. Verbindung über Nokiamodem wird versucht
    Log-Analyse und Auswertung - 16.07.2012 (5)
  10. Trojaner "Es besteht keine Internetverbindung" - "REATOGO X-PE Desktop" wird nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (19)
  11. Passwort wird als Falsch angezeigt obwohl zu 120% richtig
    Plagegeister aller Art und deren Bekämpfung - 14.02.2010 (2)
  12. Lan verbindung wird nicht angezeigt
    Alles rund um Windows - 22.11.2009 (7)
  13. Keine Verbindung zum I-net obwohl Verbindung angezeigt wird
    Netzwerk und Hardware - 23.07.2008 (1)
  14. Lan verbindung wird nicht angezeigt
    Netzwerk und Hardware - 20.09.2007 (12)
  15. DSL Verbindung superlangsam, teilweise werden keine Seiten angezeigt.
    Log-Analyse und Auswertung - 07.08.2007 (6)
  16. Verbindung wird immer getrennt und eine Verbindung taucht unter den DÜF-Verbindungen
    Plagegeister aller Art und deren Bekämpfung - 09.07.2006 (24)
  17. Programme im Startmenü und rechts unten un der Taskleiste werden nicht mehr angezeigt
    Log-Analyse und Auswertung - 01.02.2005 (4)

Zum Thema Pc keine Verbindung obwohl es unten angezeigt wird - Also ich habe keine Ahnung wieso aber mein pc verbindet sich nicht mit dem Internet bzw unten steht er ist verbunden aber steam und Origin sagen was anderes und die - Pc keine Verbindung obwohl es unten angezeigt wird...
Archiv
Du betrachtest: Pc keine Verbindung obwohl es unten angezeigt wird auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.