Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes


Log-Analyse und Auswertung: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.06.2016, 17:51   #1
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes


Moin Moin,

ich habe ein System, dass sehr träge reagierte und von mir als erste Maßnahme mit Malwarebytes und Adwcleaner bereinigt wurde - das hat die Performance auch schon etwas gesteigert, ich bitte daher um Auswertung der Logs, ob noch Auffälligkeiten zu finden sind.

Die Addition.txt passt nicht mehr in die Zeichengrenze jeh Post ...

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.06.2016
Suchlaufzeit: 19:55
Protokolldatei: mbam.txt
Administrator: Nein

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.12.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sany

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 260863
Abgelaufene Zeit: 28 Min., 22 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 8
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, Löschen bei Neustart, [8093a6565148d6601cc87b427c86f709], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, Löschen bei Neustart, [d53e7e7e59400135c0e9842714efb54b], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, Löschen bei Neustart, [c44f5ba14a4f89ad406b367545beee12], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ATTFilter
# AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:42:13
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\ProgramData\TweakBit
Folder Found : C:\ProgramData\Application Data\TweakBit
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found : C:\Program Files (x86)\myfree codec
Folder Found : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\OCS
Folder Found : C:\Users\Sandra Nicola\Documents\Mobogenie
Folder Found : C:\Users\Sany\AppData\Local\Winamp Toolbar
Folder Found : \extensions

***** [ Files ] *****

File Found : C:\Users\Sandra Nicola\daemonprocess.txt
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
File Found : \user.js

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\OCS
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\OCS
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1043\Software\Myfree Codec
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com

***** [ Web browsers ] *****

[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp
[C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp

*************************

\AdwCleaner\AdwCleaner[S1].txt - [5680 bytes] - [12/06/2016 20:42:13]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [5751 bytes] ##########
Code:
ATTFilter
# AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:51:04
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Clean
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\TweakBit
[#] Folder Deleted : C:\ProgramData\Application Data\TweakBit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\OCS
[-] Folder Deleted : C:\Users\Sandra Nicola\Documents\Mobogenie
[-] Folder Deleted : C:\Users\Sany\AppData\Local\Winamp Toolbar
[-] Folder Deleted : \extensions

***** [ Files ] *****

[-] File Deleted : C:\Users\Sandra Nicola\daemonprocess.txt
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
[-] File Deleted : \user.js

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com

***** [ Web browsers ] *****

[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp
[-] [C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp

*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

\AdwCleaner\AdwCleaner[C1].txt - [5411 bytes] - [12/06/2016 20:51:04]
\AdwCleaner\AdwCleaner[S1].txt - [5828 bytes] - [12/06/2016 20:42:13]

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [5553 bytes] ##########
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by Sandra Nicola (administrator) on SCHNUBBI (12-06-2016 21:32:34)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
Startup: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk [2015-04-22]
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579904 2015-04-30] (WiseCleaner.com)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 楗敳潂瑯獁楳瑳湡t; 㩃停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) [File not signed]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 21:25 - 2016-06-12 21:26 - 00037335 _____ C:\Users\Sany\Desktop\Addition.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00024661 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00000000 ____D C:\FRST
2016-06-12 21:23 - 2016-06-12 21:23 - 02385408 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-12 20:38 - 2016-06-12 20:51 - 00000000 ____D C:\AdwCleaner
2016-06-12 20:38 - 2016-06-12 20:38 - 03677248 _____ C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
2016-06-12 20:00 - 2016-06-12 20:01 - 12893312 _____ (Lenovo Group Limited ) C:\Users\Sany\Desktop\g3ad03ww.exe
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:42 - 2016-06-12 15:42 - 03652640 _____ C:\Users\Sany\Desktop\SDI_R454.zip
2016-06-12 15:42 - 2016-06-12 15:42 - 00000000 ____D C:\Users\Sany\Desktop\SDI_R454
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00001041 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 22:26 - 2016-06-07 22:27 - 858866918 _____ C:\Users\Sany\Desktop\Monsieur_Claude_und_seine_Toechter_16.06.04_20-15_sat1_120_TVOON_DE.mpg.avi
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut
2016-05-13 16:36 - 2016-06-10 23:03 - 00000000 ____D C:\Users\Sany\Desktop\Shopping Queen

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:20 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-12 21:18 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:15 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-12 21:14 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-12 21:14 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-12 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 20:48 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-12 20:48 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-12 20:48 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 20:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-12 19:49 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-12 19:40 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 19:30 - 2012-08-29 22:57 - 00000000 ____D C:\Dolby PCEE4
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-12 17:44 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:37 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-12 09:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 12:31 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-06 11:57 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-05 18:02 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle
2016-05-14 02:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-14 01:27 - 2014-12-15 22:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 23:15 - 2015-09-23 22:59 - 00000078 _____ C:\Users\Sany\Desktop\Schulden.txt
2016-05-13 10:14 - 2015-11-04 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:14 - 2012-08-30 22:13 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 10:14 - 2012-08-30 22:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:20 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Sany\biing2.exe


Some files in TEMP:
====================
C:\Users\Sandra Nicola\AppData\Local\Temp\libeay32.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\msvcr120.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\sqlite3.dll
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-10 14:17

==================== End of FRST.txt ============================

 

Themen zu System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes
.com, antivirus, browser, defender, desktop, dnsapi.dll, firefox, flash player, google, google analytics, homepage, internet, internet explorer, logfile, mozilla, performance, popups, realtek, registry, rundll, security, server, services.exe, software, svchost.exe, system, windows


« Windows10 (seit zwei Wochen): Norman findet Virus: Backdoor.Generic.737080, System funktioniert normal | Excel und Word Dateien durch Trojaner verschlüsselt »


Ähnliche Themen: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes


  1. adwcleaner Funde löschen?
    Plagegeister aller Art und deren Bekämpfung - 22.03.2016 (19)
  2. System sehr träge, Festplatte defekt?
    Netzwerk und Hardware - 07.09.2015 (1)
  3. Malwarebytes und ADWCleaner haben sehr viel gefunden, was kann ich noch tun?
    Log-Analyse und Auswertung - 03.07.2015 (13)
  4. Google App Engine: Google reagiert träge auf Java-Sicherheitslücken
    Nachrichten - 18.05.2015 (0)
  5. Win7 System sehr träge, svchost.exe hohe Auslastung
    Log-Analyse und Auswertung - 12.01.2015 (13)
  6. Windows 8.1: Funde bei AdwCleaner: SuperEasy Software,
    Log-Analyse und Auswertung - 27.12.2014 (7)
  7. Windows 7: AVAST 3 Funde, Malwarebytes 8 Funde
    Log-Analyse und Auswertung - 16.12.2014 (13)
  8. AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?
    Log-Analyse und Auswertung - 20.09.2014 (3)
  9. CPU Auslastung trotz AVG, Avira, Malwarebytes, ADWcleaner, Spybot etc. zu hoch
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (9)
  10. Funde von AdwCleaner
    Log-Analyse und Auswertung - 27.04.2014 (4)
  11. Rechner mit Win Vista plötzlich sehr langsam, reagiert träge und Programme hängen sich auf
    Plagegeister aller Art und deren Bekämpfung - 01.03.2014 (12)
  12. Funde durch AdwCleaner...weitere Schritte nötig?
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (3)
  13. Malwarebytes und AdwCleaner finden Pup.optional
    Log-Analyse und Auswertung - 09.10.2013 (13)
  14. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  15. Laptop plötzlich total langsam..Funde durch adwCleaner
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (9)
  16. Windows 7 32bit: Hohe Prozessorauslastung / System träge
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (19)
  17. Prozessor dauerhaft 20% - Ram voll ausgelastet - System träge
    Log-Analyse und Auswertung - 07.09.2010 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Moin Moin, ich habe ein System, dass sehr träge reagierte und von mir als erste Maßnahme mit Malwarebytes und Adwcleaner bereinigt wurde - das hat die Performance auch schon etwas - System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes...
Archiv
Du betrachtest: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131