Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun

AnimaAngelo · 07.07.2015, 21:42

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by AnimaAngelo (administrator) on ANIMAANGELO-PC on 07-07-2015 22:34:57
Running from C:\Users\AnimaAngelo\Downloads
Loaded Profiles: AnimaAngelo (Available Profiles: AnimaAngelo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-06-23] (Glarysoft Ltd)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GoogleChromeAutoLaunch_E24E5488099F34B5CE81DB9BDD8DD73F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {30b370ae-cd4c-11e4-aeaa-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {30b370bc-cd4c-11e4-aeaa-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {456eda21-bd0b-11e4-993c-e811328cda84} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {4bf25c62-4ae8-11e4-b2ac-f1fbf90de8ca} - G:\Startme.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {4eea69ed-ffc9-11e4-a868-e811328cda84} - F:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {6ae20e6b-cba4-11e4-a6ac-e811328cda84} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {9b017a32-cee4-11e4-90d4-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {b3a85d28-ce20-11e4-bc5c-e811328cda84} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {b3a85d44-ce20-11e4-bc5c-e811328cda84} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {e4353e93-d2d9-11e4-ba2a-e811328cda84} - E:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk *  
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50830;https=127.0.0.1:50830
AutoConfigURL: [S-1-5-21-2414973931-2264080825-886326512-1000] => file://C:\Program Files (x86)\Hold Page\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=MFF7928A0-2076-4170-B15C-4B32E873E16A&SearchSource=58&CUI=&UM=8&UP=SP44C80D9E-2860-4FB2-91D3-88A0DA98BB23&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: [NameServer] 10.74.210.210 10.74.210.211

FireFox:
========
FF ProfilePath: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF user.js: detected! => C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\user.js [2015-02-15]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\google-avast.xml [2015-01-04]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\trovi-search.xml [2015-01-01]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\Web Search.xml [2015-05-02]
FF Extension: Amazon-Icon - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\amazon-icon@giga.de [2015-02-15]
FF Extension: CinemaPlus-3.2c - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-05-20]
FF Extension: Positive Finds - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c4313236-0ef0-4bfa-aeb6-8f89994746cd}.xpi [2015-02-15]
FF Extension: Web Developer - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff

Chrome: 
=======
CHR Profile: C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-03]
CHR Extension: (Angry Birds) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-03]
CHR Extension: (Google Docs) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-03]
CHR Extension: (YouTube) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-03]
CHR Extension: (Adblock Plus) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-03]
CHR Extension: (Google Search) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-03]
CHR Extension: (Strategy & Defense games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkpilpcldinocafgnnnecbgdmpebcki [2014-10-03]
CHR Extension: (Video Downloader professional) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-06-14]
CHR Extension: (Google Sheets) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-03]
CHR Extension: (Download Helper) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjlohfdjcjhmfcabomglnciodlnplhk [2015-06-14]
CHR Extension: (Tower Defense Games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdmjbldddnejdajkmmledjohhccahell [2014-10-03]
CHR Extension: (Share With Care) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa [2014-10-03]
CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien [2014-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Hold Page) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgkfochogicbgghgeoedahjlgkhhffoo [2014-12-16]
CHR Extension: (12 Towers) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkeklohckaijapmmneogbfelodgbdck [2014-10-03]
CHR Extension: (Red Alien) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlklddbgohcheiaiidjodbnlfcipcdeo [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-03]
CHR Extension: (Amazon) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-15]
CHR Extension: (CinemaPlus-3.2cV02.05) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-07-07]
CHR Extension: (Gmail) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-03]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\AnimaAngelo\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-13] (Foxit Software Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3881080 2015-02-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-02-20] (G Data Software AG)
S3 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-03-31] ()
S3 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-03-31] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-26] (Electronic Arts)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836288 2015-03-24] (Valve Corporation) [File not signed]
S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-07] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-07] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-07-07] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-07] (G Data Software AG)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-30] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-01] (Glarysoft Ltd)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-07] (G Data Software AG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-08-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-03-09] (Huawei Technologies Co., Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-07-07] (G Data Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-19] (Windows (R) Win 7 DDK provider)
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:34 - 2015-07-07 22:35 - 00022669 _____ C:\Users\AnimaAngelo\Downloads\FRST.txt
2015-07-07 22:34 - 2015-07-07 22:35 - 00000000 ____D C:\FRST
2015-07-07 22:33 - 2015-07-07 22:34 - 02112512 _____ (Farbar) C:\Users\AnimaAngelo\Downloads\FRST64.exe
2015-07-07 22:06 - 2015-07-07 22:06 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-07-07 22:05 - 2015-07-07 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-07-07 22:05 - 2015-07-07 22:05 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00002003 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2015-07-07 22:04 - 2015-07-07 22:04 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-07-07 22:02 - 2015-07-07 22:02 - 00001962 _____ C:\Windows\DPINST.LOG
2015-07-07 22:02 - 2015-07-07 22:02 - 00000000 ____D C:\ProgramData\G DATA Software
2015-07-07 21:40 - 2015-07-07 21:40 - 00086130 _____ C:\Windows\PFRO.log
2015-07-07 21:09 - 2015-07-07 21:19 - 265261840 _____ (G Data Software AG) C:\Users\AnimaAngelo\Downloads\INT_R_BASE_TP.exe
2015-07-07 20:58 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-07 20:58 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-07 20:54 - 2015-07-07 20:54 - 00039480 _____ C:\Users\AnimaAngelo\Downloads\qsinstaller.exe
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2015-07-05 19:06 - 2015-07-05 19:06 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2015-07-05 16:05 - 2015-07-05 16:46 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Musik USB
2015-07-01 20:54 - 2015-07-01 22:53 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Ballermann Hist 2015 3CD
2015-07-01 18:42 - 2015-07-01 18:43 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Ivonne
2015-07-01 18:41 - 2015-07-07 22:15 - 00003876 _____ C:\Windows\setupact.log
2015-07-01 18:41 - 2015-07-01 18:41 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 18:40 - 2015-07-01 20:54 - 410920847 _____ C:\Users\AnimaAngelo\Downloads\VA-Ballermann_Hits_2015_XXL-3CD-DE-2015.rar
2015-07-01 18:11 - 2015-07-01 18:12 - 15199032 _____ C:\Users\AnimaAngelo\Downloads\Glary_Utilities_v5.28.0.48.exe
2015-07-01 18:01 - 2015-07-01 20:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Spiele
2015-06-28 13:49 - 2015-06-28 13:49 - 00002725 _____ C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-06-28 13:21 - 2015-06-28 13:21 - 00000000 ____D C:\Users\AnimaAngelo\.thumbnails
2015-06-28 12:37 - 2015-06-28 13:31 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gtk-2.0
2015-06-28 12:28 - 2015-06-28 13:51 - 00000000 ____D C:\Users\AnimaAngelo\.gimp-2.8
2015-06-28 12:28 - 2015-06-28 12:28 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gegl-0.2
2015-06-28 12:17 - 2015-06-28 12:17 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 12:10 - 2015-06-28 12:15 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-28 11:46 - 2015-06-28 11:49 - 91931728 _____ (The GIMP Team ) C:\Users\AnimaAngelo\Downloads\gimp-2.8.14-setup-1.exe
2015-06-14 16:15 - 2015-06-14 16:16 - 32193426 _____ C:\Users\AnimaAngelo\Downloads\NENA - In meinem Leben [Official Video].mp4
2015-06-14 16:13 - 2015-06-14 16:13 - 07127074 _____ C:\Users\AnimaAngelo\Downloads\Isso - Mateo Lyrics.mp4
2015-06-14 16:09 - 2015-06-14 16:10 - 34694964 _____ C:\Users\AnimaAngelo\Downloads\NightcOrE - So Allein - lyrics.mp4
2015-06-14 16:08 - 2015-06-14 16:08 - 20472405 _____ C:\Users\AnimaAngelo\Downloads\Christina Stürmer Millionen Lichter lyrics.mp4
2015-06-14 16:02 - 2015-06-14 16:02 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-14 15:48 - 2015-06-14 15:49 - 36127464 _____ C:\Users\AnimaAngelo\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:28 - 2011-03-20 11:08 - 00699236 _____ C:\Windows\system32\perfh007.dat
2015-07-07 22:28 - 2011-03-20 11:08 - 00149344 _____ C:\Windows\system32\perfc007.dat
2015-07-07 22:28 - 2009-07-14 07:13 - 01618848 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 22:25 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 22:25 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 22:21 - 2014-10-03 12:28 - 01918094 _____ C:\Windows\WindowsUpdate.log
2015-07-07 22:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 22:07 - 2015-04-09 20:58 - 00000000 ____D C:\ProgramData\G Data
2015-07-07 22:03 - 2015-04-09 21:00 - 00001558 _____ C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-07-07 22:01 - 2015-04-09 20:58 - 00000000 ____D C:\Program Files (x86)\G Data
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-07-07 20:54 - 2014-10-03 15:50 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\QuickScan
2015-07-05 18:58 - 2015-04-27 03:33 - 00000000 ____D C:\Users\AnimaAngelo\Documents\Command and Conquer Generals Zero Hour Data
2015-07-05 18:49 - 2015-03-23 17:48 - 00000000 ____D C:\ProgramData\Origin
2015-07-05 16:13 - 2015-06-05 16:02 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Party
2015-07-04 08:55 - 2014-10-03 15:20 - 00000418 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-01 20:42 - 2015-04-03 12:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Programme
2015-07-01 20:42 - 2015-04-03 12:41 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Daten, Ordner usw
2015-07-01 18:35 - 2015-03-23 16:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 18:33 - 2015-05-01 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-01 18:33 - 2015-04-14 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:33 - 2015-04-14 20:01 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F}
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA}
2015-07-01 18:15 - 2015-03-25 18:17 - 00002984 _____ C:\Windows\System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D}
2015-07-01 18:15 - 2014-10-03 14:46 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-01 18:15 - 2014-10-03 14:46 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-01 18:14 - 2014-10-03 15:20 - 00003836 _____ C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2015-07-01 18:13 - 2014-10-03 15:59 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-07-01 18:13 - 2014-10-03 15:59 - 00003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-01 18:13 - 2014-10-03 15:59 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-28 13:21 - 2014-10-03 12:31 - 00000000 ____D C:\Users\AnimaAngelo
2015-06-28 09:59 - 2014-10-03 14:47 - 00002207 _____ C:\Users\AnimaAngelo\Desktop\Google Chrome.lnk
2015-06-08 17:43 - 2014-10-18 12:22 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-04-09 21:00 - 2015-04-09 21:00 - 0000000 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdfw.log
2015-04-09 21:00 - 2015-07-07 22:03 - 0001558 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\AnimaAngelo\AppData\Roaming\qmo2TlUy4szDje
2015-05-03 16:16 - 2015-05-03 16:16 - 0613255 _____ () C:\Users\AnimaAngelo\AppData\Local\nswC715.tmp
2015-06-28 13:49 - 2015-06-28 13:49 - 0002725 _____ () C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-01-03 17:57 - 2015-01-03 17:57 - 0284442 _____ () C:\ProgramData\1420300497.bdinstall.bin
2015-01-03 17:57 - 2015-01-03 17:57 - 0050041 _____ () C:\ProgramData\1420300602.bdinstall.bin
2015-01-03 18:55 - 2015-01-03 18:55 - 0032324 _____ () C:\ProgramData\1420304108.bdinstall.bin
2015-05-26 22:19 - 2015-05-26 22:19 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 13:48

==================== End of log ============================

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by AnimaAngelo at 2015-07-07 22:37:22
Running from C:\Users\AnimaAngelo\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2414973931-2264080825-886326512-500 - Administrator - Disabled)
AnimaAngelo (S-1-5-21-2414973931-2264080825-886326512-1000 - Administrator - Enabled) => C:\Users\AnimaAngelo
Gast (S-1-5-21-2414973931-2264080825-886326512-501 - Limited - Disabled)
Lea & Pia (S-1-5-21-2414973931-2264080825-886326512-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3219 - Acronis)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version:  - )
Battlefield 1942: Secret Weapons of WWII (HKLM-x32\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version:  - )
Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Die Sims Deluxe  (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
DriverEasy 4.7.8 (HKLM\...\DriverEasy_is1) (Version: 4.7.8.0 - Easeware)
Dropbox (HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Earth 2150 (HKLM-x32\...\Earth 2150) (Version:  - )
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 8.0  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.0 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
ETDWare X64 11.7.13.2_WHQL (HKLM\...\Elantech) (Version: 11.7.13.2 - ELAN Microelectronic Corp.)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.9.56.313 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.3 - G DATA Software AG)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.28 (HKLM-x32\...\Glary Utilities 5) (Version: 5.28.0.48 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 41.003.50.00.06 - Huawei Technologies Co.,Ltd)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
iLoad (HKLM\...\{B4D9A4F1-C1F3-4F69-B673-0D7D3FB2B591}) (Version: 6.1.0 - Paloma Networks, Inc.)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.87.55 - Huawei Technologies Co.,Ltd)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LastChaosGER (HKLM-x32\...\{A86A50FC-7C22-478B-BAEF-82393328825F}) (Version: 1.00.000 - Barunsongames CO., LTD.)
Mega World Smash (HKLM-x32\...\{B479FD9F-0FA7-4F0B-8407-50602E80125C}) (Version: 1.00.0000 - PurpleHills)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moorhuhn X - XXL (HKLM-x32\...\{D0D3C193-7052-4DE4-8BF4-3954D2021FF2}) (Version:  - )
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Need for Speed Underground Version 1.4 (HKLM-x32\...\Need for Speed Underground_is1) (Version: 1.4 - EA Games)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
OpenTTD 1.4.2 (HKLM-x32\...\OpenTTD) (Version: 1.4.2 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Smart Driver Updater v3.2 (HKLM-x32\...\Smart Driver Updater_is1) (Version: 3.2 - Avanquest Software)
Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version:  - City Interactive)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505261442 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Sims 4 Deluxe DLC Edition (HKLM-x32\...\The Sims 4 Deluxe DLC Edition) (Version: 1.01 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.3 - Unified Intents AB)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAOW 1.01 (HKLM-x32\...\WAOW) (Version: 1.01 - )
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WiFiRemotesServer (HKLM-x32\...\{A4D97D4D-098A-45BE-ACF9-D5EB830C9AC7}) (Version: 1.0.0 - WiFiRemotes)
Windows Remote Service (HKLM\...\{82D197EB-E66F-41F1-887C-B6EFC09DBF7F}_is1) (Version: 1.3.0 - Banamalon)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-01-2015 18:06:13 Installiert Battlefield 1942
03-01-2015 18:28:57 Installiert Battlefield 1942: The Road To Rome
03-01-2015 18:38:34 Installiert Battlefield 1942: Secret Weapons of WWII
03-01-2015 19:44:01 Windows Update
25-01-2015 01:31:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
25-01-2015 01:32:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
25-01-2015 23:49:14 Acronis*Disk*Director*12 wird installiert
07-02-2015 20:36:27 Geplanter Prüfpunkt
15-02-2015 01:00:08 Geplanter Prüfpunkt
26-02-2015 01:52:11 Geplanter Prüfpunkt
27-02-2015 20:14:16 Microsoft Visual C++ 2005 Redistributable wird installiert
08-03-2015 14:01:27 Geplanter Prüfpunkt
08-03-2015 20:14:03 Installiert Call of Duty(R) 4 - Modern Warfare(TM)
08-03-2015 21:20:40 DirectX wurde installiert
16-03-2015 14:03:30 Mega World Smash wurde installiert.
19-03-2015 16:56:11 Installiert Die Sims Deluxe 
19-03-2015 17:22:29 Installiert Die Sims Deluxe 
20-03-2015 18:15:15 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
20-03-2015 18:16:25 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
20-03-2015 18:17:54 Gerätetreiber-Paketinstallation: Unified Intents AB Eingabegeräte (Human Interface Devices)
23-03-2015 16:40:14 Steam wird installiert
23-03-2015 17:38:14 DirectX wurde installiert
23-03-2015 18:17:20 DirectX wurde installiert
25-03-2015 15:42:44 Installiert Moorhuhn X - XXL
26-03-2015 14:07:58 Installed WiFiRemotesServer
26-03-2015 17:23:19 Gerätetreiber-Paketinstallation: Disc Soft Ltd Speichercontroller
03-04-2015 02:18:30 Geplanter Prüfpunkt
03-04-2015 12:52:27 Installiert Tom Clancy's Splinter Cell Conviction
03-04-2015 13:23:59 Microsoft Visual C++ 2005 Redistributable wird installiert
03-04-2015 13:26:05 DirectX wurde installiert
03-04-2015 13:45:38 Installed Ubisoft Game Launcher
09-04-2015 21:19:17 avast! antivirus system restore point
10-04-2015 22:42:50 Sony PC Companion
19-04-2015 13:44:21 Geplanter Prüfpunkt
26-04-2015 03:40:14 DirectX wurde installiert
26-04-2015 11:17:49 DirectX wurde installiert
26-04-2015 12:08:46 DirectX wurde installiert
27-04-2015 02:26:53 DirectX wurde installiert
27-04-2015 03:27:26 DirectX wurde installiert
27-04-2015 04:23:15 DirectX wurde installiert
03-05-2015 16:18:21 Wiederherstellungsvorgang
11-05-2015 00:01:37 Geplanter Prüfpunkt
18-05-2015 13:36:02 Geplanter Prüfpunkt
21-05-2015 08:28:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 08:29:46 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 08:30:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 10:34:13 Configured LastChaosGER
22-05-2015 16:47:21 Installiert The Sims 3
24-05-2015 13:08:41 Installiert The Sims 3
24-05-2015 14:12:05 Entfernt The Sims 3
24-05-2015 14:30:14 Installiert The Sims 3
24-05-2015 14:46:28 Installiert The Sims 3
30-05-2015 15:09:20 Installed Sony Mobile Drivers
07-06-2015 13:17:16 Geplanter Prüfpunkt
14-06-2015 17:32:31 Geplanter Prüfpunkt
22-06-2015 00:02:15 Geplanter Prüfpunkt
01-07-2015 20:06:03 Geplanter Prüfpunkt
07-07-2015 21:23:45 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2EB96718-BC85-47B5-B129-9E26A19FFC8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {44E1796D-9C5D-441B-8E57-984565B9D815} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-06-23] (Glarysoft Ltd)
Task: {5A6D0E06-D161-4D92-8961-5A81065975BD} - System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {5C83FEF0-B43B-4CD8-B076-B97BFB4C3D25} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-09-16] (Easeware)
Task: {6A2C6D18-9AED-4571-9517-7871436256DF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-06-23] (Glarysoft Ltd)
Task: {6BDEE676-8B65-4850-9248-FEC5601ACA5D} - System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {9E6D411E-1CFB-4363-B3B9-B756B753EC2A} - System32\Tasks\avastBCLRestartS-1-5-21-2414973931-2264080825-886326512-1000 => Chrome.exe 
Task: {A32562F6-1A04-438C-81F4-C9B02FF0ECCF} - System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {BE56863F-D42A-4C41-9D15-877F5C5024B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {D36E533D-81AF-4230-88E7-F7386D2682B7} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-01 16:58 - 2014-12-14 11:53 - 00378640 _____ () C:\Windows\system32\ColorMedia64.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-15 10:36 - 2014-12-15 02:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2015-03-18 12:44 - 2013-08-16 08:53 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2015-02-20 05:42 - 2015-02-20 05:42 - 00382072 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00280104 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00754728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-07-07 20:08 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 20:08 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^AnimaAngelo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iLoad.lnk => C:\Windows\pss\iLoad.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Unified Remote V3 => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
MSCONFIG\startupreg: Windows Remote Service => C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8E62ED7E-5421-4B4D-B668-A0E28485767C}] => (Allow) C:\Program Files (x86)\Hold Page\bin\HoldPage.BRT.Helper.exe
FirewallRules: [{88489503-0BAD-48A7-8B16-54A479A747B9}] => (Allow) C:\Program Files (x86)\Hold Page\bin\HoldPage.BRT.Helper.exe
FirewallRules: [{E0A70568-B769-4F79-8568-2673297CAC83}] => (Allow) C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1A72DBB1-26AC-4D34-BF0C-6603F7DE790B}] => (Allow) C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{12262F90-8C83-4A36-8BEF-E8C8E742867B}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{CFDBE26E-C353-44CD-9F7D-E22A418C8EFB}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [{A5F61476-C186-47E5-8AF7-B70298901E63}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3EFED061-B926-4C39-A588-AA0062905521}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{72E082E3-FBF5-4676-8ECB-15E9ACD19592}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F52BDBC8-05A8-42F6-9C4D-840F519FD37C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{ADBB6802-A946-4B90-A1F9-D98A2E202CF6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{BF4B00F5-74FF-4DC9-91CC-5D240E645123}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{06DED6C4-F606-4CC3-84F6-A654DBA1773E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7C1FCEAF-4CE4-4CCB-A5B3-75738B0D2D4B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{222E564C-13F5-4CF0-A1AD-DAC00570D3E3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{628A5656-80A8-4CA6-936D-2F0235CEC82A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{FA317F8C-EDDB-4FAA-9B67-12E6C5B96731}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{13D2BCA5-8319-460A-9F99-F60C748CC300}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{C4E24E2C-1005-4656-AC7C-665F50AE02B3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{67DD19BD-F8DD-42E6-8CFD-017E5E55DE37}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BA02D6B1-A23B-439C-8297-D50D9B4853B6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{FB4A7DC5-BC5E-4125-B587-E269F9EC3641}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D859A692-02B3-4A50-9F96-42F172B2F993}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{1FE8B306-4B8B-4C32-93E8-BF280F146DD1}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{057F7120-9E98-4AF7-A2EE-3FC42F9AB07D}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{C6966761-7BD8-47E8-BBD5-25D9E1C77B2D}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [UDP Query User{2A60625F-2F1B-481D-B9DC-E3E40943E7C4}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [{5F18D4B9-5A3F-4DCF-9B00-D3F61DCE57E0}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{73AE9337-E947-44DD-BD39-056926D581E0}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [TCP Query User{272775FA-E3D5-4011-8369-907AFD887EEE}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [UDP Query User{B0F4F868-B32B-4F3A-8D55-AC9169E25130}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [{4579B547-F34C-4764-8978-B0419F5B001D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{51FC4184-E6F1-466E-85CB-34768748A706}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7815829B-1367-49C0-9F24-20066DDED011}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EA7A570-05FC-4AB8-BAA6-B96141B0E525}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{61E2CF36-9877-46E6-BDBA-B6ACFD52EE37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE56EAD7-D783-49E0-9011-C79C00CF498F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ABFED508-E1C1-4AE6-BCDF-33CDACB9904E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{FB099AF4-E165-457C-B8D1-9BA275B448CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{E7A06105-251B-4990-A3FC-706754277D81}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{4B57D089-EBD1-4124-AD05-48D707C484BB}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{6C7CF9D6-9D05-4B43-B81D-32B4A436991A}C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe] => (Allow) C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe
FirewallRules: [UDP Query User{DF995BC5-DB97-4CBA-89A9-B4FB77926826}C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe] => (Allow) C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe
FirewallRules: [{9BCC964C-F0B9-45F2-B1C9-E49D7664F7BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{57B5FC77-F7AF-41B4-A3E9-DFF9D5BFD8CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{93836E88-59E8-4105-804C-72D270F32AED}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{0C709A32-ADA1-4152-8174-93DACDB8BCA7}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{D44C88E2-B2DA-43FF-B3CC-892D93B91B5A}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{F77E5E57-DE31-4EAE-8F29-898DBA741F25}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{B94DFA0C-B379-4636-96FD-C0E306A88FD5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{E4DEC178-E9C7-44B1-AD89-0DB3F8212722}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{1B079D3C-CC22-44EB-AFEC-204F969B76FD}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{D0360761-4E37-43BB-A340-06C0B39C2B32}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E4CC9A2D-619B-4B21-A6FA-2C0E703560DC}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{E4FB9923-F742-4872-B37F-98B46B143E09}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{EA2B2B0A-7C91-400C-AD3C-6AEAB42EEC30}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{8EFF34A6-BCEF-4A68-9FA2-CC9A95C07ED1}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{13CAFF5E-54DB-4127-A8CA-95C960746983}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{1F26FB0E-1CF5-4AD2-B3A4-FFC7A81DD0BC}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{DE5110E4-AC32-443C-B342-8FCAE9BD4C5E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{BF8E594E-6436-41D1-891E-9F2DE671197E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{6E37C589-221C-43DA-9763-1388A24E0436}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{933711E4-F4F6-415A-8D73-BF5DE1FA0D32}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1495BE6A-50A3-4CAA-853C-57DA8E43F914}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{37DC1FF2-4992-434D-A003-34B2A348C8FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 10:19:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary HookCentre.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary G Data Rootkit Detector Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary GDBehave.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:23:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2414973931-2264080825-886326512-1004.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {d5bc14ac-eafd-4316-bead-1baef6dba14c}

Error: (07/04/2015 02:40:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1354

Startzeit: 01d0b64c38563310

Endzeit: 525

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: ca4e3781-2249-11e5-8b60-e811328cda84

Error: (07/04/2015 01:26:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10b8

Startzeit: 01d0b64927996a48

Endzeit: 820

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 74244966-223f-11e5-8b60-e811328cda84

Error: (07/04/2015 01:04:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a8

Startzeit: 01d0b645ccaf34f4

Endzeit: 65

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 63c9ebf7-223c-11e5-8b60-e811328cda84

Error: (07/04/2015 00:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f48

Startzeit: 01d0b6278a124d32

Endzeit: 47

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 08442a38-2239-11e5-8b60-e811328cda84


System errors:
=============
Error: (07/07/2015 10:17:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/07/2015 10:16:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/07/2015 10:16:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (07/07/2015 10:15:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 22:12:59 unerwartet heruntergefahren.

Error: (07/07/2015 10:06:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106

Error: (07/07/2015 10:06:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106

Error: (07/07/2015 10:06:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106

Error: (07/07/2015 10:06:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106

Error: (07/07/2015 10:06:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106

Error: (07/07/2015 10:06:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet: 
%%10106


Microsoft Office:
=========================
Error: (07/07/2015 10:19:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary HookCentre.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary G Data Rootkit Detector Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary GDBehave.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:23:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2414973931-2264080825-886326512-1004.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {d5bc14ac-eafd-4316-bead-1baef6dba14c}

Error: (07/04/2015 02:40:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.17567135401d0b64c38563310525C:\Windows\explorer.execa4e3781-2249-11e5-8b60-e811328cda84

Error: (07/04/2015 01:26:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.1756710b801d0b64927996a48820C:\Windows\explorer.exe74244966-223f-11e5-8b60-e811328cda84

Error: (07/04/2015 01:04:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.175674a801d0b645ccaf34f465C:\Windows\explorer.exe63c9ebf7-223c-11e5-8b60-e811328cda84

Error: (07/04/2015 00:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567f4801d0b6278a124d3247C:\Windows\Explorer.EXE08442a38-2239-11e5-8b60-e811328cda84


==================== Memory info =========================== 

Processor: AMD E-350 Processor
Percentage of memory in use: 29%
Total physical RAM: 6124.12 MB
Available physical RAM: 4323.89 MB
Total Virtual: 12246.41 MB
Available Virtual: 9644.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:290.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9E42B876)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun

Log-Analyse und Auswertung: Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun

Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun

Ähnliche Themen: Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun