Windows 7 x64, Avast blockiert im sekundentakt werbung, Google chrome erweiterung "Unisiallees" unbekannt nicht löschbar

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
Ran by ****** at 2015-01-18 18:38:25
Running from C:\Users\******\Desktop\asd\Virus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{3F8DFDBD-2821-4193-9B41-2EB0B0677096}) (Version: 12.1.5.155 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FileZilla Client 3.10.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\{7335F348-64B4-3072-97D9-A1A55029C59C}) (Version: 66.30.49251 - Google, Inc.)
Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
hide.me VPN Version 1.0.5 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.0.5 - eVenture Limited)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
K-Lite Mega Codec Pack 10.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Predator (HKLM\...\{017B444A-4C86-43AC-A9A8-D3C99143E073}) (Version: 3 - Predator-Usb)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.41 - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.11 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-01-2015 13:09:42 Geplanter Prüfpunkt
13-01-2015 20:45:44 Installiert Atheros Communications Inc.(R) AR8121/AR8113/AR8114 •b
13-01-2015 20:46:25 Installiert TurboV
13-01-2015 20:46:45 Installiert Turbo Key
13-01-2015 20:47:05 Installiert JMicron JMB36X Driver
14-01-2015 18:17:18 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523
14-01-2015 18:18:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830
14-01-2015 18:18:48 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 18:19:56 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523
14-01-2015 18:20:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830
14-01-2015 18:21:14 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
14-01-2015 18:21:30 Microsoft .NET Framework 4.5.2 wird installiert
14-01-2015 18:24:46 Installed Adobe Shockwave Player 12.1.
14-01-2015 19:43:57 Installed Microsoft Office Professional Plus 2010
14-01-2015 19:53:45 Windows Update
14-01-2015 20:10:14 avast! antivirus system restore point
14-01-2015 20:32:13 Installed NetSpeedMonitor 2.5.4.0 x64
14-01-2015 20:45:50 Gerätetreiber-Paketinstallation: CREATIVE Audio-, Video- und Gamecontroller
14-01-2015 20:47:09 Installiert Creative Audio Control Panel
14-01-2015 20:48:06 Installiert Host OpenAL
14-01-2015 20:49:10 Installiert Creative Software AutoUpdate
14-01-2015 20:54:14 Entfernt Turbo Key
14-01-2015 21:15:22 avast! antivirus system restore point
14-01-2015 21:17:53 TrueCrypt installation
14-01-2015 21:23:41 Installed Shutdown Timer.
14-01-2015 21:26:12 Installed NetSpeedMonitor 2.5.4.0 x64
14-01-2015 21:45:11 Windows-Sicherung
14-01-2015 21:52:17 Windows Update
14-01-2015 23:00:13 Windows-Sicherung
14-01-2015 23:14:43 avast! antivirus system restore point
14-01-2015 23:18:34 avast! antivirus system restore point
14-01-2015 23:21:34 Installiert Creative ALchemy
14-01-2015 23:21:34 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
14-01-2015 23:31:22 Installiert WaveStudio 7
14-01-2015 23:38:34 Installiert Creative MediaSource 5
14-01-2015 23:43:26 Windows Update
14-01-2015 23:44:54 Windows-Sicherung
15-01-2015 22:39:18 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte
15-01-2015 23:00:12 Windows-Sicherung
15-01-2015 23:47:29 Windows Update
16-01-2015 03:24:31 Installiert Creative Audio Control Panel
16-01-2015 03:26:59 Installiert Creative Software AutoUpdate
16-01-2015 21:24:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
16-01-2015 21:24:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
16-01-2015 21:27:47 Installed AlienFX for IskuFX
16-01-2015 21:30:28 Installed Roccat Talk.
16-01-2015 22:13:08 Windows Update
16-01-2015 22:29:32 Windows-Sicherung
17-01-2015 01:01:15 Windows Update
17-01-2015 03:00:13 Windows Update
17-01-2015 14:58:48 Windows Update
17-01-2015 15:50:25 Windows-Sicherung
17-01-2015 23:00:24 Windows-Sicherung
17-01-2015 23:08:10 Installed Predator
18-01-2015 16:55:51 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12F30C65-0AA3-4A4C-8C24-C0C79BA6E54F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)
Task: {15BF55AB-7E4C-4581-9B0D-691DEC546558} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {242B32BA-A1BC-4A2F-9093-4225B64F566A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {27D299EE-CF30-4C80-8B83-235E2FB6E9D4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5CDB2F97-4CFD-4F21-83FB-B26858D9B956} - System32\Tasks\avast! Emergency Update => D:\Programme\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-14] (AVAST Software)
Task: {62B75E10-6EDF-4070-913D-E229064EF534} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2014-11-26] ()
Task: {7713E833-DEB1-4FA7-A978-BD14283E98CF} - System32\Tasks\Uninstaller_SkipUac_****** => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-15] (IObit)
Task: {794E75A2-47CD-4901-BE97-A650C670337D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)
Task: {8060A676-B217-46C3-804A-6A993EDED77B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {AD89D119-1021-4CC8-A638-69FA61D49635} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-15] (Adobe Systems Incorporated)
Task: {FDE8242F-5AE5-4BEE-8C92-05E6BF2F43FE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-01-16] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-14 21:52 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-13 20:46 - 2009-04-02 05:27 - 00090112 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-14 19:18 - 2012-01-29 16:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2015-01-14 19:18 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-01-14 23:20 - 2015-01-14 23:20 - 00388208 _____ () D:\Programme\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-14 23:20 - 2015-01-14 23:20 - 05851328 _____ () D:\Programme\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-13 20:46 - 2009-05-25 14:56 - 05391872 _____ () C:\Program Files\ASUS\TurboV\TurboV.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-01-14 20:01 - 2014-12-12 19:00 - 00289792 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\libbluray.dll
2015-01-14 20:01 - 2014-12-12 19:00 - 04374016 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax
2015-01-14 20:01 - 2014-12-12 19:00 - 00156672 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ff_libmad.dll
2015-01-18 18:30 - 2014-08-06 02:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2015-01-18 18:27 - 2015-01-18 18:27 - 00050477 _____ () C:\Users\******\Desktop\asd\Virus\Defogger.exe
2015-01-18 14:37 - 2015-01-18 14:37 - 02911744 _____ () D:\Programme\AVAST Software\Avast\defs\15011800\algo.dll
2015-01-14 23:20 - 2015-01-14 23:20 - 04495336 _____ () D:\Programme\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-13 20:46 - 2008-12-10 20:27 - 00565248 _____ () C:\Program Files\ASUS\TurboV\pngio.dll
2015-01-13 20:46 - 2009-04-29 12:47 - 01296896 _____ () C:\Program Files\ASUS\TurboV\OcProfile.dll
2015-01-13 20:46 - 2008-12-15 20:01 - 00131072 _____ () C:\Program Files\ASUS\TurboV\TVOCLIB.DLL
2015-01-14 20:46 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2015-01-14 20:46 - 2009-07-10 09:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2015-01-14 23:20 - 2015-01-14 23:20 - 38562088 _____ () D:\Programme\AVAST Software\Avast\libcef.dll
2015-01-16 21:28 - 2012-07-08 16:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2015-01-18 18:07 - 2015-01-18 18:07 - 00098816 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32api.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00110080 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\pywintypes27.dll
2015-01-18 18:07 - 2015-01-18 18:07 - 00364544 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\pythoncom27.dll
2015-01-18 18:07 - 2015-01-18 18:07 - 00045568 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_socket.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 01160704 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_ssl.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00320512 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32com.shell.shell.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00713216 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_hashlib.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 01175040 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._core_.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00805888 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._gdi_.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00811008 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._windows_.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 01062400 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._controls_.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00735232 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._misc_.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00557056 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\pysqlite2._sqlite.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00128512 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_elementtree.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00127488 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\pyexpat.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00087552 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_ctypes.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00119808 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32file.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00108544 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32security.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00007168 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\hashobjs_ext.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00167936 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32gui.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00018432 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32event.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00038912 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32inet.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00011264 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32crypt.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00070656 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._html2.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00027136 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\_multiprocessing.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00035840 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32process.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00686080 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\unicodedata.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00122368 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._wizard.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00024064 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32pipe.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00025600 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32pdh.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00525640 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\windows._lib_cacheinvalidation.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00010240 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\select.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00017408 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32profile.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00022528 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\win32ts.pyd
2015-01-18 18:07 - 2015-01-18 18:07 - 00078336 _____ () C:\Users\******\AppData\Local\Temp\_MEI42562\wx._animate.pyd
2015-01-12 20:29 - 2015-01-12 20:29 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-01-14 19:15 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-14 19:15 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-14 19:15 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-14 19:15 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1219279322-168543990-30239230-500 - Administrator - Disabled)
Gast (S-1-5-21-1219279322-168543990-30239230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1219279322-168543990-30239230-1002 - Limited - Enabled)
****** (S-1-5-21-1219279322-168543990-30239230-1000 - Administrator - Enabled) => C:\Users\******

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 06:08:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TeamViewer.exe, Version: 10.0.36897.0, Zeitstempel: 0x548ec51c
Name des fehlerhaften Moduls: TeamViewer.exe, Version: 10.0.36897.0, Zeitstempel: 0x548ec51c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x006c1900
ID des fehlerhaften Prozesses: 0x1024
Startzeit der fehlerhaften Anwendung: 0xTeamViewer.exe0
Pfad der fehlerhaften Anwendung: TeamViewer.exe1
Pfad des fehlerhaften Moduls: TeamViewer.exe2
Berichtskennung: TeamViewer.exe3

Error: (01/18/2015 06:07:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 05:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 04:55:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Update Cyti Web since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (01/18/2015 03:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 02:04:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/18/2015 01:34:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 11:17:13 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 220. Meldungs-ID: [0x2509].

Error: (01/17/2015 11:15:00 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3624. Meldungs-ID: [0x2509].

Error: (01/17/2015 11:09:26 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"


System errors:
=============
Error: (01/18/2015 06:04:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (01/18/2015 05:42:50 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{50732F59-B11A-418E-A43B-A4B3E4CC990A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/18/2015 03:33:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{50732F59-B11A-418E-A43B-A4B3E4CC990A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/18/2015 03:31:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Cyti Web" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/18/2015 03:04:24 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{50732F59-B11A-418E-A43B-A4B3E4CC990A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/18/2015 01:36:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/18/2015 01:33:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Cyti Web" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/18/2015 00:02:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/17/2015 11:00:14 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{ED472924-4AAF-4566-8E6A-86D292058D5B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/17/2015 11:00:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {46986115-84D6-459C-8F95-52DD653E532E}


Microsoft Office Sessions:
=========================
Error: (01/18/2015 06:08:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TeamViewer.exe10.0.36897.0548ec51cTeamViewer.exe10.0.36897.0548ec51cc0000005006c1900102401d0334138f5c9cbC:\Program Files (x86)\TeamViewer\TeamViewer.exeC:\Program Files (x86)\TeamViewer\TeamViewer.exe94cdd158-9f34-11e4-9bcd-90e6baa39537

Error: (01/18/2015 06:07:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 05:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 04:55:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Update Cyti Web since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (01/18/2015 03:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 02:04:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (01/18/2015 01:34:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 11:17:13 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 220. Meldungs-ID: [0x2509].

Error: (01/17/2015 11:15:00 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3624. Meldungs-ID: [0x2509].

Error: (01/17/2015 11:09:26 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 33%
Total physical RAM: 8191.05 MB
Available physical RAM: 5487.34 MB
Total Pagefile: 16380.29 MB
Available Pagefile: 13252.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:210 GB) (Free:46.73 GB) NTFS
Drive d: () (Fixed) (Total:631.41 GB) (Free:625.51 GB) NTFS
Drive f: (Save) (Fixed) (Total:232.79 GB) (Free:90.24 GB) NTFS
Drive h: (LOCK) (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5432A7AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=210 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=631.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 415D13E6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 988 MB) (Disk ID: 6E652072)
No partition Table on disk 2.

==================== End Of Log ============================
         

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:35 on 18/01/2015 (Martin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-