Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
bei mir öfnet sich bei mausklick immer alles doppelt

bei mir öfnet sich bei mausklick immer alles doppelt


Log-Analyse und Auswertung: bei mir öfnet sich bei mausklick immer alles doppelt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 25.04.2015, 06:53   #1
marcoh1
 
bei mir öfnet sich bei mausklick immer alles doppelt - Standard

bei mir öfnet sich bei mausklick immer alles doppelt


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 07:44 on 25/04/2015 (Marco)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015
Ran by Marco (administrator) on MARCO-PC on 25-04-2015 07:13:16
Running from C:\Users\Marco\Desktop
Loaded Profiles: Marco (Available profiles: Marco)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Shared\Database2_eae1c2\bin\FABS.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.2.0.31\ns.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\tsnp325.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
() C:\Windows\vsnp325.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.2.0.31\ns.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [tsnp325] => C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {28452078-87c6-11e1-be1c-001966cf730a} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {368824c0-ee93-11e2-93f8-001966cf730a} - L:\Startme.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {64d205ca-e2d2-11e2-b764-001966cf730a} - J:\pushinst.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {74666a05-8d66-11e1-ac08-806e6f6e6963} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {8f6adf2a-886f-11e1-ad41-806e6f6e6963} - L:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {8f6adf99-886f-11e1-ad41-001966cf730a} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {8f6adfc1-886f-11e1-ad41-001966cf730a} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {cc80d564-e821-11df-9935-001e101f8924} - L:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {d2d0bca5-8d4d-11e1-bd2b-bb6ef96f8b09} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {d2d0bcbd-8d4d-11e1-bd2b-eb42cdd63b89} - J:\AutoRun.exe
HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MountPoints2: {eb34829e-8bfd-11e4-be53-001966cf730a} - N:\StorioSetup.exe
IFEO\bingdesktop.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\friadr32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\frifax32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\friver32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\frivw32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\fwebprot.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mep.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mobileconnect.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\stcenter.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\uimain.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\wlangui.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dxdiag.exe [2011-02-08] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-45153375-497558765-2581310702-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.2.0.38
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NS&pvid=22.2.0.31
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NS&pvid=22.2.0.31
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NS&pvid=22.2.0.31
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-45153375-497558765-2581310702-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-45153375-497558765-2581310702-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.2.0.31\coIEPlg.dll [2015-03-30] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.2.0.31\coIEPlg.dll [2015-03-30] (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2012-09-12] (Sony Computer Entertainment Inc.)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll [2013-12-04] (Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-45153375-497558765-2581310702-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marco\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\user.js [2015-03-31]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-10-28] (Apple Inc.)
FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\searchplugins\google-images.xml [2015-04-13]
FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\searchplugins\google-maps.xml [2015-04-13]
FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\searchplugins\safesearch.xml [2015-03-31]
FF Extension: Cliqz Beta - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\Extensions\cliqz@cliqz.com.xpi [2015-04-13]
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-31]
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-09-27]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn [2015-04-25]
FF HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\j67fmv7c.default-1427815403303\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-21]

Chrome:
=======
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\default
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.2.0.31\Exts\Chrome.crx [2015-04-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-27]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
S4 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [581184 2013-07-01] (SEIKO EPSON CORPORATION)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Shared\Database2_eae1c2\bin\FABS.exe [1155072 2008-12-16] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Shared\Database2_eae1c2\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-02-07] (Teruten) [File not signed]
S4 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NS; C:\Program Files\Norton Security\Engine\22.2.0.31\NS.exe [282528 2015-04-01] (Symantec Corporation)
S3 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-30] (TuneUp Software)
S4 UI Assistant Service; C:\Program Files\ZTE Join Air\AssistantServices.exe [241664 2009-03-24] () [File not signed]
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
S4 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-04-20] (Vodafone) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2012-12-22] (Protect Software GmbH)
R1 Amfilter; C:\Windows\System32\DRIVERS\Amfilter.sys [9216 2007-05-14] (A4Tech Co.,Ltd.) [File not signed]
S3 Amusbprt; C:\Windows\System32\DRIVERS\Amusbprt.sys [14336 2007-05-14] (A4Tech Co.,Ltd.) [File not signed]
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75264 2013-07-05] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-03-12] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin) [File not signed]
R1 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20150418.001\BHDrvx86.sys [1172184 2015-04-08] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NS\1602000.01F\ccSetx86.sys [128728 2014-09-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-03-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-03-30] (Symantec Corporation)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-02-07] () [File not signed]
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [25856 2010-10-08] (Huawei Tech. Co., Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90368 2011-02-25] (Huawei Technologies Co., Ltd.)
R1 IDSVix86; C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20150424.001\IDSvix86.sys [505048 2015-03-30] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-03-12] ()
R3 NAVENG; C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20150424.001\NAVENG.SYS [95704 2015-03-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20150424.001\NAVEX15.SYS [1636696 2015-03-30] (Symantec Corporation)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10368384 2007-06-22] (Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [8701824 2005-10-13] ()
R3 SRTSP; C:\Windows\System32\Drivers\NS\1602000.01F\SRTSP.SYS [702168 2015-03-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NS\1602000.01F\SRTSPX.SYS [36056 2014-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NS\1602000.01F\SYMDS.SYS [364760 2014-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NS\1602000.01F\SYMEFA.SYS [939224 2014-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [94424 2015-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NS\1602000.01F\Ironx86.SYS [212696 2014-09-09] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NS\1602000.01F\SYMTDIV.SYS [358104 2014-09-09] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [34392 2009-12-08] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [385544 2009-12-08] (Paragon)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [110592 2009-04-09] (ZTE Corporation)
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [105344 2009-04-09] (ZTE Incorporated)
S3 AsrCDDrv; \??\C:\Windows\system32\Drivers\AsrCDDrv.sys [X]
S3 EraserUtilDrvI10; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 07:13 - 2015-04-25 07:14 - 00022905 _____ () C:\Users\Marco\Desktop\FRST.txt
2015-04-25 07:11 - 2015-04-25 07:11 - 01139200 _____ (Farbar) C:\Users\Marco\Desktop\FRST.exe
2015-04-25 06:24 - 2015-04-25 06:24 - 00000000 ____D () C:\AMD
2015-04-24 09:25 - 2015-04-25 06:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-24 09:25 - 2015-04-25 05:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-24 09:25 - 2015-04-25 05:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-23 10:51 - 2015-04-23 10:51 - 00000000 ____D () C:\Users\Marco\Documents\Norton Identity Safe-Backups
2015-04-22 11:50 - 2015-04-22 11:50 - 00017139 _____ () C:\Windows\AVMInstall.Log
2015-04-22 11:49 - 2015-04-22 11:49 - 00003817 _____ () C:\Windows\avmadd321.log
2015-04-22 11:49 - 2015-04-22 11:49 - 00001600 _____ () C:\Windows\avmadd32.log
2015-04-22 10:43 - 2015-04-22 11:49 - 00000000 ____D () C:\Users\Marco\AppData\Local\LogMeIn Rescue Applet
2015-04-21 20:25 - 2015-04-24 10:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-15 07:10 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 07:05 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:04 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:04 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 07:04 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:04 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 07:04 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:00 - 2015-04-15 07:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 07:00 - 2015-04-15 07:00 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-15 06:31 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 06:31 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 06:31 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 06:31 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 06:31 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 06:31 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 06:31 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 06:31 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 06:31 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 06:31 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 06:31 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 06:31 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 06:31 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 06:31 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 06:31 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 06:31 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-13 08:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-04-13 08:19 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-04-13 08:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-04-13 08:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-04-13 08:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-04-13 08:19 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-04-13 08:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-04-13 08:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-04-13 08:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-04-13 08:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-04-13 08:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-04-13 08:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-04-13 08:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-04-13 08:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-04-13 08:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-04-13 08:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-04-13 08:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-04-13 08:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-04-13 08:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-04-13 08:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-04-13 08:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-04-13 08:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-04-13 08:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-04-13 08:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-04-13 08:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-04-13 08:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-04-13 08:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-04-13 08:18 - 2015-04-13 08:18 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-13 08:08 - 2015-04-13 08:08 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Cliqz
2015-04-13 08:08 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2015-04-13 08:08 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2015-04-13 08:08 - 2009-10-28 13:24 - 09848595 _____ () C:\Users\Marco\Downloads\Windows6.0-KB971512-x64.msu
2015-04-13 08:08 - 2009-10-28 13:24 - 04814058 _____ () C:\Users\Marco\Downloads\Windows6.0-KB971512-x86.msu
2015-04-13 08:07 - 2015-04-13 08:07 - 14660349 _____ () C:\Users\Marco\Downloads\DirectX_11_Vista.zip
2015-04-13 06:23 - 2015-04-22 12:12 - 00002660 _____ () C:\Windows\PFRO.log
2015-04-10 13:11 - 2015-04-10 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-10 13:10 - 2015-04-10 13:11 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-04-10 13:10 - 2015-04-10 13:10 - 00000000 ____D () C:\Program Files\iPod
2015-04-08 15:27 - 2015-04-08 15:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 15:16 - 2015-04-08 15:16 - 00000000 ____D () C:\ProgramData\ATI
2015-04-08 15:07 - 2015-04-08 15:07 - 00054494 _____ () C:\Windows\system32\CCCInstall_201504081507367714.log
2015-04-08 15:07 - 2015-04-08 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-04-08 15:05 - 2015-04-08 15:06 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-04-08 15:05 - 2015-04-08 15:05 - 00000000 ____D () C:\Program Files\ATI
2015-04-07 14:01 - 2015-04-07 14:01 - 00000000 ____D () C:\Users\Marco\Documents\AnyDVDHD
2015-04-07 13:57 - 2015-04-07 14:00 - 00000040 ___SH () C:\ProgramData\.zreglib
2015-04-07 13:53 - 2015-04-07 13:53 - 00000000 ____D () C:\ProgramData\SlySoft
2015-04-02 19:38 - 2015-04-08 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel
2015-03-31 07:51 - 2015-03-31 08:07 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-31 07:51 - 2015-03-31 07:51 - 00094424 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-03-31 07:51 - 2015-03-31 07:51 - 00008186 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-03-31 07:46 - 2015-04-13 19:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-03-31 07:46 - 2015-04-13 19:30 - 00000000 ____D () C:\Windows\system32\Drivers\NS
2015-03-31 07:46 - 2015-03-31 07:46 - 00000000 ____D () C:\Program Files\Norton Security
2015-03-31 07:37 - 2015-03-31 07:37 - 00000000 ____D () C:\ProgramData\PCSettings

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 07:13 - 2013-10-30 16:22 - 00000000 ____D () C:\FRST
2015-04-25 06:30 - 2011-08-30 16:17 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 06:22 - 2014-08-19 07:58 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2015-04-25 05:36 - 2008-01-21 03:37 - 01437585 _____ () C:\Windows\WindowsUpdate.log
2015-04-25 05:30 - 2012-01-31 19:27 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 05:30 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 05:30 - 2006-11-02 14:46 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-25 05:30 - 2006-11-02 14:46 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-25 05:29 - 2012-04-29 14:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-24 20:46 - 2006-11-02 15:00 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-24 15:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\tracing
2015-04-24 10:23 - 2011-05-18 08:01 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-24 09:20 - 2010-11-01 10:20 - 00000240 _____ () C:\Windows\Tasks\Epson Printer Software Downloader.job
2015-04-24 08:51 - 2010-11-26 20:32 - 00000000 ____D () C:\Users\Marco\AppData\Local\CrashDumps
2015-04-22 14:50 - 2010-11-01 12:03 - 00000088 _____ () C:\Users\Marco\AppData\Roaming\default.pls
2015-04-22 12:20 - 2014-05-13 09:18 - 00000000 ____D () C:\Windows\uninstall
2015-04-22 11:49 - 2012-09-03 17:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-22 11:49 - 2010-12-05 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-04-20 07:31 - 2011-06-22 16:19 - 00000000 ____D () C:\Users\Marco\AppData\Local\Unity
2015-04-17 19:06 - 2006-11-02 14:35 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-04-15 18:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 07:10 - 2013-07-11 15:55 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 07:05 - 2010-11-01 10:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:05 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 07:03 - 2008-01-21 10:24 - 01542944 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 07:01 - 2012-12-21 17:14 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 07:00 - 2012-12-21 17:15 - 00000000 ___RD () C:\Program Files\Skype
2015-04-13 08:23 - 2011-06-15 14:32 - 00002411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-04-13 08:19 - 2011-05-24 17:54 - 00000000 ____D () C:\Windows\system32\directx
2015-04-10 13:11 - 2011-09-08 19:21 - 00000000 ____D () C:\Program Files\iTunes
2015-04-10 13:10 - 2011-09-08 19:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-10 13:10 - 2011-09-08 19:18 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-09 09:24 - 2012-05-24 21:09 - 00000000 ____D () C:\Users\Marco\Desktop\Fahrkosten 2012001
2015-04-09 08:12 - 2011-03-16 09:05 - 00000000 ___RD () C:\Users\Marco\Desktop\Programme
2015-04-08 15:33 - 2010-10-31 18:44 - 00000000 ____D () C:\Users\Marco
2015-04-08 14:40 - 2010-10-31 18:44 - 00002032 _____ () C:\Users\Marco\AppData\Local\d3d9caps.dat
2015-04-08 14:30 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Help
2015-04-08 14:28 - 2014-01-13 20:25 - 00000000 ____D () C:\Users\Marco\AppData\Local\NVIDIA Corporation
2015-04-02 19:56 - 2010-10-31 23:25 - 00062464 _____ () C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-02 19:23 - 2010-11-01 11:07 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Avery
2015-04-02 19:22 - 2012-07-16 09:47 - 00019008 _____ () C:\Users\Marco\Documents\visit.vis
2015-03-31 07:46 - 2010-11-01 15:25 - 00000000 ____D () C:\ProgramData\Norton
2015-03-27 21:18 - 2015-03-21 19:22 - 00196608 _____ () C:\Windows\SPInstall.etl

==================== Files in the root of some directories =======

2010-11-01 12:03 - 2015-04-22 14:50 - 0000088 _____ () C:\Users\Marco\AppData\Roaming\default.pls
2014-05-13 09:21 - 2014-05-13 09:21 - 0000010 _____ () C:\Users\Marco\AppData\Roaming\hhxprot5
2014-05-13 09:23 - 2014-05-13 09:23 - 0000018 _____ () C:\Users\Marco\AppData\Roaming\sys386ll.dat
2010-10-31 18:44 - 2015-04-08 14:40 - 0002032 _____ () C:\Users\Marco\AppData\Local\d3d9caps.dat
2010-10-31 23:25 - 2015-04-02 19:56 - 0062464 _____ () C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-10 13:31 - 2013-08-10 13:31 - 0007358 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2015-04-07 13:57 - 2015-04-07 14:00 - 0000040 ___SH () C:\ProgramData\.zreglib
2009-04-09 13:44 - 2009-04-09 13:44 - 0108066 ____R () C:\ProgramData\DeviceManager.xml.rc4

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 05:37

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2015
Ran by Marco at 2015-04-25 07:14:39
Running from C:\Users\Marco\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-45153375-497558765-2581310702-500 - Administrator - Disabled)
Gast (S-1-5-21-45153375-497558765-2581310702-501 - Limited - Disabled)
Marco (S-1-5-21-45153375-497558765-2581310702-1000 - Administrator - Enabled) => C:\Users\Marco

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

325 USB PC Camera (HKLM\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.162.55015 - ABBYY)
AC3Filter 2.5b (HKLM\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Age of Empires III (HKLM\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
AMD Catalyst Install Manager (HKLM\...\{BC3053AC-FC4E-2073-FE89-A3C68ABFB134}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANNO 1404 (HKLM\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV and Media Player 3.1.1.12 (HKLM\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
ASRock IES (HKLM\...\ASRock IES_is1) (Version: - )
ASRock OC Tuner (HKLM\...\ASRock OC Tuner_is1) (Version: - )
ATI AVIVO Codecs (Version: 10.0.0.40103 - ATI Technologies Inc.) Hidden
Avery Wizard 4.0 (HKLM\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version: - AVM Berlin)
Bass Audio Decoder (remove only) (HKLM\...\Bass Audio Decoder) (Version: - )
Bing Bar (HKLM\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bing-Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CD Audio Reader Filter (remove only) (HKLM\...\CD Audio Reader Filter) (Version: - )
CLIQZ (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.68 - CLIQZ.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM\...\DCoder Image Source) (Version: - )
Die Ritter Version 1.2.5.26131 (HKLM\...\{68ED360C-065C-4BAE-9B35-61C817FF12B6}_is1) (Version: 1.2.5.26131 - My Company, Inc.)
DirectVobSub (remove only) (HKLM\...\DirectVobSub) (Version: - )
DScaler 5 Mpeg Decoders (HKLM\...\DScaler 5 Mpeg Decoders_is1) (Version: - )
Epson Customer Research Participation (HKLM\...\{0459FAF6-D4CA-406C-BA6F-9A3D225ABD1A}) (Version: 1.30.0000 - EPSON)
Epson Easy Photo Print 2 (HKLM\...\{94FA9FA6-5294-494D-A8F1-1E654CBB5736}) (Version: 2.2.3.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON PX650 Series Printer Uninstall (HKLM\...\EPSON PX650 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus Photo PX650_TX650 Handbuch (HKLM\...\Epson Stylus Photo PX650_TX650 Benutzerhandbuch) (Version: - )
ffdshow v1.2.4453 [2012-05-21] (HKLM\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM\...\FFMPEG Core Files) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM\...\{19666E73-D9E5-44D4-8F33-037ED151ECBC}) (Version: 2.1.22.0 - MAGIX AG)
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Free FLV Converter V 7.4.0 (HKLM\...\Free FLV Converter_is1) (Version: 7.4.0.0 - Koyote Soft)
Freemake Video Converter Version 4.1.4 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Gabest MPEG Splitter (remove only) (HKLM\...\Gabest MPEG Splitter) (Version: - )
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HUAWEI DataCard Driver 4.22.19.00 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.22.19.00 - Huawei technologies Co., Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Join Air (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
LAV Filters 0.54.1 (HKLM\...\lavfilters_is1) (Version: 0.54.1 - Hendrik Leppkes)
MadVR (remove only) (HKLM\...\MadVR) (Version: - )
MAGIX Foto Designer 7 (HKLM\...\MAGIX_MSI_FotoDesigner7_silver) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Foto Manager 10 (HKLM\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.137 - MAGIX AG)
MAGIX Foto Manager 10 (Version: 8.0.1.137 - MAGIX AG) Hidden
MAGIX MP3 Maker 15 10.0.0.257 (D) (HKLM\...\MAGIX MP3 Maker 15 D) (Version: 10.0.0.257 - MAGIX AG)
MAGIX Music Editor 3 Free (HKLM\...\Music_Editor_3_silver) (Version: 3.0.0.5 - MAGIX AG)
MAGIX Music Editor 3 Free (Version: 3.0.0.5 - MAGIX AG) Hidden
MAGIX PC Live (HKLM\...\MAGIX_MSI_PC_Live) (Version: 1.0.4.8 - MAGIX AG)
MAGIX PC Live (Version: 1.0.4.8 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\{D97E078B-38A1-40CB-9539-767813BEFF01}) (Version: 4.3.6.1987 - MAGIX AG)
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.302.09.03.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyEpson Portal (HKLM\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\MyFreeCodec) (Version: - )
Nero 8 (HKLM\...\{E9BEF2F6-DBB3-489C-8F80-0CBCA11E1031}) (Version: 8.3.623 - Nero AG)
Norton Security (HKLM\...\NS) (Version: 22.2.0.31 - Symantec Corporation)
OpenSource AVI Splitter (remove only) (HKLM\...\OpenSource AVI Splitter) (Version: - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - )
OpenSource Flash Video Splitter (remove only) (HKLM\...\OpenSource Flash Video Splitter) (Version: - )
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 3.00.14935 - Sony Computer Entertainment Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF-Kalender 11.01 (HKLM\...\{AED10C6E-6D02-46E8-969D-E6B07DC69A61}) (Version: 11.01.000 - Frank Stolzer)
SF-Visitenkarte 11.00 (HKLM\...\{E0202C0E-D4B6-49A4-B5E5-A38B7C09D80F}) (Version: 11.00.000 - Frank Stolzer)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype Web Plugin (HKLM\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73 - TuneUp Software) Hidden
Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version: - Microsoft Corporation)
Unity Web Player (HKU\S-1-5-21-45153375-497558765-2581310702-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vodafone Mobile Connect Lite (HKLM\...\{E3B99F3D-9856-482A-9048-305E28E2510C}) (Version: 9.4.2.14731 - Vodafone)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows-Soundschemas (HKLM\...\UltSounds) (Version: - Microsoft Corporation)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{0207CA76-8233-4478-9A40-607AC304C435}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{2BB2DE4F-FCDF-46F2-9723-5B1959E1BDE0}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Marco\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{95775FC2-FFFA-4432-A4BC-352AB1A84581}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{990D9B6F-6621-11D9-AD6A-000C29B1E318}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\AveryOAd.dll (Avery Dennison Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{9E64CB87-53DB-B2DF-D0DF-8A02663EF731}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{BE892433-7479-4231-AB95-A313BDA3D409}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{D0E9EEAE-9AC7-4204-BA07-B72DD6077E82}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\AvWizRes.dll (Avery Dennison Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-45153375-497558765-2581310702-1000_Classes\CLSID\{D2776BCC-5F09-4068-B4E2-7EE1202F95CF}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)

==================== Restore Points =========================

15-04-2015 20:35:21 Geplanter Prüfpunkt
16-04-2015 19:01:14 Geplanter Prüfpunkt
20-04-2015 15:21:39 Geplanter Prüfpunkt
21-04-2015 10:30:11 Geplanter Prüfpunkt
22-04-2015 11:31:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1675F971-CA1D-4589-99C5-121277C4311D} - System32\Tasks\ASRockSetup => H:\ASRSetup.exe
Task: {1DEEBCE1-8A5F-40D7-8A57-E0BF50B1A9DD} - System32\Tasks\{253EDA3C-95A0-40FB-B5D8-FF9C0B07D17F} => pcalua.exe -a "H:\PROGRAMME\Stick\Neuer Ordner (2)\devsetup32.exe" -d "H:\PROGRAMME\Stick\Neuer Ordner (2)"
Task: {2452FF46-C8A9-49CD-B9B0-D80D4E6C9B39} - System32\Tasks\{9B425E33-84C4-44FA-9906-E4D3FCA9A535} => pcalua.exe -a C:\Users\Marco\Desktop\avm_fritz!wlan_usb_stick_build_100906.exe -d C:\Users\Marco\Desktop
Task: {2BB021BB-CAF9-4D2D-9287-C20994E721B9} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.2.0.31\WSCStub.exe [2015-04-01] (Symantec Corporation)
Task: {2E830C1F-4A93-49B5-8FA3-973EA63377AD} - System32\Tasks\{8B3F4872-FD0A-4612-9F55-357133749867} => pcalua.exe -a I:\AVM_FRITZ!WLAN_Repeater_Assistent.exe -d I:\
Task: {388B4E9B-7184-41F9-A23D-E0D1EE332890} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files\Norton Security\Engine\22.2.0.31\SymErr.exe [2015-02-25] (Symantec Corporation)
Task: {390CBF1A-9775-41B7-9107-6190F2478025} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23] (SEIKO EPSON CORPORATION)
Task: {4859E62D-FE1F-46BC-BFBB-FD626C4C7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {5A92E847-EC42-4C57-8B22-E19F9D2062E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {65A5DB95-DC30-41A3-AC93-9DA199AAEFD1} - System32\Tasks\{9BEAFF55-B455-4EE8-B3FA-25E1D2AED075} => pcalua.exe -a "H:\PROGRAMME\Stick\Neuer Ordner (2)\DriverSetup.exe" -d "H:\PROGRAMME\Stick\Neuer Ordner (2)"
Task: {6D959912-17F1-4DA7-BBA1-E1DE5B625818} - System32\Tasks\{82F51B49-0BF8-4002-8E3C-748054DCB464} => pcalua.exe -a I:\avm_fritz!wlan_usb_stick_n_v2_build_120821.exe -d I:\
Task: {7BF86B24-78E4-4C32-BB92-03B39565EBC3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-25] (Adobe Systems Incorporated)
Task: {88BDB077-E17C-41B0-82E8-210BC263EB2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9F37BB13-447B-42C9-9C8E-2FC38DB17440} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files\Norton Security\Engine\22.2.0.31\SymErr.exe [2015-02-25] (Symantec Corporation)
Task: {B52C6ACE-4A2D-4CDE-B6B6-235E695366BD} - System32\Tasks\{CA258936-6DA8-4D1D-A2B2-D5F8C50801BC} => pcalua.exe -a C:\Users\Marco\Desktop\Neue\avm_fritz!wlan_usb_stick_n_v2_build_120821.exe -d C:\Users\Marco\Desktop\Neue
Task: {C2AE601F-AA4A-4043-8095-63688EF7968F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D3202C36-0A60-40BD-AD46-30AEDE40D2A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {E94B8348-DD1E-41A6-9B57-6C14C2D5A8D3} - System32\Tasks\ASRockIES => C:\Program Files\ASRock Utility\IES\AsrIes.exe [2009-02-25] ()
Task: {EB85ED68-535B-433D-92C6-AB5F1F361325} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F870C7C5-FB8E-4A3D-887B-59374FCF3B4E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Marco => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {FBCBF3A9-D111-44FA-870A-E5CC266E727D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-01-27 00:11 - 2013-12-06 22:18 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-30 09:51 - 2013-08-30 09:51 - 00501560 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2010-10-31 21:16 - 2007-04-21 10:36 - 00270336 _____ () C:\Windows\tsnp325.exe
2010-10-31 21:16 - 2007-05-10 14:18 - 00835584 _____ () C:\Windows\vsnp325.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8924043A
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:A9056F42
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-45153375-497558765-2581310702-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marco\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
DNS Servers: 217.68.161.141 - 217.68.161.171

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: MobileConnect => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2015 05:30:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 06:50:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.2.5583 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 107c
Anfangszeit: 01d07eae000d94cd
Zeitpunkt der Beendigung: 54057

Error: (04/24/2015 09:34:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 08:51:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 37.0.2.5583, Zeitstempel 0x552ef76c, fehlerhaftes Modul mozalloc.dll, Version 37.0.2.5583, Zeitstempel 0x552ee9ae, Ausnahmecode 0x80000003, Fehleroffset 0x00001aa1,
Prozess-ID 0x6fc, Anwendungsstartzeit plugin-container.exe0.

Error: (04/24/2015 08:51:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.2.5583 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1574
Anfangszeit: 01d07e4d5546d32f
Zeitpunkt der Beendigung: 2272

Error: (04/24/2015 07:11:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 08:11:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.2.5583 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1678
Anfangszeit: 01d07d859e81a688
Zeitpunkt der Beendigung: 60000

Error: (04/23/2015 06:59:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2015 08:11:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: FreemakeUtilsService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentException
Stapel:
bei System.Security.Principal.SecurityIdentifier..ctor(System.String)
bei FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
bei FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
bei FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
bei FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
bei FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
bei System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
bei System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 01:06:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.2.5583 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1850
Anfangszeit: 01d07cebafe2df94
Zeitpunkt der Beendigung: 18985


System errors:
=============
Error: (04/25/2015 05:30:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
UimBus
Uim_IM

Error: (04/25/2015 05:29:04 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description:

Error: (04/24/2015 06:39:38 PM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.12
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/24/2015 06:34:28 PM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.12
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/24/2015 09:34:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
UimBus
Uim_IM

Error: (04/24/2015 09:32:24 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description:

Error: (04/24/2015 07:11:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
UimBus
Uim_IM

Error: (04/24/2015 07:09:14 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description:

Error: (04/23/2015 04:48:30 PM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.12
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/23/2015 09:37:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-04-25 07:14:24.312
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:24.067
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:23.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:23.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:08.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:08.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:08.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:14:08.218
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:13:58.510
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20150418.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-04-25 07:13:58.263
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20150418.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 3262.58 MB
Available physical RAM: 1936.46 MB
Total Pagefile: 6760.29 MB
Available Pagefile: 4856.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.27 GB) (Free:33.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Filme) (Fixed) (Total:97.66 GB) (Free:14.6 GB) NTFS
Drive e: (Bilder) (Fixed) (Total:97.66 GB) (Free:76.95 GB) NTFS
Drive f: (Musik) (Fixed) (Total:97.66 GB) (Free:86.17 GB) NTFS
Drive g: (Dokumente) (Fixed) (Total:69.51 GB) (Free:56.41 GB) NTFS
Drive h: (Programme) (Fixed) (Total:34.18 GB) (Free:26.84 GB) NTFS
Drive i: (Donload) (Fixed) (Total:40.34 GB) (Free:11.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D1D7F600)
Partition 1: (Active) - (Size=103.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=167.2 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 5E34328D)
Partition 1: (Not Active) - (Size=34.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=40.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-25 07:41:29
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 WDC_WD5000AADS-00S9B0 rev.01.00A01 465,76GB
Running: q170kemb.exe; Driver: C:\Users\Marco\AppData\Local\Temp\ugloypog.sys


---- System - GMER 2.1 ----

SSDT 873838B8 ZwAlertResumeThread
SSDT 872762C8 ZwAlertThread
SSDT 86650E68 ZwAllocateVirtualMemory
SSDT 87151FB0 ZwAlpcConnectPort
SSDT 87880270 ZwAssignProcessToJobObject
SSDT 873836F0 ZwCreateMutant
SSDT 8723E338 ZwCreateSymbolicLinkObject
SSDT 87293478 ZwCreateThread
SSDT 87880330 ZwDebugActiveProcess
SSDT 86650FC0 ZwDuplicateObject
SSDT 8786F618 ZwFreeVirtualMemory
SSDT 87383738 ZwImpersonateAnonymousToken
SSDT 873837F8 ZwImpersonateThread
SSDT 878804B0 ZwLoadDriver
SSDT 8786F5C0 ZwMapViewOfSection
SSDT 87383258 ZwOpenEvent
SSDT 8780FF98 ZwOpenProcess
SSDT 87293A48 ZwOpenProcessToken
SSDT 87383160 ZwOpenSection
SSDT 8780FEC8 ZwOpenThread
SSDT 8723E4E8 ZwProtectVirtualMemory
SSDT 8723E268 ZwQueueApcThread
SSDT 8723E198 ZwReadVirtualMemory
SSDT 87276388 ZwResumeThread
SSDT 86650E30 ZwSetContextThread
SSDT 873446E8 ZwSetInformationProcess
SSDT 878803F0 ZwSetSystemInformation
SSDT 87383198 ZwSuspendProcess
SSDT 8728CBB8 ZwSuspendThread
SSDT 8723FB58 ZwTerminateProcess
SSDT 8728CC78 ZwTerminateThread
SSDT 8780FE08 ZwUnmapViewOfSection
SSDT 8786F6E8 ZwWriteVirtualMemory
SSDT 8723E408 ZwCreateThreadEx

---- EOF - GMER 2.1 ----

Alt 25.04.2015, 10:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 
bei mir öfnet sich bei mausklick immer alles doppelt - Standard

bei mir öfnet sich bei mausklick immer alles doppelt


Hi,

als erstes bitte mal ne andere Maus testen.
__________________

__________________
Antwort

Themen zu bei mir öfnet sich bei mausklick immer alles doppelt
adware, bonjour, browser, computer, cpu, downloader, error, excel, firefox, flash player, helper, installation, karte, mozilla, mp3, musik, realtek, registry, security, software, stick, svchost.exe, symantec, system, windows


« Trojaner von Kaspersky nicht gelöscht | Computer seit Freitag sehr langsam »


Ähnliche Themen: bei mir öfnet sich bei mausklick immer alles doppelt


  1. Alles ist Doppelt unterstrichen (chrome)
    Log-Analyse und Auswertung - 16.05.2015 (1)
  2. fremdbrowser offnen sich per mausklick
    Plagegeister aller Art und deren Bekämpfung - 14.05.2015 (1)
  3. getwindowinfo öfnet sich permanent von alleine
    Plagegeister aller Art und deren Bekämpfung - 07.08.2014 (28)
  4. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öfnet sich hintereinander
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (9)
  5. Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...
    Plagegeister aller Art und deren Bekämpfung - 07.07.2014 (20)
  6. Windows7: Mozilla firefox öfnet immer http://arl16.ezpowerads.com Fenster
    Log-Analyse und Auswertung - 20.09.2013 (7)
  7. Dachtaste kam immer gleich doppelt - Trojan.ZbotR.Gen gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (10)
  8. [doppelt]mein OTL-Logfile; Problem: sein kurzem immer wieder CPU-Auslastung
    Mülltonne - 07.11.2011 (1)
  9. Mein Netbook macht seit ein paar Tagen Sonderzeichen immer doppelt. --> keylogger?
    Plagegeister aller Art und deren Bekämpfung - 18.08.2011 (4)
  10. InternetExplorer öfnet sich von selbst mit werbung
    Plagegeister aller Art und deren Bekämpfung - 16.01.2011 (15)
  11. Trojaner gelöscht, I-net Explorer immer noch doppelt im Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 15.01.2010 (19)
  12. Mein log file °online-guru.biz öfnet sich automatisch mit internetexplorer°
    Log-Analyse und Auswertung - 20.01.2009 (7)
  13. E-Mail immer gleich doppelt
    Alles rund um Windows - 25.12.2006 (5)
  14. Links (http) lassen sich nicht mehr per Mausklick öffnen
    Log-Analyse und Auswertung - 05.09.2006 (1)
  15. Alles doppelt C:Windows/inet200004
    Plagegeister aller Art und deren Bekämpfung - 10.02.2006 (3)
  16. Alles neu und immer noch...
    Log-Analyse und Auswertung - 25.07.2005 (1)
  17. Mausklick=AltTabulator?
    Alles rund um Windows - 22.04.2003 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema bei mir öfnet sich bei mausklick immer alles doppelt - defogger_disable by jpshortstuff (23.02.10.1) Log created at 07:44 on 25/04/2015 (Marco) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Scan result of Farbar Recovery - bei mir öfnet sich bei mausklick immer alles doppelt...
Archiv
Du betrachtest: bei mir öfnet sich bei mausklick immer alles doppelt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131