Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: [Win8] Notebook hängt sich auf

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.06.2015, 22:32   #1
sevenoaks
 
[Win8] Notebook hängt sich auf - Standard

[Win8] Notebook hängt sich auf



Hallo, Danke erstmal dass es so hilfsbereite Leute wie euch gibt.
Mein PC mit Windows 8 hängt sich seit wenigen Tagen immer wieder auf und lässt sich dann nur per Power Knopf ausschalten. Ich habe das Gefühl er stürzt nur bei Videos im Firefox ab (sowohl Flash als auch HTML5 etc.) könnte natürlich aber auch an der benötigen Rechenleistung beim Abspielen von Videos liegen.
Die CPU Auslastung beim öffnen von Seiten im Firefox steigt gewaltig in die Höhe und Firefox benötigt auffallend viel Arbeitsspeicher auch bei einfachen Seiten (über 200-300MB)
Vor ein paar Tagen hat sich ein automatisches Windows Update installiert nachdem hat mein PC mehrere Male ein Bluescreen angezeigt sich dann aber irgendwann "selber repariert" (Irgendwas mit Festplattenüberprüfung - checke bei diesen ganzen Windows 8 Funktionen nicht mehr durch)
Ich hoffe ich kann eine Win8 Neuinstallation vermeiden da ich meine Daten nicht verlieren will und der Netbook auch kein CD Laufwerk hat.
Ich weiß das die Formulierungen teilweiße sehr schwammig sind.
Avira findet keinen Virus
Treiber&Firefox Plugins alle aktualisiert

Vielen Dank!
EDIT: FRST Log doch im Anhang


Hier der FRST Log

Alt 20.06.2015, 06:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

[Win8] Notebook hängt sich auf - Standard

[Win8] Notebook hängt sich auf



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 20.06.2015, 09:11   #3
sevenoaks
 
[Win8] Notebook hängt sich auf - Standard

[Win8] Notebook hängt sich auf



Sorry , wusste nicht wo man es einfügen soll.
Liebe Grüße


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by fefe (administrator) on NOTEBOOK on 19-06-2015 23:26:46
Running from C:\Users\Philipp\Downloads
Loaded Profiles: fefe (Available Profiles: fefe)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-11-15] ()
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Run: [Power2GoExpress] => [X]
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Run: [pdiface] => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [283608 2013-10-30] (Bitdefender)
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-06-01] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-06-01] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-06-01] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-06-01] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-06-19]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
SearchScopes: HKU\S-1-5-21-1911493899-2226937123-519388930-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
SearchScopes: HKU\S-1-5-21-1911493899-2226937123-519388930-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0C0DyByDyCtAyByBzztCyCtN0D0Tzu0SyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=242845020&ir=
SearchScopes: HKU\S-1-5-21-1911493899-2226937123-519388930-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-19] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default
FF SearchEngineOrder.1: Mysearchdial
FF Homepage: https://www.google.de/
FF Keyword.URL: 
FF NetworkProxy: "autoconfig_url", "https://secure.premiumize.me/ff2fcfd274174669f726b02164a5a990/proxy.pac"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-02-11] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-02-23] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-02-11] (Adobe Systems)
FF user.js: detected! => C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\user.js [2014-08-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\searchplugins\avira-safesearch.xml [2015-02-27]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\searchplugins\Mysearchdial.xml [2014-02-20]
FF Extension: Avira SafeSearch - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\safesearch@avira.com [2015-06-17]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-02-20]
FF Extension: Ghostery - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\firefox@ghostery.com.xpi [2014-08-28]
FF Extension: Premiumize.me - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-02-20]
FF Extension: FlashGot - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-05-02]
FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-20]
FF Extension: DownThemAll! - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ktxg2msp.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
R3 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-29] (Electronic Arts)
R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender)
R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [520360 2013-03-25] (iWin Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\drivers\lgandbus.sys [28520 2014-06-17] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2014-06-17] (Google Inc)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-05-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-12-19] (Audials AG)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 23:26 - 2015-06-19 23:27 - 00023326 _____ C:\Users\Philipp\Downloads\FRST.txt
2015-06-19 23:26 - 2015-06-19 23:26 - 02109952 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2015-06-19 23:26 - 2015-06-19 23:26 - 00000000 ____D C:\FRST
2015-06-19 23:01 - 2015-06-19 23:05 - 00000000 ____D C:\ProgramData\Oracle
2015-06-19 23:01 - 2015-06-19 23:01 - 01124072 _____ (Adobe Systems Incorporated) C:\Users\Philipp\Downloads\readerdc_de_ha_install.exe
2015-06-19 23:00 - 2015-06-19 23:00 - 00562784 _____ (Oracle Corporation) C:\Users\Philipp\Downloads\jre-8u45-windows-i586-iftw.exe
2015-06-19 22:51 - 2015-06-19 22:51 - 00000000 _____ C:\Windows\setuperr.log
2015-06-19 22:51 - 2015-06-19 22:51 - 00000000 _____ C:\Windows\setupact.log
2015-06-19 21:54 - 2015-06-19 23:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-19 21:54 - 2015-06-19 21:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-19 21:49 - 2015-06-19 21:49 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-19 21:49 - 2015-06-19 21:49 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-19 21:35 - 2015-06-19 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-06-19 21:35 - 2015-06-19 21:35 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-06-19 10:09 - 2015-06-19 21:35 - 00001949 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-06-19 10:09 - 2015-06-19 21:35 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-18 23:58 - 2015-06-18 23:58 - 00000016 _____ C:\Users\Philipp\Desktop\TV-20141209-1725-0542.hq.mp4
2015-06-17 14:26 - 2015-06-17 14:26 - 00000000 _____ C:\Users\Philipp\Desktop\Festival Koffer.txt
2015-06-14 13:05 - 2015-06-19 22:22 - 00000022 _____ C:\Windows\S.dirmngr
2015-06-13 10:08 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-13 10:08 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-06-13 10:08 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-06-13 10:07 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-06-13 10:07 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-13 10:07 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-13 10:07 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-13 10:07 - 2015-01-16 00:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-13 10:07 - 2014-10-29 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-13 10:07 - 2014-10-29 04:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-13 10:07 - 2014-10-29 04:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-13 10:07 - 2014-10-29 04:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-13 10:07 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-06-13 10:07 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-06-13 10:07 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-06-13 10:07 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-06-13 10:07 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-06-13 10:07 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-06-13 10:07 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-06-13 10:06 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-13 10:06 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-13 10:06 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-13 10:06 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-13 10:06 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-13 10:06 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-13 10:06 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-13 10:06 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-13 10:06 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-13 10:06 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-06-13 10:06 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-13 10:06 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-13 10:06 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-13 10:06 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-13 10:06 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-13 10:06 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-13 10:06 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-13 10:06 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-13 10:06 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-06-13 10:06 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-06-13 10:06 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-06-13 10:06 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-06-13 10:06 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-06-13 10:06 - 2014-12-08 21:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-06-13 10:06 - 2014-12-08 21:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-06-13 10:06 - 2014-12-06 03:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-06-13 10:06 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-13 10:06 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-13 10:06 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-06-13 10:06 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-06-13 10:06 - 2014-10-29 06:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-06-13 10:06 - 2014-10-29 06:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-06-13 10:06 - 2014-10-29 05:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-06-13 10:06 - 2014-10-29 05:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-06-13 10:06 - 2014-10-29 05:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-06-13 10:06 - 2014-10-29 05:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-06-13 10:06 - 2014-10-29 05:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-06-13 10:06 - 2014-10-29 05:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-06-13 10:06 - 2014-10-29 05:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-06-13 10:06 - 2014-10-29 05:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-06-13 10:06 - 2014-10-29 05:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-06-13 10:06 - 2014-10-29 04:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-06-13 10:06 - 2014-10-29 03:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-06-13 10:06 - 2014-10-29 03:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-06-13 10:06 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-06-13 10:06 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-06-13 10:06 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-06-13 10:05 - 2014-10-29 04:42 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-06-13 10:05 - 2014-10-29 03:19 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-13 10:05 - 2014-10-29 02:59 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-06-13 10:04 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-13 10:04 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-12 14:15 - 2015-06-12 14:24 - 107666824 _____ C:\Users\Philipp\Downloads\LXuMa-Obs.zip
2015-06-12 13:06 - 2015-06-12 13:13 - 718475380 _____ C:\Users\Philipp\Downloads\ableton_live_trial_9.1.9_32.zip
2015-06-09 21:40 - 2015-06-09 21:41 - 60892020 _____ C:\Users\Philipp\Downloads\MAYLA+-+Demo.zip
2015-06-09 21:40 - 2015-06-09 21:40 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-07 12:28 - 2015-06-07 12:28 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-07 03:32 - 2015-06-19 20:44 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-06-07 03:32 - 2015-06-19 20:44 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-06-07 03:31 - 2015-06-07 03:31 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-06-02 22:44 - 2015-06-19 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-22 15:36 - 2015-05-22 15:38 - 00000000 ____D C:\Users\Philipp\Desktop\BFD
2015-05-21 13:47 - 2015-05-21 18:16 - 00000000 __RHD C:\ESD
2015-05-21 13:46 - 2015-05-21 13:46 - 01322960 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\mediacreationtool.exe
2015-05-21 13:39 - 2015-05-21 13:39 - 00060965 _____ C:\Users\Philipp\Downloads\pkeyuibx_v1.5.0.zip
2015-05-21 13:37 - 2015-05-21 13:37 - 04954736 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\WindowsSetupBox.exe
2015-05-21 13:34 - 2015-05-21 13:34 - 01196832 _____ C:\Users\Philipp\Downloads\Windows 8 1 Setup Tool - CHIP-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 23:19 - 2014-02-21 16:45 - 01058368 _____ C:\Windows\WindowsUpdate.log
2015-06-19 23:14 - 2014-02-20 17:19 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1911493899-2226937123-519388930-1001
2015-06-19 23:10 - 2014-02-20 17:14 - 00000074 _____ C:\Users\Philipp\AppData\Roaming\sp_data.sys
2015-06-19 23:10 - 2014-02-18 14:27 - 00003268 _____ C:\Windows\System32\Tasks\AsusVibeSchedule
2015-06-19 23:10 - 2014-02-18 14:27 - 00003004 _____ C:\Windows\System32\Tasks\ASUS Splendid ColorU
2015-06-19 23:10 - 2014-02-18 14:27 - 00002988 _____ C:\Windows\System32\Tasks\ASUS Splendid ACMON
2015-06-19 23:10 - 2014-02-18 14:25 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2015-06-19 23:10 - 2014-02-18 14:25 - 00003052 _____ C:\Windows\System32\Tasks\ASUS P4G
2015-06-19 23:10 - 2014-02-18 14:25 - 00003024 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
2015-06-19 23:09 - 2014-02-20 22:34 - 03697152 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2015-06-19 23:08 - 2014-02-21 16:36 - 00000000 ____D C:\Users\Philipp
2015-06-19 23:02 - 2014-02-20 18:32 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-19 23:01 - 2014-02-20 18:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-19 23:01 - 2014-02-20 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-19 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-19 22:29 - 2013-11-14 09:27 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-19 22:29 - 2013-11-14 09:11 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-06-19 22:29 - 2013-11-14 09:11 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-06-19 22:23 - 2015-05-06 21:20 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-06-19 22:22 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-19 22:21 - 2014-02-20 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-19 21:54 - 2014-02-20 18:12 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2015-06-19 21:43 - 2014-02-24 18:51 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2015-06-19 20:44 - 2014-03-25 07:40 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{85E050F2-485D-4731-AA43-198232E585EC}
2015-06-19 11:59 - 2014-02-18 14:25 - 00000000 ____D C:\ProgramData\P4G
2015-06-19 11:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2015-06-19 10:09 - 2013-04-26 01:18 - 00000000 ____D C:\ProgramData\McAfee
2015-06-17 12:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-17 11:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-17 10:07 - 2015-01-04 17:36 - 00000094 _____ C:\Users\Philipp\Desktop\todo.txt
2015-06-15 13:42 - 2014-05-23 11:41 - 00013824 ___SH C:\Users\Philipp\Documents\Thumbs.db
2015-06-15 13:42 - 2014-02-20 22:34 - 00560640 ___SH C:\Users\Philipp\Downloads\Thumbs.db
2015-06-14 13:06 - 2014-02-21 18:47 - 00000000 ___RD C:\Users\Philipp\SkyDrive
2015-06-14 13:04 - 2013-08-22 16:44 - 05028896 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 13:00 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-14 03:32 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-14 03:26 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-11 10:59 - 2014-08-28 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-11 10:57 - 2014-08-28 00:22 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-11 10:57 - 2014-08-28 00:22 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-11 10:46 - 2014-08-28 00:18 - 00000000 ____D C:\ProgramData\Avira
2015-06-10 21:01 - 2014-08-28 00:17 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-10 21:00 - 2014-08-28 00:18 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-07 03:31 - 2013-04-26 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-06-07 03:31 - 2013-04-26 01:16 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-06-03 09:10 - 2015-05-19 21:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2015-05-27 23:06 - 2014-11-27 22:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-27 23:06 - 2014-11-27 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-27 09:40 - 2014-11-27 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-27 00:21 - 2014-02-20 19:31 - 00000000 ____D C:\Users\Philipp\AppData\Local\JDownloader v2.0
2015-05-22 15:43 - 2014-07-20 19:28 - 00000000 ____D C:\Users\Philipp\Desktop\Bewerbungen

==================== Files in the root of some directories =======

2014-04-23 17:34 - 2014-04-23 17:34 - 0000132 _____ () C:\Users\Philipp\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-02-20 17:14 - 2015-06-19 23:10 - 0000074 _____ () C:\Users\Philipp\AppData\Roaming\sp_data.sys
2014-02-20 19:38 - 2014-02-20 19:38 - 0000046 _____ () C:\Users\Philipp\AppData\Roaming\WB.CFG
2014-04-24 11:15 - 2014-04-24 11:27 - 0001456 _____ () C:\Users\Philipp\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-20 18:02 - 2014-02-20 18:02 - 0664023 _____ () C:\ProgramData\1392911494.bdinstall.bin
2014-03-25 08:03 - 2014-03-25 08:03 - 0257816 _____ () C:\ProgramData\1395725836.bdinstall.bin
2014-03-25 13:13 - 2014-03-25 13:13 - 0692548 _____ () C:\ProgramData\1395745156.bdinstall.bin
2014-07-09 12:24 - 2014-07-09 12:24 - 0255238 _____ () C:\ProgramData\1404901322.bdinstall.bin
2014-07-09 12:25 - 2014-07-09 12:25 - 0062193 _____ () C:\ProgramData\1404901497.bdinstall.bin
2014-07-21 16:49 - 2014-07-21 16:49 - 0643864 _____ () C:\ProgramData\1405952948.bdinstall.bin
2014-08-28 00:20 - 2014-08-28 00:20 - 0311209 _____ () C:\ProgramData\1409177771.bdinstall.bin
2014-08-28 00:19 - 2014-08-28 00:19 - 0050050 _____ () C:\ProgramData\1409177960.bdinstall.bin
2015-01-29 23:21 - 2015-01-29 23:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-02-20 17:19 - 2014-02-20 17:22 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-02-20 17:18 - 2014-02-20 17:19 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-10 10:25

==================== End of log ============================
         
--- --- ---


Additional:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by fefe at 2015-06-19 23:28:40
Running from C:\Users\Philipp\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1911493899-2226937123-519388930-500 - Administrator - Disabled)
fefe (S-1-5-21-1911493899-2226937123-519388930-1001 - Administrator - Enabled) => C:\Users\Philipp
Gast (S-1-5-21-1911493899-2226937123-519388930-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1911493899-2226937123-519388930-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
Audials (HKLM-x32\...\{A480B7D2-F849-4C28-A1E0-B4F0B5C39328}) (Version: 12.0.60600.0 - Audials AG)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.59.52 - Conexant)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.1.1 - The GnuPG Project)
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
mSIGNA version 0.8.15 (HKLM-x32\...\{AF37692D-E75C-4939-914B-3B1FEC197971}_is1) (Version: 0.8.15 - Ciphrex Corporation)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyFreeCodec (HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\MyFreeCodec) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ATTENTION
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Syncios Version 3.0.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.5 - Anvsoft, Inc.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Telegram Desktop version 0.8.24 (HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.24 - Telegram Messenger LLP)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Tony Hawk's American Wasteland (HKLM-x32\...\Tony Hawk's American Wasteland_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1911493899-2226937123-519388930-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1911493899-2226937123-519388930-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1911493899-2226937123-519388930-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1911493899-2226937123-519388930-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-06-2015 13:41:13 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03BF80A2-F2A9-4113-924A-F66ABE8F319A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {155F0D19-E655-42C3-98F5-FFEEAD0AE039} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {18491390-BA03-4CFE-AA4B-0FF905FF1CEE} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {1E35E3A4-45AF-489C-9ECE-E22C4FB89DA7} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe [2013-03-25] (iWin Inc.)
Task: {1F43A68E-2DF8-4974-894B-BC05A0BB3833} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {3CD6BE58-A3F0-4917-A56F-61B5373AF937} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {47B607C1-1CBA-466C-85FA-12601D3924E7} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {60480A03-5188-4BCA-BDF2-5665AD8496A8} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {7C773A37-01E7-4BAE-8A22-E939D90FC106} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {DA331DD4-7FE4-4394-BD82-08B7A35A661A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {DD7A24A3-1449-40C0-BD81-5FD07B448CBF} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-05-28] (AsusTek)
Task: {DEFDEBED-05C6-4FC6-B6EB-2F19CB519000} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-04-29] (ASUS)
Task: {F9F8C828-342A-4077-A00B-FEBB5ABFD69A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-07 16:54 - 2013-10-07 16:54 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-24 23:40 - 2013-11-15 18:44 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-04-29 18:03 - 2013-04-29 18:03 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 16:44 - 2013-10-07 16:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-10-07 16:47 - 2013-10-07 16:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-02-18 14:15 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-17 18:42 - 2014-06-25 10:13 - 01457664 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-06-17 18:42 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2012-05-24 22:19 - 2012-05-24 22:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-24 23:40 - 2014-01-27 17:53 - 00377344 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-02-24 23:40 - 2013-03-01 11:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-02-24 23:40 - 2013-03-01 11:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Philipp\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Philipp\Downloads\AiO_071_000_201_000_CDA_Enterprise_Network_enu_64.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\bitdefender_tsecurity(1).exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\bitdefender_tsecurity.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\HP_(Hewlett_Packard)_Officejet_4300_Treiber_Update_02-2014.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\IDM33Setup.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\iDump_Setup.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\scribus_26472.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\syncios.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\TrueCrypt Setup 7.1a.exe:BDU
AlternateDataStreams: C:\Users\Philipp\Downloads\unetbootin-windows-603.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1911493899-2226937123-519388930-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => 
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: DisableS3S4 => 
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: mcpltui_exe => 
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1911493899-2226937123-519388930-1001\...\StartupApproved\Run: => ""

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BB0EEF4D-1BE7-482B-809A-30837EA19241}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{90B31EEF-0F58-49CD-8C23-4C14F47EBF2C}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{E7518730-ED23-4731-89AB-5122D7AAFB40}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{06EF5E1B-597F-4B7C-A9D5-967F340CC289}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{D04A1E03-89CB-4A1B-A468-FFF1C6D3AFBD}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{5159D572-4AC1-4A8D-AF0C-F31B27B866E4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{296FDC7C-5F94-47AC-B716-9B1D06204208}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D3E50245-8C8F-41F9-B0C2-2BC038317FE1}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{EF8567E7-5ACE-4408-97C7-95750D54A7E3}] => (Allow) LPort=12972
FirewallRules: [{CD98B2F8-A21E-431D-9D72-E8C3A711706C}] => (Allow) LPort=14714
FirewallRules: [{586F8E22-4AD5-4C44-A9EC-6A45889D3068}] => (Allow) LPort=31931
FirewallRules: [{68E6D97A-1426-481C-899E-1D6F076CCDC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0EDD4DA4-976C-416D-88CD-65712055D2D2}C:\users\philipp\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Block) C:\users\philipp\downloads\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{569ADB0A-BE45-422C-BFC1-AF23EA22995B}C:\users\philipp\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Block) C:\users\philipp\downloads\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{55AE045B-A736-49B3-855F-DF969770063D}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{F98F0961-E3CA-4A0A-9626-D0F669DDB7FD}] => (Allow) LPort=5357
FirewallRules: [{0DC644A5-F83B-4131-AAB4-96DF8D33387A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{95C80D04-DC6D-4A27-9CF8-3B193D3068D6}] => (Allow) %systemroot%\system32\alg.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2015 11:01:57 PM) (Source: MsiInstaller) (EventID: 1002) (User: Notebook)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (06/19/2015 11:01:10 PM) (Source: MsiInstaller) (EventID: 1002) (User: Notebook)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (06/19/2015 09:35:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.3.9600.17055 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1320

Startzeit: 01d0aac6f9b385e9

Endzeit: 15

Anwendungspfad: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Berichts-ID: 4d069a1e-16ba-11e5-8006-60a44cd75637

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (06/19/2015 09:34:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Notebook)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2147019873. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/19/2015 08:41:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1296) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU00EE7.log.

Error: (06/19/2015 10:09:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avguard.exe, Version: 15.0.11.572, Zeitstempel: 0x555f17a4
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f7ce6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000a46a9
ID des fehlerhaften Prozesses: 0x5a0
Startzeit der fehlerhaften Anwendung: 0xavguard.exe0
Pfad der fehlerhaften Anwendung: avguard.exe1
Pfad des fehlerhaften Moduls: avguard.exe2
Berichtskennung: avguard.exe3
Vollständiger Name des fehlerhaften Pakets: avguard.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avguard.exe5

Error: (06/18/2015 02:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x8b0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/17/2015 06:55:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/15/2015 00:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Telegram.exe, Version 0.8.7.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd4

Startzeit: 01d0a757d9718bfe

Endzeit: 70

Anwendungspfad: C:\Users\Philipp\AppData\Roaming\Telegram Desktop\Telegram.exe

Berichts-ID: 827048bb-134c-11e5-bfff-60a44cd75637

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/15/2015 00:41:27 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database


System errors:
=============
Error: (06/19/2015 11:28:26 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (06/19/2015 11:09:17 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:09:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:09:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (06/19/2015 11:09:02 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:08:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:08:55 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:08:52 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:08:49 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/19/2015 11:08:45 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


Microsoft Office:
=========================
Error: (06/19/2015 11:01:57 PM) (Source: MsiInstaller) (EventID: 1002) (User: Notebook)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (06/19/2015 11:01:10 PM) (Source: MsiInstaller) (EventID: 1002) (User: Notebook)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (06/19/2015 09:35:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.17055132001d0aac6f9b385e915C:\Windows\ImmersiveControlPanel\SystemSettings.exe4d069a1e-16ba-11e5-8006-60a44cd75637windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel

Error: (06/19/2015 09:34:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Notebook)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147019873

Error: (06/19/2015 08:41:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1296SRUJet: C:\Windows\system32\SRU\SRU00EE7.log-1811 (0xfffff8ed)

Error: (06/19/2015 10:09:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avguard.exe15.0.11.572555f17a4MSVCR120.dll12.0.21005.1524f7ce6c0000409000a46a95a001d0aa66969c2775C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\Avira\AntiVir Desktop\MSVCR120.dll7dce3313-165a-11e5-8005-60a44cd75637

Error: (06/18/2015 02:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa18b001d0a9c28921cc0cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlle7fb4ea7-15b5-11e5-8004-60a44cd75637

Error: (06/17/2015 06:55:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/15/2015 00:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Telegram.exe0.8.7.0bd401d0a757d9718bfe70C:\Users\Philipp\AppData\Roaming\Telegram Desktop\Telegram.exe827048bb-134c-11e5-bfff-60a44cd75637

Error: (06/15/2015 00:41:27 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 40%
Total physical RAM: 3917.86 MB
Available physical RAM: 2338.27 MB
Total Pagefile: 4621.86 MB
Available Pagefile: 2687.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:49.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:199.75 GB) (Free:196.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7EDA9738)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________

Alt 21.06.2015, 07:19   #4
schrauber
/// the machine
/// TB-Ausbilder
 

[Win8] Notebook hängt sich auf - Standard

[Win8] Notebook hängt sich auf



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Pogo Games


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu [Win8] Notebook hängt sich auf
adware, antivirus, auslastung, avira, bluescreen, computer, cpu, desktop, festplatte, firefox, flash player, helper, hängt, internet, internet explorer, programm, scan, security, server, software, svchost, tcp, udp, usb, windows




Ähnliche Themen: [Win8] Notebook hängt sich auf


  1. Win8.1: Laptop hängt wenn Maus bewegt wird
    Plagegeister aller Art und deren Bekämpfung - 18.03.2015 (27)
  2. Notebook Win8 - Befall mit Keylogger Wolfeye?
    Log-Analyse und Auswertung - 18.03.2015 (9)
  3. WIN8: Computer startet langsam, hängt sich auf, Daten nicht auffindbar
    Plagegeister aller Art und deren Bekämpfung - 21.12.2014 (13)
  4. Win8, Laptop hängt sich auf,Touchpad reagiert nicht, unaneforderte Fenster gehen auf...
    Log-Analyse und Auswertung - 05.12.2014 (7)
  5. Schwarzer Bildschirm nach dem Einloggen auf Win8 Notebook
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (13)
  6. Notebook hängt sich andauernd auf
    Alles rund um Windows - 27.07.2014 (4)
  7. Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (7)
  8. Notebook hängt öfters und stürzt ab..
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (1)
  9. Notebook hängt sich ständig auf und fährt runter
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (5)
  10. Notebook hängt/stottert zwischendurch
    Log-Analyse und Auswertung - 19.04.2013 (4)
  11. Notebook (MD96630) hängt für paar sekunden (CPU 100%)
    Log-Analyse und Auswertung - 31.10.2012 (19)
  12. Notebook hängt immer! Windows 7 Home Premium
    Alles rund um Windows - 02.04.2011 (34)
  13. Notebook hängt sich beim Doppelklick machmal auf
    Plagegeister aller Art und deren Bekämpfung - 04.04.2010 (17)
  14. Notebook hängt sich auf !
    Log-Analyse und Auswertung - 02.12.2009 (9)
  15. Notebook hängt sich auf!
    Alles rund um Windows - 07.04.2009 (3)
  16. Notebook hängt 3 Minuten nach dem Auffahren!
    Log-Analyse und Auswertung - 27.07.2008 (1)
  17. Notebook erst langsam, dann hängt er sich auf
    Alles rund um Windows - 06.01.2008 (2)

Zum Thema [Win8] Notebook hängt sich auf - Hallo, Danke erstmal dass es so hilfsbereite Leute wie euch gibt. Mein PC mit Windows 8 hängt sich seit wenigen Tagen immer wieder auf und lässt sich dann nur per - [Win8] Notebook hängt sich auf...
Archiv
Du betrachtest: [Win8] Notebook hängt sich auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.