langsamer computer

hellas.88 · 25.05.2015, 13:07

Code:

ATTFilter

Emsisoft Emergency Kit - Version 9.0
Last update: 25/5/2015 2:03:00 μμ
User account: Zeus-PC\Zeus

Scan settings:

Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:	25/5/2015 2:03:31 μμ
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	detected: Setting.DisableRegistryTools (A)
C:\ProgramData\Avira\Antivirus\INFECTED\07957ab0.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\08453c0e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\08c7495a.qua -> (Quarantine-8) 	detected: Application.Bundler.HG (B)
C:\ProgramData\Avira\Antivirus\INFECTED\09c28184.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\09de2f38.qua -> (Quarantine-8) 	detected: Adware.Suptab.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0a0441c8.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0a567321.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0ca126d2.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0d741be2.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0ed24dd7.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0fc73bf9.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\11b8e6ae.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\12f67f7d.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1371774c.qua -> (Quarantine-8) 	detected: Application.Generic.872997 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\14f84970.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\15f4125c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\163ad22c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\173e891c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1804681b.qua -> (Quarantine-8) -> (NSIS o) -> zlib_nsis0000 	detected: Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\19b12e6d.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\19d2fd5e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1a460fe3.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1b865873.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1ba5b963.qua -> (Quarantine-8) 	detected: Gen:Variant.Adware.Kazy.566748 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1bf37ba4.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1c6b316f.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1d76f229.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1df34ddb.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1e358db6.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\232c9d0a.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2969b677.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2a9f7660.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2b7f7f85.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2ca5bfe4.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2db4f908.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2e423978.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\30c72dee.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\30f8abeb.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\317525cc.qua -> (Quarantine-8) 	detected: Adware.Agent.OFO (B)
C:\ProgramData\Avira\Antivirus\INFECTED\34b666dc.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3770a6b5.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\386c263b.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39945ff8.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39ea5064.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39f56d10.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3a619fac.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3b23453e.qua -> (Quarantine-8) 	detected: Adware.SearchProtect.AC (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3bf05cfd.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3d6edac2.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\40503968.qua -> (Quarantine-8) 	detected: Adware.SearchProtect.W (B)
C:\ProgramData\Avira\Antivirus\INFECTED\41e8d507.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4227634c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\422e154f.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\42d96921.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\431c5a62.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\438e705e.qua -> (Quarantine-8) 	detected: Application.Generic.961669 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\43931cf2.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\44e65dd5.qua -> (Quarantine-8) 	detected: Adware.Generic.1068408 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\455455e9.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\457aadcf.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\45b254b2.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\467494dd.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\46bc6d82.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48196405.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48b80c22.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48fc1c5e.qua -> (Quarantine-8) 	detected: Adware.Agent.PKL (B)
C:\ProgramData\Avira\Antivirus\INFECTED\49ac214c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\49ebe38f.qua -> (Quarantine-8) 	detected: Gen:Variant.Adware.Jatif.294 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4b8da7b4.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\50363c5b.qua -> (Quarantine-8) 	detected: Gen:Variant.Adware.Mplug.44 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\504f3970.qua -> (Quarantine-8) 	detected: Gen:Variant.Adware.MPlug.33 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\506d33fd.qua -> (Quarantine-8) 	detected: Adware.Agent.PKL (B)
C:\ProgramData\Avira\Antivirus\INFECTED\50890c54.qua -> (Quarantine-8) 	detected: Adware.RollAround.A (B)
C:\ProgramData\Avira\Antivirus\INFECTED\508e4422.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5126d6e7.qua -> (Quarantine-8) 	detected: Gen:Variant.Application.Bundler.Amonetize.21 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\513b35ef.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\51e2303e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5217f059.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\52af35a3.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\52df1d74.qua -> (Quarantine-8) -> (NSIS o) -> zlib_nsis0000 	detected: Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\531a8814.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\537c889b.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\547e8dc5.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\57b84daf.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5880ee9f.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5b141c35.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5b462ed5.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5c0dc09c.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5f4a3518.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5fce00e1.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\666c13fb.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\66ad6712.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\672a6f3f.qua -> (Quarantine-8) 	detected: Application.Generic.1016044 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\67f700f0.qua -> (Quarantine-8) 	detected: Trojan.Generic.12752903 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6816de0a.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\69462d7e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6a586f49.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6a80ed1e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6e301fd8.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6ee71a43.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\7120e61e.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\75dac1d3.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\761c0198.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\7e3a27d9.qua -> (Quarantine-8) -> (NSIS o) -> zlib_nsis0000 	detected: Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\7fe5b29d.qua -> (Quarantine-8) 	detected: Adware.Linkey.B (B)

Scanned	223535
Found	106

Scan end:	25/5/2015 2:53:39 μμ
Scan time:	0:50:08

C:\ProgramData\Avira\Antivirus\INFECTED\7fe5b29d.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\7e3a27d9.qua	Quarantined Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\761c0198.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\75dac1d3.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\7120e61e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6ee71a43.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6e301fd8.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6a80ed1e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6a586f49.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\69462d7e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\6816de0a.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\67f700f0.qua	Quarantined Trojan.Generic.12752903 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\672a6f3f.qua	Quarantined Application.Generic.1016044 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\66ad6712.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\666c13fb.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5fce00e1.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5f4a3518.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5c0dc09c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5b462ed5.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5b141c35.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5880ee9f.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\57b84daf.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\547e8dc5.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\537c889b.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\531a8814.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\52df1d74.qua	Quarantined Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\52af35a3.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5217f059.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\51e2303e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\513b35ef.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\5126d6e7.qua	Quarantined Gen:Variant.Application.Bundler.Amonetize.21 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\508e4422.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\50890c54.qua	Quarantined Adware.RollAround.A (B)
C:\ProgramData\Avira\Antivirus\INFECTED\506d33fd.qua	Quarantined Adware.Agent.PKL (B)
C:\ProgramData\Avira\Antivirus\INFECTED\504f3970.qua	Quarantined Gen:Variant.Adware.MPlug.33 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\50363c5b.qua	Quarantined Gen:Variant.Adware.Mplug.44 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4b8da7b4.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\49ebe38f.qua	Quarantined Gen:Variant.Adware.Jatif.294 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\49ac214c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48fc1c5e.qua	Quarantined Adware.Agent.PKL (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48b80c22.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\48196405.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\46bc6d82.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\467494dd.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\45b254b2.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\457aadcf.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\455455e9.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\44e65dd5.qua	Quarantined Adware.Generic.1068408 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\43931cf2.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\438e705e.qua	Quarantined Application.Generic.961669 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\431c5a62.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\42d96921.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\422e154f.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4227634c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\41e8d507.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\40503968.qua	Quarantined Adware.SearchProtect.W (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3d6edac2.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3bf05cfd.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3b23453e.qua	Quarantined Adware.SearchProtect.AC (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3a619fac.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39f56d10.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39ea5064.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\39945ff8.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\386c263b.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\3770a6b5.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\34b666dc.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\317525cc.qua	Quarantined Adware.Agent.OFO (B)
C:\ProgramData\Avira\Antivirus\INFECTED\30f8abeb.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\30c72dee.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2e423978.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2db4f908.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2ca5bfe4.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2b7f7f85.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2a9f7660.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\2969b677.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\232c9d0a.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1e358db6.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1df34ddb.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1d76f229.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1c6b316f.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1bf37ba4.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1ba5b963.qua	Quarantined Gen:Variant.Adware.Kazy.566748 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1b865873.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1a460fe3.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\19d2fd5e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\19b12e6d.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1804681b.qua	Quarantined Application.Bundler.Outbrowse.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\173e891c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\163ad22c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\15f4125c.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\14f84970.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\1371774c.qua	Quarantined Application.Generic.872997 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\12f67f7d.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\11b8e6ae.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0fc73bf9.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0ed24dd7.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0d741be2.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0ca126d2.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0a567321.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\0a0441c8.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\09de2f38.qua	Quarantined Adware.Suptab.F (B)
C:\ProgramData\Avira\Antivirus\INFECTED\09c28184.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\08c7495a.qua	Quarantined Application.Bundler.HG (B)
C:\ProgramData\Avira\Antivirus\INFECTED\08453c0e.qua	Quarantined Adware.Linkey.B (B)
C:\ProgramData\Avira\Antivirus\INFECTED\07957ab0.qua	Quarantined Adware.Linkey.B (B)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Quarantined Setting.DisableRegistryTools (A)

Quarantined	106

habe das mit dem AdwCleaner.zip hochgeladen es hier auch Datei erfolgreich hochgeladen

habe als link den link von diesem thema benutzt wahr das richtig ? weil ich sehe hier nichts das es hochgeladen wurde

schrauber · 26.05.2015, 05:57

Du hast die AdwCleaner.exe hochgeladen, also das Programm

Ich brauch den Ordner C:\AdwCleaner.

hellas.88 · 28.05.2015, 11:21

hahahahaha

ok hat es jetzt geklappt?

ne frage habe gestern den computer runtergefahren und kurz bevor das bild schwarz wird wahr ein lila bild und stand er ist tot jim ???? wahr aber nur paar Sekunden konnte nicht lesen was da noch stand was hatte das zu bedeuten ?

schrauber · 28.05.2015, 20:04

nutzt Du Chrome?

hellas.88 · 28.05.2015, 21:08

ja weil mozilla und explorer noch langsamer sind als chrome, chrome funktioniert am besten

schrauber · 29.05.2015, 17:52

Die Meldung von Jim ist von Chrome, weil er abgeschmiert ist.

Frisches FRST log bitte.

hellas.88 · 29.05.2015, 18:24

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by Zeus (administrator) on ZEUS-PC on 29-05-2015 20:16:14
Running from C:\Users\Zeus\Downloads\FRST-OlderVersion
Loaded Profiles: Zeus (Available Profiles: Zeus)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DVDVideoSoft Ltd.) C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1303872 2015-03-12] (Lavasoft)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-09-11]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {8C4AAEDA-F9FF-44d4-BA7F-DB7F55AE47D3} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {B5906189-5FA6-4151-9547-065BDAE0B0B3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\abs@avira.com [2015-05-27]
FF Extension: Bing Search Engine - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\bingsearch.full@microsoft.com [2015-03-08]
FF Extension: Video Downloader Professional - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-03-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12]
FF Extension: Video DownloadHelper - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-10]
FF HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-22]

Chrome: 
=======
CHR Profile: C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Brushed) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2015-04-20]
CHR Extension: (Adblock Plus) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-24]
CHR Extension: (Avira SafeSearch) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-05-24]
CHR Extension: (Video Downloader professional) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-05-24]
CHR Extension: (Links Checker) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2015-05-24]
CHR Extension: (Bookmark Manager) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-05-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24]
CHR Extension: (No Name) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-05-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-19] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-12] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-30] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-05-25] (Emsisoft GmbH)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation                           )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 14:41 - 2015-05-29 20:12 - 00000000 ____D () C:\Users\Zeus\Desktop\battellog
2015-05-27 12:11 - 2015-05-27 12:11 - 00022186 _____ () C:\Users\Zeus\Downloads\AW- Kontaktformular ist eingegangen..html
2015-05-26 23:41 - 2015-05-26 23:41 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-26 23:41 - 2015-05-26 23:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-26 23:40 - 2015-05-26 23:40 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-26 23:14 - 2015-05-26 23:14 - 01197344 _____ () C:\Users\Zeus\Downloads\OpenOffice - CHIP-Installer.exe
2015-05-26 22:31 - 2015-05-27 12:11 - 16757701 _____ () C:\Users\Zeus\Desktop\AdwCleaner.zip
2015-05-26 21:10 - 2015-05-26 21:10 - 00003335 _____ () C:\Users\Zeus\Downloads\Abmeldung.html
2015-05-26 20:21 - 2015-05-26 20:21 - 00000000 ___SD () C:\ComboFix
2015-05-25 13:58 - 2015-05-25 13:59 - 00000000 ____D () C:\EEK
2015-05-25 13:54 - 2015-05-25 13:54 - 00006661 _____ () C:\Users\Zeus\Downloads\AW- Heirat in GRC.html
2015-05-25 13:46 - 2015-05-25 13:52 - 154486952 _____ () C:\Users\Zeus\Downloads\EmsisoftEmergencyKit.exe
2015-05-24 15:53 - 2015-05-28 11:49 - 00000000 ____D () C:\Users\Zeus\Desktop\hochzeit
2015-05-24 13:22 - 2015-05-24 13:23 - 02347384 _____ (ESET) C:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe
2015-05-24 13:04 - 2015-05-29 20:16 - 00000000 ____D () C:\Users\Zeus\Downloads\FRST-OlderVersion
2015-05-22 23:47 - 2015-05-22 23:47 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ZEUS-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-22 23:47 - 2015-05-22 23:47 - 00000000 ____D () C:\RegBackup
2015-05-22 23:41 - 2015-05-22 23:42 - 02720009 _____ (Thisisu) C:\Users\Zeus\Downloads\JRT.exe
2015-05-22 23:02 - 2015-05-25 14:59 - 00000000 ____D () C:\Users\Zeus\Desktop\Sicherheitsprogramme
2015-05-22 22:58 - 2015-05-24 13:11 - 00000000 ____D () C:\AdwCleaner
2015-05-22 22:35 - 2015-05-22 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-22 22:34 - 2015-05-22 22:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-22 22:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-22 22:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-22 22:31 - 2015-05-22 22:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Zeus\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (3)
2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (2)
2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (1)
2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx
2015-05-21 12:22 - 2015-05-21 12:22 - 00028041 _____ () C:\ComboFix.txt
2015-05-21 11:54 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-21 11:54 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-21 11:54 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-21 11:53 - 2015-05-26 20:21 - 00000000 ____D () C:\Qoobox
2015-05-21 11:53 - 2015-05-21 12:19 - 00000000 ____D () C:\Windows\erdnt
2015-05-21 11:44 - 2015-05-21 11:52 - 05627500 ____R (Swearware) C:\Users\Zeus\Desktop\ComboFix.exe
2015-05-20 14:37 - 2015-05-20 14:37 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Zeus\Downloads\tdsskiller.exe
2015-05-20 14:36 - 2015-05-29 17:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 14:36 - 2015-05-22 23:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-20 14:36 - 2015-05-22 22:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-20 14:35 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-20 14:34 - 2015-05-20 14:35 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Zeus\Downloads\mbar-1.09.1.1004.exe
2015-05-20 00:05 - 2015-05-20 00:06 - 00046825 _____ () C:\Users\Zeus\Downloads\Addition.txt
2015-05-20 00:04 - 2015-05-29 20:16 - 00000000 ____D () C:\FRST
2015-05-20 00:04 - 2015-05-24 13:05 - 00030009 _____ () C:\Users\Zeus\Downloads\FRST.txt
2015-05-19 23:58 - 2015-05-24 13:04 - 02108416 _____ (Farbar) C:\Users\Zeus\Downloads\FRST64.exe
2015-05-19 21:02 - 2015-05-19 21:02 - 01219529 _____ () C:\Users\Zeus\Downloads\dmt3d.zip
2015-05-18 13:08 - 2015-05-18 13:08 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-05-17 20:01 - 2015-05-17 20:01 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-05-17 20:01 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-05-17 20:01 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-05-17 20:01 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-05-17 20:00 - 2015-05-17 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-05-17 19:58 - 2015-05-17 20:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-05-17 19:58 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-05-17 19:50 - 2015-05-17 19:57 - 28598072 _____ (TuneUp Software) C:\Users\Zeus\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieUserList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieSiteList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieBrowserModeList
2015-05-10 13:48 - 2015-05-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2015-05-10 13:40 - 2015-05-10 13:42 - 23308160 _____ (TomTom International B.V.) C:\Users\Zeus\Downloads\InstallMyDriveConnect.exe
2015-04-30 08:21 - 2015-04-30 08:21 - 00000025 _____ () C:\Users\Zeus\Desktop\speicher.vbs
2015-04-30 01:29 - 2015-04-30 01:29 - 00146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 00000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:28 - 2015-04-30 01:28 - 00385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 00000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 00007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg
2015-04-30 00:26 - 2015-04-30 00:26 - 00000027 _____ () C:\Users\Zeus\Documents\vbs.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 20:00 - 2015-03-03 15:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 19:53 - 2015-04-16 18:24 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-29 19:17 - 2014-06-23 15:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 17:28 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 14:56 - 2014-06-22 15:47 - 01237016 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 14:35 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 14:35 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 14:26 - 2015-03-03 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 14:26 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 14:26 - 2009-07-14 07:51 - 00048040 _____ () C:\Windows\setupact.log
2015-05-27 00:56 - 2014-06-22 15:55 - 00064504 _____ () C:\Users\Zeus\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-27 00:55 - 2009-07-14 07:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-26 23:49 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Zeus\Desktop\Programme
2015-05-26 23:40 - 2014-11-15 18:10 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Adobe
2015-05-26 23:39 - 2014-11-18 17:54 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-26 20:15 - 2015-03-03 17:29 - 00000000 ____D () C:\Users\Zeus\Desktop\KINOFILME
2015-05-24 21:11 - 2015-03-03 15:45 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 21:11 - 2015-03-03 15:45 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-22 23:22 - 2014-06-22 17:19 - 00375762 _____ () C:\Windows\PFRO.log
2015-05-21 22:22 - 2015-03-03 17:28 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FLV and Media Player
2015-05-21 12:22 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default
2015-05-21 12:10 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-20 20:06 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus\AppData\Local\VirtualStore
2015-05-20 17:49 - 2015-03-08 19:08 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\Skype
2015-05-19 16:43 - 2014-06-22 16:39 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-19 16:43 - 2014-06-22 16:39 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-18 23:03 - 2014-10-11 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-05-17 20:09 - 2015-03-01 20:52 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Downloaded Installations
2015-05-17 20:09 - 2014-06-22 17:15 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2015-05-14 01:22 - 2014-06-22 17:54 - 00000000 ____D () C:\Users\Zeus\Desktop\Bilder
2015-05-11 22:55 - 2009-07-14 20:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2015-05-11 22:55 - 2009-07-14 20:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2015-05-11 22:55 - 2009-07-14 08:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 13:21 - 2014-06-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-30 09:03 - 2014-06-23 15:48 - 00000000 ___RD () C:\Users\Zeus\Desktop\musik
2015-04-30 07:39 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus
2015-04-30 07:38 - 2015-03-12 22:37 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-04-30 07:38 - 2015-03-03 17:44 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FreeFLVConverter
2015-04-30 07:38 - 2015-03-03 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:05 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\DVDVideoSoft
2015-04-30 07:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration

==================== Files in the root of some directories =======

2015-04-30 01:28 - 2015-04-30 01:28 - 0385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 0000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:29 - 2015-04-30 01:29 - 0146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 0000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 0007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Zeus\AppData\Local\Temp\avgnt.exe
C:\Users\Zeus\AppData\Local\Temp\Quarantine.exe
C:\Users\Zeus\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 01:17

==================== End of log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Zeus at 2015-05-29 20:17:05
Running from C:\Users\Zeus\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-65031845-1434384236-1651786591-500 - Administrator - Disabled)
Gast (S-1-5-21-65031845-1434384236-1651786591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-65031845-1434384236-1651786591-1004 - Limited - Enabled)
Zeus (S-1-5-21-65031845-1434384236-1651786591-1000 - Administrator - Enabled) => C:\Users\Zeus

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
ATI Catalyst Install Manager (HKLM\...\{DDD72DB8-BB69-1AE3-9E21-BFD1CB87AEDF}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira (HKLM-x32\...\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}) (Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B11.0704.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0704.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.2 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.2.0 - Koyote Lab Inc.)
Free M4a to MP3 Converter 8.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MyDriveConnect 4.0.2.2123 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.2.2123 - TomTom)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.19.0 - Lenovo Group Limited)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
TP-LINK TL-WN8200ND Treiber (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

17-05-2015 19:58:59 TuneUp Utilities 2014 wird installiert
21-05-2015 11:54:09 ComboFix created restore point
26-05-2015 23:38:27 OpenOffice 4.1.1 wird installiert

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2014-06-22 16:01 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {191367D4-F00C-44A2-A017-0FCC8371B805} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {2A6679B7-6C96-453A-B354-EA3595422F92} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {34291951-AB4F-490B-AE70-A37914A51A4C} - System32\Tasks\{DD5BC084-286B-40E6-8F3F-DD5960FAE55A} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_100428_DE.zip\Setup-win7.exe
Task: {5192145D-CD85-4787-804E-5F8840185308} - System32\Tasks\{1F1D1F9D-37B7-4D69-81CE-56BD484D8CD9} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_V4_Driver.zip\TL-WN821N_v4_Driver\Setup.exe
Task: {7C8CEB7D-19E5-401F-86C0-D0F2899D8C28} - System32\Tasks\Opera scheduled Autoupdate 1410268254 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {93D4F73C-37CC-452E-948C-88D06F645F5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {AB13EBFC-1999-4629-887C-D11C7FD608D5} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {ACFA591D-C425-4D03-B274-018A7DC8C16E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {D65BDFB8-5C77-4B48-98DC-4CDFC8DF5D08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-09-11 12:42 - 2013-04-09 11:55 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-06-07 23:11 - 2011-06-07 23:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 01401856 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00113320 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\zlib1.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00301224 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\stat.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00106664 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_filesystem-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00022696 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_system-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00046760 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_date_time-vc120-mt-1_56.dll
2014-06-22 18:07 - 2015-03-01 18:34 - 00085672 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\suhvadapter.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00041640 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00088744 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00030888 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_chrono-vc120-mt-1_56.dll
2014-06-22 18:07 - 2015-03-01 18:33 - 00062120 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mmconv-pinv.dll
2014-06-22 18:07 - 2015-03-01 18:34 - 00027304 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mminfo-pinv.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zeus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{8C7A61EE-7833-4F77-9377-B7C4A7B7609E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{96490CE0-1C32-40D3-971F-E0992116D9B2}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{FDB93697-5175-4B8E-A6F5-058E434A44B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{94BB7645-CF74-4264-886D-CBED8032B54F}] => (Allow) LPort=2869
FirewallRules: [{DC6B9843-FA71-4362-8713-EC6FB7F66F9C}] => (Allow) LPort=1900
FirewallRules: [{6C98B2AC-47C1-4345-9AFE-E005F502A36B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{36D112A2-FF2C-4134-8A2C-565C6E67AD92}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{FD7EFE41-AB56-4E3A-B540-C8D59C0EC4A5}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{CE95C921-9B90-40AD-B5BA-B58D2E52F6EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3110DA2-4795-41B2-ADEE-7E09309EE610}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09FFFB11-B658-4E1A-9A89-44A226A23717}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{8BED0B5D-1EFA-45B2-BD68-285FEB45C7C2}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{D3ED4C06-1BCA-40B2-A3BC-233C0B81FBC0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [TCP Query User{4647FFA1-838C-4126-8952-D7FBC5BDD6A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D1648E-A8E8-4DD6-8373-F3F572AC3895}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9FF0DC4A-C1D3-4A33-8DB9-526FEF98EF7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F278949-5A85-4856-8E32-657FD17F3F25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{35F63927-47FB-49C7-8E0E-AA70C5401B25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{2DFC8961-8C5F-402C-A389-B0D28515A3B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2015 11:38:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Falscher Parameter.
.

Error: (05/26/2015 11:38:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Falscher Parameter.
.

Error: (05/26/2015 00:46:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/24/2015 05:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TWCU.exe, Version: 0.0.0.0, Zeitstempel: 0x516270de
Name des fehlerhaften Moduls: RtlLib.dll, Version: 700.1067.330.2011, Zeitstempel: 0x4d93eea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001df9
ID des fehlerhaften Prozesses: 0xa3c
Startzeit der fehlerhaften Anwendung: 0xTWCU.exe0
Pfad der fehlerhaften Anwendung: TWCU.exe1
Pfad des fehlerhaften Moduls: TWCU.exe2
Berichtskennung: TWCU.exe3

Error: (05/24/2015 02:55:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/24/2015 02:52:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/24/2015 01:28:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen

Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0x80072EFD) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EFD


System errors:
=============
Error: (05/29/2015 07:51:46 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2015 06:55:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (05/29/2015 02:26:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/29/2015 00:41:08 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/28/2015 10:57:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/28/2015 10:52:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/28/2015 09:59:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/28/2015 08:05:04 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/28/2015 08:04:35 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/28/2015 08:04:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070


Microsoft Office:
=========================
Error: (05/26/2015 11:38:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Falscher Parameter.

Error: (05/26/2015 11:38:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Falscher Parameter.

Error: (05/26/2015 00:46:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Zeus\downloads\esetsmartinstaller_deu.exe

Error: (05/24/2015 05:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TWCU.exe0.0.0.0516270deRtlLib.dll700.1067.330.20114d93eea6c000000500001df9a3c01d0962f2901dfddC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exeC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RtlLib.dll31d3070f-0223-11e5-aace-50e5495b3fda

Error: (05/24/2015 02:55:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (05/24/2015 02:52:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe

Error: (05/24/2015 01:28:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe

Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen

Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0x80072EFD66c92734-d682-4d71-983e-d6ec3f16059f

Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EFD00010001(0x00000000, 17:39:55:366 - hxxp://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 17:39:55:367)
00030001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00030002(0x00000000, 17:39:55:368 - 0)
00040001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00040002(0x00000000, 17:39:55:374 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:02:449 - <NULL>)
00040006(0x00000000, 17:40:02:449 - 1, hxxp://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:02:449 - 0)
0002000C(0x00000000, 17:40:02:677 - 302)
0002000E(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com/SLWGA/slwga.asmx)
00020001(0x00000000, 17:40:02:677)
00030001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00030002(0x00000000, 17:40:02:677 - 0)
00040001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00040002(0x00000000, 17:40:02:697 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:05:259 - <NULL>)
00040006(0x00000000, 17:40:05:259 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:05:259 - 0)
00020008(0x80072EFD, 17:40:06:262 - SOAPAction: "hxxp://microsoft.com/SL/GenuineAdvantageService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>SLWGA</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xsi:nil="1"/></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[5]"><TokenEntry><Name>GenuineAdvantagePhase</Name><Value>GenuineAdvantagePhase1</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageVersion</Name><Value>1.0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageTemplateId</Name><Value>66c92734-d682-4d71-983e-d6ec3f16059f</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientTransactionId</Name><Value>237bd71b-b3a2-4f1d-bb78-df7f8aec3f5b</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientToken</Name><Value>&lt;clienttoken&gt;&lt;token&gt;&lt;name&gt;ClientEvent&lt;/name&gt;&lt;type&gt;EventType&lt;/type&gt;&lt;value&gt;0x00000012&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:FirstValidation&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:MachineId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;68nHrEQXmoShpceO+X1EdeJxmRUHvz6NYBgo82FT/lk=&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:NumberTimesNonGenuine&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:RemainingRearmCount&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;4&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:TimeNonGenuine&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:TotalValidations&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ADMIN:UGUID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;83194d9d-2864-4f51-b5d9-95d1c2a6cd16&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;AUOptionsLocal&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;2&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ActiveSkuDescription&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows Operating System - Windows(R) 7, OEM_SLP channel&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ActiveSkuId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;7cfd4696-69a9-4af7-af36-ff3d12b6b6c8&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;CodeSigning&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;SIGNED_INFO_PRS_SIGNED&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;DomainJoined&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;false&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;EditionId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Ultimate&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;HROffline&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;0x00000000&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OSVersion&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;6.1.7601.2.00010100.1.0.001&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OfflineGenuineBlob&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;zv4KvSFwbZ7G46SSImjYQ6rG1rd1/lGD8wrqsSKhsMl6kammAbskXR69a9a60dy//TozcFAMykAEB3wjtSnCo24E6G5hwCWclngHjpEVA/Qyz4j5w35IrK9L3HQLik6F69icRX+LuLm/hRPi89Euc/ywiaYCrXvUACd9xnUANik1xaUYQmfnMeWaidsaYNEExEu/FR6YdtpWtUnNiz19uX8AoIePXwtcqzCwrF8wST4jIkp81qriwvZPu6XkeaaZE3E095vrqqktCqSnzfRfR+kNHzvmvRu7kojviuCvkhRf+q9Ey3yD5cgbuPzQoWHYp8/6Fqc8B+D3fOJN0Rml2P1a7yh6KSqzweqPWtJa++fFC5la+davQRCtq9VNaMGLuZdvwnrKETrlM41ToaTG//76kjGCwPE78EeBBY/em9QUHkGN6gQQYugdFSPn1BBe66MfENEEjXnQc2Nd5Ar92+rxSxNIt063vQDndYUNzMy6Nt9l8D8xbWSM1t7gLQVgVtRIuKvMNwJUztQKekPHsLOSOWV7wFPxQpqUh02MtpCN16dpy96hNWANARwmZ+tW/s2rDFkK5r3aq/qU84+IlWvfm5mOrzT3t5M1fB7WhkaHK/xCCUIMfuT3ukrgxzQCugq1JyYOKuAlrGtBSy55jwpOcbh7WTVnTgkCSFMeXkVAs7vrGzFUx1cGQVkO37HTBYgnX1FpaluMaM0pNLjwQ3QEs/7vF5kGKh9cztVSl5QPt0iKq4GUekCrkn/Y1Fk+it8H1UrRP7nzjkEYu1x5fBaXx8fqTksB36xT+xk+STlUJky326/KKwT1UUqpHEImh0qPsfINE/16gw8nVCluPtiCibcvvGxq/Itf9HNZY89W50csLRrfxZKKae2m+ISQq7w+gLSiJjSjqQ+3bb56F0s+VywGABsi6X4zlhzGj2xa+yRHuvt8qr+rTO8zVPRWr7jrSsXGRwaT1rv1gVl/aMu2Owu95AdWMQGIaHCCuyezhw2E7Pp/qaBvVCRC2hKqcQD5FvjEKj8T38E2f26N+oMCwIxJacZxclHln0Df3gYtdh5cHDJ+ecKCZvRV/gUgygW7AUG7JQga35A7D5PlM0yhng6oMNVQLgFes2dkxeghGMErauAqTlZoicOATO09iQ7gpkWNyK3/7W3BqFaQt2pRkiqKlwveNpji/VXes+dRqUf5y9o+qsA/t4bIA0s7vtu1El1gzY7+hyy9US6FXf89CP+VZoVtWfSaFaYYvOIm2R1fvjG8VOJaDrlvNMXTptXO5yzgGZyLTw77xGuFT4Qox8IHE8LCLx+V1n4+aHdi0ATHIK3YBDgidIk2RfTZHDyIJ0S4OKrdXzrAT/PK/U+nP4YdkfA95+ohSuAuho3MgGuAKeBcyhScXsQShPfOVp9QCyYpagOL0uO1UxMsWYw/hrwvZeUwzepQDe/RKjcq3sW5GpUrRYrpD1KS8PP4h6XbF7x2yt70Fu+VnuLyKcBJ/5n6y0c8NDtPu+F+NKOl+Hj2LVR/NK2OdJ61+pZCFCtyyQQJbq1YqcfUO8hobZtESiA+Ffi5/p3xkDlQB16iCYkKGOFYr9DWzmkzu5QVr4dYcsgznXOPh7kIqlS3iClEZ0EhVHxk95NdhmoFQ/5XrQ93vSOM3vcPqxr0ffMLC5xgVm0N8rdBH1o84eEddfeYGygsR+r4asjD6RgK82gM+ZmFRJd6nnzKI9yi6qhs2uty62lYsXF594pPi/fnefptcra+EVY+z1cIcoXi40HUvFsJeD8jOjCbmefvEZIibBvVq8+30Z+hYHmYpISs/v4Y19T9OdiD8xRpaDSu9kjL6PsbxdJx54dQZ3neGX43B5LAvRb0pQHP1kG0VCosLm74tuSueJdK/kjOiKCdLj0zkYsd2wNX1IbLQ+y+gHYd7CpfwJl033pKXxyolCsS+9chliPpazoH/AORGvvUAb43PG+jnjrnLTK2B9uj5bati+xAniY32ZQtEVsMm5ikIm5bZAownhdQUBiKJzvRfmjNO87VdcXzu8mvLNBSMjMufH8dWtYbuGy/Kl2VDcefpbzRIm7XuukI5NDbTMoBVTXQKgg8ypmev+6UrcVTwabXvxnhso8J+igFKwrmCBwZARW1UT4NtDjG2yC/43wavBp2C2TCbe4hz0bny58mHHHgoMO/78KwdwLgYwlhkViKKRo2ov/JMegCkU+f/1r64SaIV09TSqiyCKPKify69DraZjozv1Y3MSN/6f7cZaltYX/jH2pW4J1yjyvPXnGjp0iTVoMF53YTlurycuFs+JZFbbGggEnw5D823I1kWpc3X22BxiJsp2LKZPIhpij/Ad4FKQki2JcN4s5HAfbxXo+iqdDY7VfFSjxidgm10baGh6IaO0hW4YA0cg6NHn5191aBS9Q4xpgBWCEpnzULNS5re76HbgoW7iJPWnmX7Ps0vZYdto41GFN1wxlI6jq/pN5Sl0N+uy0M8pCx0oo1pkgLTHmMkPp+dGzgjg5DQnc37pYZtLcclowN80ofXsNubMre0XYair2pbgckymXWKatT5AzKexo4V8zSRXbXKC4YF91sfPnDDLJrT02EFJkyGbSo4JVRgoPngEzYdw5M6nYThhgww7HBgkuHzehBsJjXxM6rbj1cw6553WbDhJTUM3gFOPD3vlggCb+7aJUeROAbxB7Yikx5uJwYe+micnajJW2OEKinqzDwvratS/x9weZ49N2zJJRYYel0cteRF4sV14XY/0CiD8wGvfgLOn8hfV0zGpmN15uRLGZmzlvvWRrSs/Doa/AdZw/CfqPTtcf1NYTnWnuy9VKMIEBVzkePK7gztmUIGFTtrAK42CcnaQZ/6aUOGDP4/OwWhIHNQD6Sis8dEALTqYyFIdrLY77j5y9/9XPbL0Lmsh0oKAfhoWduBFr6wK/3V4vF8m0V8LjgOCosV9ynxHGGIxezcbax31d/26KhLoK0cKJwnNMaWpoTZsT7C8UGGs4vZwve5Pv5&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;OfflineInstallationId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;006134351525108221474195581264706331605336839035988556&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PackageFlavor&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PackageVersion&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;7.1.7600.16395&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;PartnerId&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProcessorArchitecture&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;x64&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1031&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductName&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Windows 7 Ultimate&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ProductUniquenessGroups&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;66c92734-d682-4d71-983e-d6ec3f16059f&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;ServiceAvailable&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;true&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;SystemLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1031&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;UserLCID&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;1031&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_ComputerSystem:Manufacturer&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;Gigabyte Technology Co., Ltd.&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_ComputerSystem:Model&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;GA-A75M-S2V&lt;/value&gt;&lt;/token&gt;&lt;token&gt;&lt;name&gt;WMI:Win32_OperatingSystem:InstallDate&lt;/name&gt;&lt;type&gt;Info&lt;/type&gt;&lt;value&gt;20140622155009.000000+180&lt;/value&gt;&lt;/token&gt;&lt;/clienttoken&gt;</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EFD, 17:40:06:271 - <NULL>)
00010003(0x80072EFD, 17:40:06:271)


CodeIntegrity Errors:
===================================
  Date: 2015-05-21 12:02:14.718
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-21 12:02:14.671
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 16:12:52.056
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 16:12:52.056
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 16:12:45.207
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 16:12:45.207
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD A6-3670 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 73%
Total physical RAM: 3581.37 MB
Available physical RAM: 941.67 MB
Total Pagefile: 7160.93 MB
Available Pagefile: 3090.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:381.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F32986E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of log ============================

also der computer lauft in letzter zeit ganz gut

schrauber · 30.05.2015, 13:32

Browser auch wieder ok? Was besteht alles noch an Problemen?

hellas.88 · 30.05.2015, 14:19

Ja ist alles super soweit vielen herzlichen dank

eine frage gibt es eine moeglichkeit das die filme ZB youtube,kinokiste schnellder geladen werden so das sie nicht haengen bleiben ?

schrauber · 31.05.2015, 05:45

Nee, das liegt entweder am Browser oder an deiner Internetleitung

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

26.05.2015, 05:57	#17
schrauber /// the machine /// TB-Ausbilder	langsamer computer Du hast die AdwCleaner.exe hochgeladen, also das Programm Ich brauch den Ordner C:\AdwCleaner. __________________ __________________

28.05.2015, 20:04	#19
schrauber /// the machine /// TB-Ausbilder	langsamer computer nutzt Du Chrome? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

29.05.2015, 17:52	#21
schrauber /// the machine /// TB-Ausbilder	langsamer computer Die Meldung von Jim ist von Chrome, weil er abgeschmiert ist. Frisches FRST log bitte. __________________ --> langsamer computer

30.05.2015, 13:32	#23
schrauber /// the machine /// TB-Ausbilder	langsamer computer Browser auch wieder ok? Was besteht alles noch an Problemen? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

langsamer computer

Log-Analyse und Auswertung: langsamer computer