Windows 7: TheHDvid-Codec V10 von Streaming Seite

Troja25 · 21.01.2015, 23:44

Hallo

Ich habe dummerweise den HDvidCodec v10 Virus von Movie2k.tl geholt. Ich habe kein AntiVirus installiert, seit dem ausführen des Addons in Chrome, ist der Computer langsamer, es erscheinen wild Werbungen und Seiten beim Surfen und es gab einen Bluescreen. Ich habe versucht alle Informationen wie hier beschrieben zusammenzustellen. Mit entfernen von Viren habe ich keine Erfahrung, bin aber offen zu lernen

Vielen Dank Troja25

Bootsektor · 22.01.2015, 00:27

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Wieso hast du denn kein AV?

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Troja25 · 22.01.2015, 09:01

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Kevin (administrator) on KEVIN-PC on 21-01-2015 23:17:55
Running from C:\Users\Kevin\Downloads
Loaded Profiles: Kevin (Available profiles: Kevin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(home) C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-6.exe
() C:\Program Files (x86)\ver7BetterMarkIt\Q5BetterMarkItk73.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-01-31] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe [148048 2015-01-16] (PC Utilities Software Limited)
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\MountPoints2: {65483348-585b-11e4-9c33-8438354463c5} - G:\setup.exe
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\MountPoints2: {e4a1f76d-5c34-11e4-86d3-8438354463c5} - E:\Start_eBanking_Login-Stick_Win.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-25] (Microsoft Corporation)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-ch/?ocid=iehp
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1881947092-1177166632-2730009190-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1881947092-1177166632-2730009190-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
BHO: TheHDvid-Codec V10 -> {11111111-1111-1111-1111-110611331115} -> C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho64.dll (home)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: BetterMarkIt -> {BC35E60A-5F33-8521-4939-7685AD3170CA} -> C:\Program Files (x86)\ver7BetterMarkIt\186_x64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TheHDvid-Codec V10 -> {11111111-1111-1111-1111-110611331115} -> C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho.dll (home)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: BetterMarkIt -> {BC35E60A-5F33-8521-4939-7685AD3170CA} -> C:\Program Files (x86)\ver7BetterMarkIt\186.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 83.222.133.152 83.222.133.150 83.222.133.151

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\Firefox\Extensions: [{EF8CB317-D66F-0A98-AE85-7459C406E8FF}] - C:\Program Files (x86)\ver7BetterMarkIt\186.xpi
FF Extension: BetterMarkIt - C:\Program Files (x86)\ver7BetterMarkIt\186.xpi [2015-01-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-23]
CHR Extension: (Google Docs) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-23]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-23]
CHR Extension: (Google-Suche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-23]
CHR Extension: (Google Tabellen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-23]
CHR Extension: (AdBlock) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-23]
CHR Extension: (Google Mail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-23]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] ()
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION
R2 d924d8dc; c:\Program Files (x86)\Optimizer Pro 3.33\OptProMon.dll [1597008 2015-01-21] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2014-12-29] (XTab system)
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-21] (SysTool PasSame LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-09-06] (Apple Inc.)
R3 AppleSDR; C:\Windows\System32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-20] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-31] (Intel Corporation)
S3 OXYGEN; C:\Windows\System32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)
R2 webinstrNHKT; C:\Windows\system32\Drivers\webinstrNHKT.sys [56432 2015-01-21] (Corsica)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 23:17 - 2015-01-21 23:18 - 00016885 _____ () C:\Users\Kevin\Downloads\FRST.txt
2015-01-21 23:17 - 2015-01-21 23:17 - 02126848 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2015-01-21 23:17 - 2015-01-21 23:17 - 00000000 ____D () C:\FRST
2015-01-21 23:15 - 2015-01-21 23:16 - 00000472 _____ () C:\Users\Kevin\Desktop\defogger_disable.log
2015-01-21 23:15 - 2015-01-21 23:15 - 00050477 _____ () C:\Users\Kevin\Downloads\Defogger.exe
2015-01-21 23:15 - 2015-01-21 23:15 - 00000168 _____ () C:\Users\Kevin\defogger_reenable
2015-01-21 22:48 - 2015-01-21 22:48 - 00003254 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-01-21 22:48 - 2015-01-21 22:48 - 00000000 ____D () C:\Users\Kevin\Documents\Optimizer Pro
2015-01-21 22:48 - 2015-01-21 22:48 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Optimizer Pro
2015-01-21 22:47 - 2015-01-21 23:13 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2015-01-21 22:47 - 2015-01-21 22:47 - 00004014 _____ () C:\Windows\System32\Tasks\LaunchSignup
2015-01-21 22:47 - 2015-01-21 22:47 - 00001981 _____ () C:\Users\Kevin\Desktop\Sync Folder.lnk
2015-01-21 22:47 - 2015-01-21 22:47 - 00001111 _____ () C:\Users\Kevin\Desktop\Optimizer Pro.lnk
2015-01-21 22:47 - 2015-01-21 22:47 - 00001081 _____ () C:\Users\Kevin\Desktop\MyPC Backup.lnk
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.33
2015-01-21 22:46 - 2015-01-21 22:46 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-21 22:44 - 2015-01-21 23:13 - 00002067 _____ () C:\Windows\patsearch.bin
2015-01-21 22:44 - 2015-01-21 23:13 - 00000424 _____ () C:\Windows\Tasks\BetterMarkIt Update.job
2015-01-21 22:44 - 2015-01-21 22:44 - 00003072 _____ () C:\Windows\System32\Tasks\BetterMarkIt Update
2015-01-21 22:44 - 2015-01-21 22:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
2015-01-21 22:44 - 2015-01-21 22:44 - 00000000 ____D () C:\Program Files (x86)\ver7BetterMarkIt
2015-01-21 22:44 - 2015-01-21 22:43 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHKT.sys
2015-01-21 22:43 - 2015-01-21 23:13 - 00005512 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-7.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00005512 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-6.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00003454 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-1.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00002440 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5_user.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00002440 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00002104 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-2.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00001762 _____ () C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-10_user.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00001338 _____ () C:\Windows\Tasks\YIMFTZ.job
2015-01-21 22:43 - 2015-01-21 23:13 - 00000892 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-21 22:43 - 2015-01-21 22:49 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-21 22:43 - 2015-01-21 22:44 - 01870824 _____ (home) C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe
2015-01-21 22:43 - 2015-01-21 22:44 - 00008542 _____ () C:\Windows\System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-7
2015-01-21 22:43 - 2015-01-21 22:44 - 00008540 _____ () C:\Windows\System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-6
2015-01-21 22:43 - 2015-01-21 22:44 - 00006484 _____ () C:\Windows\System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-1
2015-01-21 22:43 - 2015-01-21 22:44 - 00005470 _____ () C:\Windows\System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5
2015-01-21 22:43 - 2015-01-21 22:44 - 00005134 _____ () C:\Windows\System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-2
2015-01-21 22:43 - 2015-01-21 22:44 - 00004364 _____ () C:\Windows\System32\Tasks\YIMFTZ
2015-01-21 22:43 - 2015-01-21 22:44 - 00003894 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-01-21 22:43 - 2015-01-21 22:44 - 00003640 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-01-21 22:43 - 2015-01-21 22:43 - 00067032 _____ () C:\Users\Kevin\Downloads\HDVidCodec (2).exe
2015-01-21 22:43 - 2015-01-21 22:43 - 00000000 ____D () C:\Users\Kevin\AppData\Local\globalUpdate
2015-01-21 22:43 - 2015-01-21 22:43 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2015-01-21 22:43 - 2015-01-21 22:43 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-21 22:43 - 2015-01-21 22:43 - 00000000 ____D () C:\Program Files (x86)\075da26e-e24b-4250-8958-4ae75fa419cd
2015-01-21 22:41 - 2015-01-21 22:41 - 00067032 _____ () C:\Users\Kevin\Downloads\HDVidCodec (1).exe
2015-01-18 21:46 - 2015-01-18 21:46 - 00375496 _____ () C:\Users\Kevin\Downloads\MediaPlayerClassicInstaller.exe
2015-01-17 18:56 - 2015-01-17 18:56 - 00067032 _____ () C:\Users\Kevin\Downloads\HDVidCodec.exe
2015-01-15 14:30 - 2015-01-15 14:30 - 00119410 _____ () C:\Users\Kevin\Downloads\Loesung Onlinetests.xlsx
2015-01-14 17:56 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:56 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:56 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:56 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 17:56 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 17:56 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 17:56 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 17:56 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 17:56 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:56 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:56 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:56 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:56 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 21:11 - 2015-01-13 21:20 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Microsoft Games
2015-01-12 21:35 - 2015-01-12 21:35 - 01012544 _____ (DivX, LLC) C:\Users\Kevin\Downloads\DivXWebPlayerInstaller.exe
2015-01-10 21:55 - 2015-01-10 22:06 - 00000000 ____D () C:\Users\Kevin\Desktop\Stumbleine
2015-01-09 20:44 - 2015-01-10 08:56 - 00000000 ____D () C:\Users\Kevin\Desktop\Abländsche15
2014-12-29 09:18 - 2014-12-29 09:18 - 02399484 _____ () C:\Users\Kevin\Downloads\Lungenkrankheiten
2014-12-29 09:18 - 2014-12-29 09:18 - 00815071 _____ () C:\Users\Kevin\Downloads\Kälbernabel
2014-12-29 09:18 - 2014-12-29 09:18 - 00129100 _____ () C:\Users\Kevin\Downloads\Kolostrum
2014-12-29 09:17 - 2014-12-29 09:17 - 02693151 _____ () C:\Users\Kevin\Downloads\Kälberdurchfall 1
2014-12-29 09:17 - 2014-12-29 09:17 - 01087659 _____ () C:\Users\Kevin\Downloads\Kälber richtig tränken
2014-12-28 12:11 - 2014-12-28 12:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-27 09:54 - 2014-12-27 09:54 - 00838129 _____ () C:\Users\Kevin\Downloads\Milchfieber 2
2014-12-27 09:54 - 2014-12-27 09:54 - 00162333 _____ () C:\Users\Kevin\Downloads\Milchfieber
2014-12-27 09:53 - 2014-12-27 09:53 - 01966076 _____ () C:\Users\Kevin\Downloads\Ketose 2
2014-12-27 09:53 - 2014-12-27 09:53 - 00454343 _____ () C:\Users\Kevin\Downloads\Azidose
2014-12-27 09:53 - 2014-12-27 09:53 - 00115096 _____ () C:\Users\Kevin\Downloads\Ketose 1
2014-12-26 13:33 - 2014-12-26 13:33 - 00067999 _____ () C:\Users\Kevin\Downloads\Bericht Rindergesundheit (1)
2014-12-26 13:31 - 2014-12-26 13:31 - 00900458 _____ () C:\Users\Kevin\Downloads\Einleitung
2014-12-26 13:28 - 2014-12-26 13:28 - 00067999 _____ () C:\Users\Kevin\Downloads\Bericht Rindergesundheit
2014-12-23 14:22 - 2014-12-23 14:22 - 00000584 _____ () C:\Users\Kevin\Downloads\map.geo.admin.ch_KML_20141223142243.kml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 23:17 - 2014-10-20 13:57 - 01963167 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 23:15 - 2014-10-20 14:08 - 00000000 ____D () C:\Users\Kevin
2015-01-21 23:13 - 2014-11-24 11:27 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-01-21 23:13 - 2014-10-23 13:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 23:13 - 2014-10-20 16:57 - 00026132 _____ () C:\Windows\PFRO.log
2015-01-21 23:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 23:13 - 2009-07-14 05:51 - 00053596 _____ () C:\Windows\setupact.log
2015-01-21 23:13 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 23:13 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-21 22:46 - 2014-10-20 14:18 - 00001643 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-21 22:43 - 2014-10-20 14:10 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-21 22:27 - 2009-07-14 18:58 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 22:27 - 2009-07-14 18:58 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 22:27 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 22:26 - 2014-10-23 13:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 16:06 - 2014-11-01 19:46 - 01593564 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-21 16:04 - 2014-12-01 14:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 16:02 - 2014-12-01 14:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 14:46 - 2013-02-10 04:28 - 00000000 ___HD () C:\Users\Kevin\AppData\Local\N1oJqwlS
2015-01-14 17:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-10 08:55 - 2014-12-15 19:09 - 00000000 ____D () C:\Users\Kevin\Desktop\Projects2
2015-01-06 04:36 - 2014-10-20 16:34 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 14:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 12:11 - 2014-11-22 19:21 - 00000000 ____D () C:\Users\Kevin\Desktop\HAFL

==================== Files in the root of some directories =======
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kevin\AppData\Roaming\YIMFTZ
2015-01-21 22:43 - 2015-01-21 22:44 - 1870824 _____ (home) C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe

Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\957E995F-C5F0-FBB2-0D4D-A9EEB25D5B1C.exe
C:\Users\Kevin\AppData\Local\Temp\A3012EB2-53F2-AC4F-77B6-0162F67F9EBB.dll
C:\Users\Kevin\AppData\Local\Temp\A3012EB2-53F2-AC4F-77B6-0162F67F9EBB.exe
C:\Users\Kevin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kevin\AppData\Local\Temp\dsp_ipp.dll
C:\Users\Kevin\AppData\Local\Temp\loop.exe
C:\Users\Kevin\AppData\Local\Temp\optprosetup.exe
C:\Users\Kevin\AppData\Local\Temp\ose00000.exe
C:\Users\Kevin\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 15:49

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Addition Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Kevin at 2015-01-21 23:18:16
Running from C:\Users\Kevin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
BetterMarkIt (HKLM-x32\...\05B5D37D-A2A3-61D7-4059-5383032A9242) (Version:  - BetterMarkIt-software) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West Symphonic Choirs (HKLM-x32\...\East West Symphonic Choirs) (Version:  - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
M-Audio Oxygen Driver 1.3.0 (x64) (HKLM\...\{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}) (Version: 1.3.0 - M-Audio)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.2.0.3 - PC Utilities Software Limited) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
SoundToys Native Effects V4 (HKLM-x32\...\SoundToys Native Effects V4_is1) (Version:  - SoundToys Inc)
TheHDvid-Codec V10 (HKLM-x32\...\TheHDvid-Codec V10) (Version: 1.36.01.08 - home) <==== ATTENTION
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Voxengo SPAN (HKLM\...\Voxengo SPAN_is1) (Version: 2.8 - Voxengo)
Windows-Treiberpaket - Apple Inc. (AppleCamera) Image  (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Atheros Communications Inc. (athr) Net  (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net  (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net  (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost  (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA  (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net  (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net  (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net  (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net  (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net  (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows-Treiberpaket - Marvell (yukonx64) Net  (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-01-2015 19:05:14 Windows Update
21-01-2015 16:02:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05AA6D35-CD04-47EA-B083-E8DEF7276452} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5_user => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-5.exe [2015-01-21] (home) <==== ATTENTION
Task: {0A9610B9-63D9-4C91-9907-F6F43044E2FF} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-6 => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-6.exe [2015-01-21] (home) <==== ATTENTION
Task: {17BA2A11-4EB1-45C8-B51A-06C962C5FCCE} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-1 => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe [2015-01-21] (home) <==== ATTENTION
Task: {1D68A3E8-D2A9-4755-AC72-178B72B04517} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {21EC5FA9-A4CF-4E2F-94DC-6390675F7F44} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2546E7C5-9A72-4936-B6D7-34CE27D722C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3D1ADD55-1410-4CB7-9AD2-D872C7BC47DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5667400E-A4B1-4656-9781-533237AFCB70} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-2 => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-2.exe [2015-01-21] (home) <==== ATTENTION
Task: {6A7B214E-B805-46ED-B1DE-342B64C131AA} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-11-25] (MyPC Backup) <==== ATTENTION
Task: {8E570562-D6CD-4D1A-9D49-0B78FBC4763D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9E904987-FE34-4FFD-9694-093EBE2F284E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {AD478B8E-3ED2-4602-8805-CC5C7AF17575} - System32\Tasks\BetterMarkIt Update => C:\Program Files (x86)\ver7BetterMarkIt\Q5BetterMarkItk73.exe [2015-01-21] () <==== ATTENTION
Task: {B5E29B30-98E8-4A7B-99BC-4B87577C5C64} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-11-24] ()
Task: {C1395EDC-82D5-4F5F-A727-77F6CAB5D157} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: {C4993F4D-8995-4A0D-BCF3-1EDE1F9C45F0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: {CFF772D4-AA77-4299-99EC-4206A7114489} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-10_user => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-10.exe [2015-01-21] (home) <==== ATTENTION
Task: {DFC8EC4D-10CB-4EE3-980B-4F0DAB30E047} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe [2015-01-16] (PC Utilities Software Limited) <==== ATTENTION
Task: {E54C1F3A-42C9-4DA3-99F4-32BFF70C8B16} - System32\Tasks\YIMFTZ => C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe [2015-01-21] (home) <==== ATTENTION
Task: {E630277C-70CB-4F0A-85CA-494D5613B295} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E65B8BC9-81F4-4A14-AF61-F6E05D36C2BB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E71A594B-94F2-45E7-B428-76F75A5EDC2B} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5 => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-5.exe [2015-01-21] (home) <==== ATTENTION
Task: {EA5C0E00-5ED2-47A0-AEA3-844F3A6FFFBF} - System32\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-7 => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-7.exe [2015-01-21] (home) <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-10_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-6.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\402ddb80-8466-41f8-b623-d23456d5a2c6-7.job => C:\Program Files (x86)\TheHDvid-Codec V10\402ddb80-8466-41f8-b623-d23456d5a2c6-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\BetterMarkIt Update.job => C:\Program Files (x86)\ver7BetterMarkIt\Q5BetterMarkItk73.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\YIMFTZ.job => C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-06 11:36 - 2014-02-06 11:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe
2015-01-21 22:47 - 2014-11-25 20:29 - 00299008 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2015-01-21 22:43 - 2015-01-21 22:43 - 00748544 _____ () C:\Program Files (x86)\ver7BetterMarkIt\Q5BetterMarkItk73.exe
2015-01-21 22:47 - 2014-11-25 20:37 - 00012800 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-21 22:47 - 2015-01-21 22:47 - 01597008 _____ () c:\Program Files (x86)\Optimizer Pro 3.33\OptProMon.dll
2015-01-21 22:43 - 2015-01-21 22:43 - 00183784 _____ () C:\Program Files (x86)\TheHDvid-Codec V10\465a5aba-32db-4748-b61b-0d440d95e748.dll
2015-01-17 15:27 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-17 15:27 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-17 15:27 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-17 15:27 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-17 15:27 - 2015-01-09 01:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
2014-10-20 14:14 - 2014-01-31 16:54 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Kevin\AppData\Local\N1oJqwlS:qKInRDbvw3DHsiMlhVAzkr

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1881947092-1177166632-2730009190-500 - Administrator - Disabled)
Gast (S-1-5-21-1881947092-1177166632-2730009190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1881947092-1177166632-2730009190-1004 - Limited - Enabled)
Kevin (S-1-5-21-1881947092-1177166632-2730009190-1000 - Administrator - Enabled) => C:\Users\Kevin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 10:44:12 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (01/21/2015 10:43:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/18/2015 00:23:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5756

Error: (01/18/2015 00:23:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5756


System errors:
=============
Error: (01/21/2015 11:13:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "KEVIN-PC       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.107
registriert werden. Der Computer mit IP-Adresse 192.168.1.109 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/21/2015 11:13:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D69CC634-6744-429B-A610-B3F7B374A2A6} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/21/2015 11:13:15 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "KEVIN-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.107
registriert werden. Der Computer mit IP-Adresse 192.168.1.109 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/15/2015 02:27:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ELITEBOOK-FLO",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D69CC634-6744-429B-A610-B3F7B374A2A6}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/12/2015 02:37:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "KEVIN-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.110
registriert werden. Der Computer mit IP-Adresse 192.168.1.109 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/12/2015 02:37:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "KEVIN-PC       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.110
registriert werden. Der Computer mit IP-Adresse 192.168.1.109 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/12/2015 02:37:32 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D69CC634-6744-429B-A610-B3F7B374A2A6} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/10/2015 10:17:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR8 gefunden.

Error: (01/10/2015 10:17:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR8 gefunden.

Error: (01/10/2015 10:17:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR8 gefunden.


Microsoft Office Sessions:
=========================
Error: (01/21/2015 10:44:12 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/21/2015 10:43:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/18/2015 00:23:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5756

Error: (01/18/2015 00:23:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5756


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4250U CPU @ 1.30GHz
Percentage of memory in use: 57%
Total physical RAM: 4036.55 MB
Available physical RAM: 1723.71 MB
Total Pagefile: 8071.28 MB
Available Pagefile: 5833.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:55.88 GB) (Free:13.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:56.32 GB) (Free:41.75 GB) HFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 113 GB) (Disk ID: EEBE9DC0)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=56.3 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Hallo Sandra das ist eine gute Frage, ich surfe sonst nicht so viel im Internet und achte normalerweise immer darauf was ich tue. Könntest du mir ein Free Antivirus empfehlen? Zu den Logfiles, ich habe diese bereits gestern alle gesammelt, wie es in der Checkliste, bei ``Informationen zusammenstellen`` beschrieben ist. Ich benutze hier übrigens ein MacBook, auf dem ich aber Windows installiert habe, damit ich Fl Studio benutzen kann. Die Mac Partition ist aber auch noch vorhanden. Vielen Dank Kevin

Bootsektor · 22.01.2015, 23:53

Hallo,

Zitat:

Movie2k.tl

Solche Seiten sind mit Vorsicht zu genießen.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :
BetterMarkIt
MyPC Backup
Optimizer Pro v3.2
TheHDvid-Codec V10

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Troja25 · 23.01.2015, 19:24

Code:

ATTFilter

# AdwCleaner v4.108 - Bericht erstellt am 23/01/2015 um 19:04:07
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-23.3 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kevin - KEVIN-PC
# Gestartet von : C:\Users\Kevin\Downloads\AdwCleaner_4.108.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : WindowsMangerProtect
Dienst Gelöscht : IHProtect Service

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\ProgramData\4004ab07000063ef
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Users\Kevin\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Kevin\Documents\Optimizer Pro
Datei Gelöscht : C:\Windows\patsearch.bin
Datei Gelöscht : C:\Windows\System32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
Datei Gelöscht : C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Datei Gelöscht : C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : LaunchSignup

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BetterMarkIt
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\omiga-plusSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v39.0.2171.99

[C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
[C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
[C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}
[C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469&q={searchTerms}

*************************

AdwCleaner[R0].txt - [12511 octets] - [23/01/2015 19:01:54]
AdwCleaner[S0].txt - [11589 octets] - [23/01/2015 19:04:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11650 octets] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.01.2015
Suchlauf-Zeit: 19:10:00
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.23.06
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Kevin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332382
Verstrichene Zeit: 4 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{d924d8dc}, In Quarantäne, [06ccfdfd147581b5e92af3a843c0bc44], 
PUP.Optional.HDVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TheHDvid-Codec V10-nv, In Quarantäne, [bc1636c4f0990b2b25d77125c73c6f91], 
PUP.Optional.HDVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheHDvid-Codec V10, In Quarantäne, [ece6837768210333c5384353c73c53ad], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 2
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 

Dateien: 29
PUP.Optional.HDVid.A, C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe, In Quarantäne, [e4ee9664276256e01ad362563fc27f81], 
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-1881947092-1177166632-2730009190-1000\$R04STS5.exe, In Quarantäne, [ba1817e35732e74fdad19078ae548779], 
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-1881947092-1177166632-2730009190-1000\$R0DWEV2.exe, In Quarantäne, [efe38b6f8cfdc274218ae226ae54837d], 
Trojan.Agent, C:\Users\Kevin\AppData\Local\Temp\loop.exe, In Quarantäne, [478b15e5f792fc3a4b6f4c1ba06243bd], 
PUP.Optional.Downloader, C:\Users\Kevin\Downloads\HDVidCodec (1).exe, In Quarantäne, [79594dadc3c6d561634ff69c8a7bd927], 
PUP.Optional.Downloader, C:\Users\Kevin\Downloads\HDVidCodec (2).exe, In Quarantäne, [d7fbd1293a4ff93d7240d7bb05000000], 
PUP.Optional.Downloader, C:\Users\Kevin\Downloads\HDVidCodec.exe, In Quarantäne, [478bd4261e6bc96d773b7f13e71e8c74], 
PUP.Optional.OmigaPlus.A, C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, Löschen bei Neustart, [5280c7334742b77f3d4f3a45847fce32], 
PUP.Optional.OmigaPlus.A, C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, Löschen bei Neustart, [b41e46b4315868ce97f57a05867dad53], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\GoogleCrashHandler.exe, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\GoogleUpdate.exe, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\GoogleUpdateBroker.exe, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\GoogleUpdateHelper.msi, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\GoogleUpdateOnDemand.exe, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\goopdate.dll, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\goopdateres_en.dll, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\npGoogleUpdate4.dll, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\psmachine.dll, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.433018\psuser.dll, In Quarantäne, [943e5aa0c7c290a68a8fb9a0f60d1fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\GoogleCrashHandler.exe, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\GoogleUpdate.exe, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\GoogleUpdateBroker.exe, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\GoogleUpdateHelper.msi, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\GoogleUpdateOnDemand.exe, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\goopdate.dll, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\goopdateres_en.dll, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\npGoogleUpdate4.dll, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\psmachine.dll, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kevin\AppData\Local\Temp\comh.63145\psuser.dll, In Quarantäne, [577b1bdf5a2f6dc929f0f465a95aaf51], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Kevin (administrator) on KEVIN-PC on 23-01-2015 19:19:29
Running from C:\Users\Kevin\Downloads
Loaded Profiles: Kevin (Available profiles: Kevin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-01-31] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\MountPoints2: {65483348-585b-11e4-9c33-8438354463c5} - G:\setup.exe
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\...\MountPoints2: {e4a1f76d-5c34-11e4-86d3-8438354463c5} - E:\Start_eBanking_Login-Stick_Win.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-25] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1881947092-1177166632-2730009190-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-ch/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 83.222.133.150 83.222.133.151 83.222.133.152

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1421876770&from=ild&uid=APPLEXSSDXSM0128F_S18UNYAD536469"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-23]
CHR Extension: (Google Docs) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-23]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-23]
CHR Extension: (Google-Suche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-23]
CHR Extension: (Google Tabellen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-23]
CHR Extension: (AdBlock) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-23]
CHR Extension: (Google Mail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] ()
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-09-06] (Apple Inc.)
R3 AppleSDR; C:\Windows\System32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-20] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-31] (Intel Corporation)
S3 OXYGEN; C:\Windows\System32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 19:19 - 2015-01-23 19:19 - 00010836 _____ () C:\Users\Kevin\Downloads\FRST.txt
2015-01-23 19:17 - 2015-01-23 19:17 - 00006524 _____ () C:\Users\Kevin\Desktop\mbam.txt
2015-01-23 19:09 - 2015-01-23 19:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 19:09 - 2015-01-23 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-23 19:09 - 2015-01-23 19:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 19:09 - 2015-01-23 19:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-23 19:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 19:09 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-23 19:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-23 19:06 - 2015-01-23 19:06 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-23 19:05 - 2015-01-23 19:05 - 00011755 _____ () C:\Users\Kevin\Desktop\AdwCleaner[S0].txt
2015-01-23 19:01 - 2015-01-23 19:04 - 00000000 ____D () C:\AdwCleaner
2015-01-23 18:59 - 2015-01-23 18:59 - 02186752 _____ () C:\Users\Kevin\Downloads\AdwCleaner_4.108.exe
2015-01-21 23:27 - 2015-01-21 23:27 - 00279304 _____ () C:\Windows\Minidump\012115-7004-01.dmp
2015-01-21 23:27 - 2015-01-21 23:27 - 00000000 ____D () C:\Windows\Minidump
2015-01-21 23:19 - 2015-01-21 23:20 - 00380416 _____ () C:\Users\Kevin\Downloads\lzpt4spg.exe
2015-01-21 23:17 - 2015-01-23 19:19 - 00000000 ____D () C:\FRST
2015-01-21 23:17 - 2015-01-21 23:17 - 02126848 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2015-01-21 23:15 - 2015-01-21 23:15 - 00050477 _____ () C:\Users\Kevin\Downloads\Defogger.exe
2015-01-21 23:15 - 2015-01-21 23:15 - 00000168 _____ () C:\Users\Kevin\defogger_reenable
2015-01-21 22:43 - 2015-01-23 19:15 - 00001338 _____ () C:\Windows\Tasks\YIMFTZ.job
2015-01-21 22:43 - 2015-01-21 22:44 - 00004364 _____ () C:\Windows\System32\Tasks\YIMFTZ
2015-01-18 21:46 - 2015-01-18 21:46 - 00375496 _____ () C:\Users\Kevin\Downloads\MediaPlayerClassicInstaller.exe
2015-01-15 14:30 - 2015-01-15 14:30 - 00119410 _____ () C:\Users\Kevin\Downloads\Loesung Onlinetests.xlsx
2015-01-14 17:56 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:56 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:56 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:56 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 17:56 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 17:56 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 17:56 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 17:56 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 17:56 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:56 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:56 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:56 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:56 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 21:11 - 2015-01-13 21:20 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Microsoft Games
2015-01-12 21:35 - 2015-01-12 21:35 - 01012544 _____ (DivX, LLC) C:\Users\Kevin\Downloads\DivXWebPlayerInstaller.exe
2015-01-10 21:55 - 2015-01-10 22:06 - 00000000 ____D () C:\Users\Kevin\Desktop\Stumbleine
2015-01-09 20:44 - 2015-01-10 08:56 - 00000000 ____D () C:\Users\Kevin\Desktop\Abländsche15
2014-12-29 09:18 - 2014-12-29 09:18 - 02399484 _____ () C:\Users\Kevin\Downloads\Lungenkrankheiten
2014-12-29 09:18 - 2014-12-29 09:18 - 00815071 _____ () C:\Users\Kevin\Downloads\Kälbernabel
2014-12-29 09:18 - 2014-12-29 09:18 - 00129100 _____ () C:\Users\Kevin\Downloads\Kolostrum
2014-12-29 09:17 - 2014-12-29 09:17 - 02693151 _____ () C:\Users\Kevin\Downloads\Kälberdurchfall 1
2014-12-29 09:17 - 2014-12-29 09:17 - 01087659 _____ () C:\Users\Kevin\Downloads\Kälber richtig tränken
2014-12-28 12:11 - 2014-12-28 12:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-27 09:54 - 2014-12-27 09:54 - 00838129 _____ () C:\Users\Kevin\Downloads\Milchfieber 2
2014-12-27 09:54 - 2014-12-27 09:54 - 00162333 _____ () C:\Users\Kevin\Downloads\Milchfieber
2014-12-27 09:53 - 2014-12-27 09:53 - 01966076 _____ () C:\Users\Kevin\Downloads\Ketose 2
2014-12-27 09:53 - 2014-12-27 09:53 - 00454343 _____ () C:\Users\Kevin\Downloads\Azidose
2014-12-27 09:53 - 2014-12-27 09:53 - 00115096 _____ () C:\Users\Kevin\Downloads\Ketose 1
2014-12-26 13:33 - 2014-12-26 13:33 - 00067999 _____ () C:\Users\Kevin\Downloads\Bericht Rindergesundheit (1)
2014-12-26 13:31 - 2014-12-26 13:31 - 00900458 _____ () C:\Users\Kevin\Downloads\Einleitung
2014-12-26 13:28 - 2014-12-26 13:28 - 00067999 _____ () C:\Users\Kevin\Downloads\Bericht Rindergesundheit

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 19:18 - 2014-10-20 13:57 - 02076095 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 19:15 - 2014-11-24 11:27 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-01-23 19:15 - 2014-10-23 13:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 19:15 - 2014-10-20 16:57 - 00035808 _____ () C:\Windows\PFRO.log
2015-01-23 19:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 19:15 - 2009-07-14 05:51 - 00054559 _____ () C:\Windows\setupact.log
2015-01-23 19:10 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 19:10 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 19:09 - 2009-07-14 18:58 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2015-01-23 19:09 - 2009-07-14 18:58 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2015-01-23 19:09 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 19:04 - 2014-10-23 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-23 19:04 - 2014-10-20 14:18 - 00001003 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 18:57 - 2014-10-20 14:10 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-23 18:54 - 2014-10-23 13:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 23:15 - 2014-10-20 14:08 - 00000000 ____D () C:\Users\Kevin
2015-01-21 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-21 16:06 - 2014-11-01 19:46 - 01593564 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-21 16:04 - 2014-12-01 14:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 16:02 - 2014-12-01 14:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 14:46 - 2013-02-10 04:28 - 00000000 ___HD () C:\Users\Kevin\AppData\Local\N1oJqwlS
2015-01-14 17:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-10 08:55 - 2014-12-15 19:09 - 00000000 ____D () C:\Users\Kevin\Desktop\Projects2
2015-01-06 04:36 - 2014-10-20 16:34 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 14:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 12:11 - 2014-11-22 19:21 - 00000000 ____D () C:\Users\Kevin\Desktop\HAFL

==================== Files in the root of some directories =======
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kevin\AppData\Roaming\YIMFTZ

Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\957E995F-C5F0-FBB2-0D4D-A9EEB25D5B1C.exe
C:\Users\Kevin\AppData\Local\Temp\A3012EB2-53F2-AC4F-77B6-0162F67F9EBB.dll
C:\Users\Kevin\AppData\Local\Temp\A3012EB2-53F2-AC4F-77B6-0162F67F9EBB.exe
C:\Users\Kevin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kevin\AppData\Local\Temp\dsp_ipp.dll
C:\Users\Kevin\AppData\Local\Temp\optprosetup.exe
C:\Users\Kevin\AppData\Local\Temp\ose00000.exe
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kevin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kevin\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 15:49

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Kevin at 2015-01-23 19:19:53
Running from C:\Users\Kevin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West Symphonic Choirs (HKLM-x32\...\East West Symphonic Choirs) (Version:  - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
M-Audio Oxygen Driver 1.3.0 (x64) (HKLM\...\{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}) (Version: 1.3.0 - M-Audio)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
SoundToys Native Effects V4 (HKLM-x32\...\SoundToys Native Effects V4_is1) (Version:  - SoundToys Inc)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Voxengo SPAN (HKLM\...\Voxengo SPAN_is1) (Version: 2.8 - Voxengo)
Windows-Treiberpaket - Apple Inc. (AppleCamera) Image  (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Atheros Communications Inc. (athr) Net  (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net  (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net  (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost  (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA  (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net  (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net  (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net  (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net  (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net  (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows-Treiberpaket - Marvell (yukonx64) Net  (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-01-2015 19:05:14 Windows Update
21-01-2015 16:02:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D68A3E8-D2A9-4755-AC72-178B72B04517} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {21EC5FA9-A4CF-4E2F-94DC-6390675F7F44} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2546E7C5-9A72-4936-B6D7-34CE27D722C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3D1ADD55-1410-4CB7-9AD2-D872C7BC47DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8E570562-D6CD-4D1A-9D49-0B78FBC4763D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9E904987-FE34-4FFD-9694-093EBE2F284E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {CC60D248-3D53-4160-B1EA-C10D0274850D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-11-24] ()
Task: {E54C1F3A-42C9-4DA3-99F4-32BFF70C8B16} - System32\Tasks\YIMFTZ => C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe <==== ATTENTION
Task: {E630277C-70CB-4F0A-85CA-494D5613B295} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E65B8BC9-81F4-4A14-AF61-F6E05D36C2BB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\YIMFTZ.job => C:\Users\Kevin\AppData\Roaming\YIMFTZ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-06 11:36 - 2014-02-06 11:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-20 14:14 - 2014-01-31 16:54 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Kevin\AppData\Local\N1oJqwlS:qKInRDbvw3DHsiMlhVAzkr

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1881947092-1177166632-2730009190-500 - Administrator - Disabled)
Gast (S-1-5-21-1881947092-1177166632-2730009190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1881947092-1177166632-2730009190-1004 - Limited - Enabled)
Kevin (S-1-5-21-1881947092-1177166632-2730009190-1000 - Administrator - Enabled) => C:\Users\Kevin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3904690

Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3904690

Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/21/2015 10:44:12 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (01/21/2015 10:43:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21614313


System errors:
=============
Error: (01/23/2015 07:04:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/23/2015 07:04:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/23/2015 07:04:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/23/2015 07:04:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/23/2015 07:04:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/23/2015 07:04:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2015 07:04:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2015 07:04:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2015 07:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/23/2015 07:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PACE License Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3904690

Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3904690

Error: (01/22/2015 02:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/21/2015 10:44:12 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/21/2015 10:43:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: Kevin-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 242145

Error: (01/21/2015 10:35:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21614313

Error: (01/19/2015 03:57:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21614313


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4250U CPU @ 1.30GHz
Percentage of memory in use: 38%
Total physical RAM: 4036.55 MB
Available physical RAM: 2479.35 MB
Total Pagefile: 8071.28 MB
Available Pagefile: 6688.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:55.88 GB) (Free:12.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:56.32 GB) (Free:41.75 GB) HFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 113 GB) (Disk ID: EEBE9DC0)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=56.3 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Bootsektor · 24.01.2015, 23:16

Hallo,

warum hast du kein Antivirus installiert?

und wieso läuft bei dir ein Office- bzw. Windows-Crack?

Zitat:

autokms.exe

Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportunterbrechung
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, bis diese Software entfernt wurde.
Hinzu kommt, dass wir dich in unserer
Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Troja25 · 25.01.2015, 10:46

Hallo Ich habe meine Windows CD vom Desktop-PC benutzt und mir separat einen Key gekauft, da ich wie gesagt Windows auf dem MacBook benutze. Beim Office habe ich ein Crack von einem Kollegen bekommen, damit ich auch das Office vom PC benutzen kann und nicht extra eine neue kaufen muss, ich verstehe auch nicht wieso man eine gekauft Software nicht auf allen seinen Computer/Laptops benutzen kann.. Trotzdem Vielen Dank für eure freiwilligen Arbeit Gruss Kevin

Bootsektor · 26.01.2015, 23:43

Hallo,

Zitat:

Hallo Ich habe meine Windows CD vom Desktop-PC benutzt und mir separat einen Key gekauft

das ist ja auch vollkommen legitim.

Zitat:

damit ich auch das Office vom PC benutzen kann und nicht extra eine neue kaufen muss, ich verstehe auch nicht wieso man eine gekauft Software nicht auf allen seinen Computer/Laptops benutzen kann

Das ist immer abhängig von der Lizenz die du für Office hast. Mit bestimmten Lizenzen kannst du vollkommen legal Office auf bis zu drei Rechnern installieren, was du da für ein Lizenzpaket hast und ob das möglich ist, müsstest du nachlesen. So kann ich dir aber leider nicht weiterhelfen.

Windows 7: TheHDvid-Codec V10 von Streaming Seite

Log-Analyse und Auswertung: Windows 7: TheHDvid-Codec V10 von Streaming Seite