PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen

ChrisWis · 04.02.2015, 13:41

Habe wohl auch das problem mit PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL hoffe ihr könnt mir helfen. Es nervt, vor allem wenn man nach einer bestimmt zeit aus den Spiel geschmissen wird.

Das habe ich mal mit FRST durchgeführt.

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Christian (administrator) on CHRISTIAN-PC on 04-02-2015 13:38:43
Running from C:\Users\Christian\Downloads
Loaded Profiles: Christian & UpdatusUser (Available profiles: Christian & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Christian\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\Run: [Microsoft Works Update Detection] => C:\Program Files (x86)\Microsoft Works\WkDetect.exe
HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\Run: [MsgCenterExe] => "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe"  -osboot
HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\MountPoints2: {6e842789-8ccf-11e3-8e82-14dae995d5fc} - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\MountPoints2: {95af17af-74fd-11e2-a32a-14dae995d5fc} - J:\Installer.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-24] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [253200 2015-01-28] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [219408 2015-01-28] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
HKU\S-1-5-21-968192958-1321040834-47913373-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-968192958-1321040834-47913373-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-968192958-1321040834-47913373-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-968192958-1321040834-47913373-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
SearchScopes: HKLM -> {4A5C5F7C-B07C-40C6-8B0E-A72F05152151} URL = hxxp://www.bing.com/?cc=de
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=052fe944-8b69-45c2-9db8-1524bfb6d05a&searchtype=ds&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-968192958-1321040834-47913373-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325376&octid=EB_ORIGINAL_CTID&ISID=MB3B3261E-EDE8-44AB-8A14-98CF8B9243DC&SearchSource=58&CUI=&UM=5&UP=SP5F639B7D-17D9-4E47-98E1-AFA3D7C3A7D5&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-968192958-1321040834-47913373-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-968192958-1321040834-47913373-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325376&octid=EB_ORIGINAL_CTID&ISID=MB3B3261E-EDE8-44AB-8A14-98CF8B9243DC&SearchSource=58&CUI=&UM=5&UP=SP5F639B7D-17D9-4E47-98E1-AFA3D7C3A7D5&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-968192958-1321040834-47913373-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FCCA14DAE995D5FC&affID=121564&tt=230713_18215&tsp=4953
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1384517112&from=cor&uid=HitachiXHDS721050CLA362_JP1572JE0US19K0US19KX

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\q6kz9y55.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=M85025FCD-D135-43BF-9D2E-0F25E62AC9B3&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPA7FAB0F7-313C-4BA6-B79B-DA4BD4933E35
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: https://www.google.de/?gws_rd=ssl|about:addons
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-968192958-1321040834-47913373-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Christian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-968192958-1321040834-47913373-1000: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF user.js: detected! => C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\q6kz9y55.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Users\Christian\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\q6kz9y55.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\q6kz9y55.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\q6kz9y55.default\searchplugins\trovi-search.xml
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-07-24]
FF HKU\S-1-5-21-968192958-1321040834-47913373-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-12-25]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-04]
CHR Extension: (Freemake Video Converter) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-02-04]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-04]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-12] (DT Soft Ltd)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-05-27] (StdLib)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}w64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}w64.sys [61112 2014-06-21] (StdLib)
R3 cpuz134; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 13:38 - 2015-02-04 13:38 - 02131456 _____ (Farbar) C:\Users\Christian\Downloads\FRST64(1).exe
2015-02-04 13:28 - 2015-02-04 13:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Christian\Downloads\revosetup95.exe
2015-02-04 13:28 - 2015-02-04 13:28 - 00001260 _____ () C:\Users\Christian\Desktop\Revo Uninstaller.lnk
2015-02-04 13:28 - 2015-02-04 13:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-04 13:17 - 2015-02-04 13:17 - 00004290 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-02-04 13:17 - 2015-02-04 13:17 - 00003458 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-02-04 13:17 - 2015-02-04 13:17 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-02-04 13:17 - 2015-02-04 13:17 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-02-04 13:17 - 2015-02-04 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-02-04 13:17 - 2015-02-04 13:17 - 00000000 ____D () C:\Program Files\Reimage
2015-02-04 13:14 - 2015-02-04 13:18 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-04 13:14 - 2015-02-04 13:18 - 00000000 ____D () C:\rei
2015-02-04 13:14 - 2015-02-04 13:14 - 00775968 _____ (Reimage®) C:\Users\Christian\Downloads\ReimageRepair.exe
2015-02-04 13:10 - 2015-02-04 13:10 - 00031473 _____ () C:\Users\Christian\Downloads\Addition.txt
2015-02-04 13:09 - 2015-02-04 13:38 - 00018084 _____ () C:\Users\Christian\Downloads\FRST.txt
2015-02-04 13:09 - 2015-02-04 13:38 - 00000000 ____D () C:\FRST
2015-02-04 13:08 - 2015-02-04 13:08 - 02131456 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-02-04 11:35 - 2015-02-04 11:35 - 06103040 _____ () C:\Program Files (x86)\GUT3E77.tmp
2015-02-04 11:35 - 2015-02-04 11:35 - 00000000 ____D () C:\Program Files (x86)\GUM3E76.tmp
2015-02-04 11:32 - 2015-02-04 11:32 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\AVAST Software
2015-02-04 11:30 - 2015-02-04 11:52 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-04 11:30 - 2015-02-04 11:30 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-04 11:29 - 2015-02-04 11:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-04 11:29 - 2015-02-04 11:29 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-04 11:26 - 2015-02-04 11:29 - 132469808 _____ (AVAST Software) C:\Users\Christian\Downloads\avast_free_antivirus_setup.exe
2015-02-02 18:39 - 2015-02-03 11:18 - 00000000 ____D () C:\Users\Christian\AppData\Local\avaxvavya
2015-02-02 18:39 - 2015-02-02 18:39 - 00003502 _____ () C:\Windows\System32\Tasks\avaxvavya
2015-01-28 15:15 - 2015-01-28 15:15 - 00004140 _____ () C:\Users\Christian\AppData\Local\recently-used.xbel
2015-01-27 11:33 - 2015-01-27 11:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 19:55 - 2015-01-22 19:55 - 34707448 _____ () C:\Users\Christian\Downloads\FMC_DB_Deutschland.exe
2015-01-22 19:35 - 2015-01-22 19:35 - 00000000 ____D () C:\Users\Christian\Documents\FUSSBALL MANAGER 14
2015-01-22 19:34 - 2015-01-22 19:34 - 00001216 _____ () C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2015-01-22 18:23 - 2015-01-22 18:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-22 18:22 - 2015-01-23 10:17 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Origin
2015-01-22 18:22 - 2015-01-22 18:23 - 00000000 ____D () C:\Users\Christian\AppData\Local\Origin
2015-01-22 18:20 - 2015-02-04 12:44 - 00000000 ____D () C:\ProgramData\Origin
2015-01-22 18:20 - 2015-02-04 12:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-22 18:20 - 2015-01-22 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-22 18:20 - 2015-01-22 18:20 - 00000975 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-01-22 18:18 - 2015-01-22 18:18 - 17102864 _____ (Electronic Arts, Inc.) C:\Users\Christian\Downloads\OriginThinSetup.exe
2015-01-22 17:40 - 2015-01-22 19:34 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-22 17:40 - 2015-01-22 17:40 - 00000000 ____D () C:\ProgramData\EA Core
2015-01-18 17:36 - 2015-01-28 14:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 17:36 - 2015-01-18 17:36 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 17:36 - 2015-01-18 17:36 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-15 15:34 - 2015-01-15 15:34 - 00372592 _____ () C:\Users\Christian\Downloads\SoftonicDownloader_fuer_fussball-manager-06.exe
2015-01-15 15:22 - 2015-02-04 11:36 - 00008072 _____ () C:\Windows\PFRO.log
2015-01-15 11:22 - 2015-02-02 20:27 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-01-15 11:22 - 2015-01-15 11:22 - 00000000 ____D () C:\Users\Christian\AppData\Local\SearchProtect
2015-01-06 12:20 - 2015-01-07 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 13:17 - 2013-01-12 15:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 13:13 - 2009-07-14 05:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 13:13 - 2009-07-14 05:45 - 00014608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 11:51 - 2013-11-02 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-02-04 11:51 - 2013-11-02 18:15 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-02-04 11:51 - 2013-11-02 18:14 - 00000000 ____D () C:\Program Files (x86)\epson
2015-02-04 11:51 - 2013-01-11 17:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 11:50 - 2013-01-11 17:29 - 01752120 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 11:46 - 2014-11-03 15:14 - 00017753 _____ () C:\Windows\setupact.log
2015-02-04 11:46 - 2013-01-11 18:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 11:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 11:32 - 2014-01-13 18:59 - 00000000 ____D () C:\Users\Christian\AppData\Local\Google
2015-01-28 15:15 - 2013-01-22 16:59 - 00000000 ____D () C:\Users\Christian\.gimp-2.8
2015-01-28 15:14 - 2013-01-22 17:00 - 00000000 ____D () C:\Users\Christian\.thumbnails
2015-01-25 18:17 - 2013-01-12 15:06 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 18:17 - 2013-01-12 15:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 18:17 - 2013-01-12 15:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 17:24 - 2013-01-12 13:13 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2015-01-22 19:34 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-22 19:33 - 2014-11-17 15:48 - 00048908 _____ () C:\Windows\DirectX.log
2015-01-22 17:40 - 2013-01-11 17:32 - 00000000 ____D () C:\Users\Christian\AppData\Local\VirtualStore
2015-01-22 17:17 - 2014-12-07 17:46 - 00000000 ____D () C:\Users\Christian\AppData\Local\PokerStars.EU
2015-01-15 15:30 - 2013-02-11 12:12 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\uTorrent
2015-01-07 16:24 - 2014-06-16 11:49 - 00001637 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2015-01-06 15:12 - 2009-07-14 18:58 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2015-01-06 15:12 - 2009-07-14 18:58 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2015-01-06 15:12 - 2009-07-14 06:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 14:30 - 2013-01-11 19:41 - 00127264 _____ () C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-06 14:30 - 2009-07-14 05:45 - 00434496 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-05 15:42 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-02-04 11:35 - 2015-02-04 11:35 - 6103040 _____ () C:\Program Files (x86)\GUT3E77.tmp
2015-01-28 15:15 - 2015-01-28 15:15 - 0004140 _____ () C:\Users\Christian\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Christian\AppData\Local\Temp\utt1FA4.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 12:18

==================== End Of Log ============================

cosinus · 04.02.2015, 15:03

Hi und

Addition.txt fehlt. Bitte nachreichen, und auch alle Logs von Virenscannern posten, falls es denn mal Funde gab.

Außerdem:

Zukünftig bitte beachten:

Zitat:

Running from C:\Users\Christian\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen

Plagegeister aller Art und deren Bekämpfung: PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen

PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen

PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen

Ähnliche Themen: PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1 DLL entfernen