Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8.1: Alle Browser auch ohne Add-ons langsam (https://www.trojaner-board.de/160413-windows-8-1-alle-browser-ohne-add-ons-langsam.html)

Spugat 05.11.2014 10:24
Windows 8.1: Alle Browser auch ohne Add-ons langsam
 
Hey,
seit ca. einer Woche sind alle Browser (Firefox 33 sowie Internet Explorer) trotzt schneller Internetverbindung langsam. Dies ist auch der Fall wenn sie ohne Add-ons gestartet werden bzw nach neu Installation und Erstellen eines neuen Firefox Profils.
Meine Add-ons sind (alle up-to-date):
Adbdblock plus
DownloadHelper
Modify Headers
Printpdf
Soundcloud Downloader
YouTube Center


Ich benutze Windows 8.1 auf einem HP Envy:
Processor: Intel® Core™ i5-4200M CPU @ 2.50GHz 2.50GHz
Installed memory (Ram): 12.0 GB
System type: 64-bit

Checks/Reinigen mit ccleaner, Glary Utilities, Malewarebtes Anti-Malware, und Avira Free Antivirus waren erfolglos. (Logs s.u.)

Ich hoffe ihr könnte mir helfen, vielen Dank schon einmal im Voraus!

LG

Ps. Logs zu Avira Free Antivirus und Glary Utilities sind im .zip da der post sonst zulang gewesen wäre

Malewarebtes Anti-Malware Log:
Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 04/11/2014
Scan Time: 08:52:53
Logfile: MAleware log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.04.01
Rootkit Database: v2014.11.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Justus

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 370874
Time Elapsed: 35 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
Defogger Log:
Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:17 on 05/11/2014 (Justus)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST64 Log:
Zitat:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Justus (administrator) on SPUGAT on 05-11-2014 08:19:20
Running from C:\Users\Justus\Desktop
Loaded Profiles: Justus & (Available profiles: UpdatusUser & Justus)
Platform: Windows 8.1 (X64) OS Language: German (Germany)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IARNGDE.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
() C:\Users\Justus\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE [283232 2012-10-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2342487917-3089948869-1178489403-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-2342487917-3089948869-1178489403-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd)
HKU\S-1-5-21-2342487917-3089948869-1178489403-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE [283232 2012-10-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - xxx{553891B7-A0D5-4526-BE18-D3CE461D6310} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 158.143.223.209 158.143.96.212
Tcpip\..\Interfaces\{1FA0E25A-CD2F-4D75-8CD5-AFA4D51024C5}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Foxstart Default Settings - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\foxstart-cck@extensions.foxstart.com [2014-10-30]
FF Extension: DownloadHelper - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: YouTube Center - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-09-25]
FF Extension: English (GB) Language Pack - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2014-10-07]
FF Extension: printpdf - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\printpdf@pavlov.net.xpi [2014-06-14]
FF Extension: Modify Headers - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-10-29]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-06-14]
FF Extension: Adblock Plus - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-14] (Microsoft Corporation)
S3 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-14] (Microsoft Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-05-10] (Pharos Systems International) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-05] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49200 2013-02-26] (Ralink Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2014-11-01] (Glarysoft Ltd)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-14] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-11-02] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 08:19 - 2014-11-05 08:20 - 00017989 _____ () C:\Users\Justus\Desktop\FRST.txt
2014-11-05 08:19 - 2014-11-05 08:19 - 00000000 ____D () C:\FRST
2014-11-05 08:17 - 2014-11-05 08:17 - 00000474 _____ () C:\Users\Justus\Desktop\defogger_disable.log
2014-11-05 08:17 - 2014-11-05 08:17 - 00000000 _____ () C:\Users\Justus\defogger_reenable
2014-11-05 08:14 - 2014-11-05 08:14 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat
2014-11-04 08:54 - 2014-11-04 08:54 - 00001328 _____ () C:\Users\Justus\Desktop\Ereignisse Avira Free Antivirus.txt
2014-11-04 08:49 - 2014-11-04 08:49 - 00380416 _____ () C:\Users\Justus\Desktop\Gmer-19357.exe
2014-11-04 08:48 - 2014-11-04 08:48 - 02114560 _____ (Farbar) C:\Users\Justus\Desktop\FRST64.exe
2014-11-04 08:47 - 2014-11-04 08:48 - 00050477 _____ () C:\Users\Justus\Desktop\Defogger.exe
2014-11-02 21:54 - 2014-11-05 07:24 - 00105452 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-02 10:26 - 2014-10-28 02:07 - 00028960 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe
2014-11-01 21:08 - 2014-11-01 21:08 - 00000000 ____D () C:\Users\Justus\Desktop\FG 7 8 EY40
2014-11-01 19:31 - 2014-11-01 19:31 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Avira
2014-11-01 19:30 - 2014-11-01 19:30 - 00000000 ____D () C:\Users\Justus\AppData\Local\Macromedia
2014-11-01 19:26 - 2014-11-01 19:26 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Synaptics
2014-11-01 19:26 - 2014-11-01 19:26 - 00000000 ____D () C:\Users\Justus\AppData\Local\VirtualStore
2014-11-01 19:25 - 2014-11-02 10:29 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-11-01 19:25 - 2014-11-01 19:25 - 00000000 ____D () C:\ProgramData\Validity
2014-11-01 12:46 - 2014-11-01 12:46 - 00007607 _____ () C:\Users\Justus\AppData\Local\Resmon.ResmonCfg
2014-11-01 11:42 - 2014-11-01 11:42 - 00000000 ___HD () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-11-01 11:27 - 2014-11-01 11:27 - 00000000 ____D () C:\Users\Justus\AppData\Local\Microsoft Help
2014-11-01 11:17 - 2014-11-03 11:17 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 12:48 - 00000348 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-01 11:17 - 2014-11-01 11:53 - 00002972 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-11-01 11:17 - 2014-11-01 11:53 - 00002624 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-11-01 11:17 - 2014-11-01 11:45 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\GlarySoft
2014-11-01 11:17 - 2014-11-01 11:17 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-11-01 11:17 - 2014-11-01 11:17 - 00001115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-11-01 09:33 - 2014-11-04 15:44 - 00013187 _____ () C:\Users\Justus\Desktop\2014.11.xlsx
2014-10-30 16:31 - 2014-11-01 11:00 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-30 16:31 - 2014-10-30 16:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 16:31 - 2014-10-30 16:31 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-30 16:24 - 2014-10-30 16:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 15:46 - 2014-11-01 11:01 - 00000000 ____D () C:\Users\Justus\Desktop\backup
2014-10-30 11:15 - 2014-11-04 09:07 - 00000000 ____D () C:\Users\Justus\Desktop\Reading
2014-10-30 11:15 - 2014-11-03 15:03 - 00008243 _____ () C:\Users\Justus\Desktop\to do.odt
2014-10-30 11:15 - 2014-11-03 15:03 - 00006476 _____ () C:\Users\Justus\Desktop\School to-do.odt
2014-10-30 11:15 - 2014-10-30 11:16 - 00000000 ____D () C:\Users\Justus\Desktop\QMUL
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Efficient Elements
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Local\Efficient Elements
2014-10-16 10:11 - 2014-11-01 20:37 - 00000000 ____D () C:\Program Files (x86)\Pharos
2014-10-16 10:11 - 2014-10-16 10:11 - 00000000 ____D () C:\Program Files (x86)\PharosSystems
2014-10-16 10:11 - 2013-05-10 17:28 - 00757760 ____T (Pharos Systems International) C:\WINDOWS\system32\PSR6B04F.DLL
2014-10-16 10:11 - 2013-05-10 17:27 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2014-10-16 10:11 - 2013-05-10 17:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2014-10-16 08:34 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 08:33 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-16 08:33 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-16 08:33 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-16 08:33 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-16 08:33 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-16 08:33 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-16 08:33 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-16 08:32 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 08:32 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 08:31 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 08:31 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 08:31 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 08:31 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 08:31 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 08:31 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 08:31 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 08:31 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 08:31 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 08:31 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-16 08:31 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 08:31 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 08:31 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 08:31 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 08:31 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-16 08:31 - 2014-08-29 01:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 08:31 - 2014-08-29 00:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 08:31 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 08:31 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-16 08:31 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 08:31 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 03:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-16 08:31 - 2014-08-16 03:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-16 08:31 - 2014-08-16 03:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-16 08:31 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-16 08:31 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 08:31 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 08:31 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-16 08:31 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-16 08:31 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 08:31 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 08:31 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 08:31 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-16 08:31 - 2014-07-31 23:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 13:33 - 2014-10-15 13:36 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-10-15 13:33 - 2014-10-15 13:33 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\system32\cpwmon64.dll
2014-10-06 10:25 - 2014-10-11 08:30 - 00011271 _____ () C:\Users\Justus\Desktop\Supermarkt Vgl.xlsx
2014-10-06 10:23 - 2014-10-06 10:23 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-10-06 10:01 - 2014-10-06 10:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-06 09:58 - 2014-10-06 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-06 09:58 - 2014-10-06 10:04 - 00002428 _____ () C:\Users\Justus\Desktop\Word 2013.lnk
2014-10-06 09:55 - 2014-10-23 09:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 08:17 - 2014-06-14 09:47 - 00000000 ____D () C:\Users\Justus
2014-11-05 08:16 - 2014-06-14 19:18 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\ClassicShell
2014-11-05 08:08 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-05 07:06 - 2014-06-13 17:23 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2342487917-3089948869-1178489403-1002
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-04 23:15 - 2013-11-23 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-04 22:59 - 2014-06-15 08:36 - 00000000 ____D () C:\Users\Justus\Desktop\Komische sachen
2014-11-04 22:52 - 2014-06-14 16:29 - 00000000 ____D () C:\The KMPlayer
2014-11-04 15:49 - 2014-06-14 16:18 - 00000000 ____D () C:\Users\Justus\Desktop\Neuer Ordner
2014-11-04 15:45 - 2014-06-15 08:45 - 01153536 ___SH () C:\Users\Justus\Desktop\Thumbs.db
2014-11-04 08:52 - 2014-06-14 20:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-03 20:09 - 2014-03-18 10:03 - 01984420 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-03 20:09 - 2014-03-18 09:25 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-03 20:09 - 2014-03-18 09:25 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-03 14:50 - 2014-06-14 18:15 - 00000000 ____D () C:\Users\Justus\AppData\Local\Last.fm
2014-11-02 22:05 - 2014-06-13 17:17 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Adobe
2014-11-02 10:29 - 2013-11-23 16:12 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-11-02 10:29 - 2013-11-23 16:12 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-11-02 10:29 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-02 10:29 - 2013-03-04 15:30 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-11-02 10:27 - 2013-08-22 13:25 - 86769664 _____ () C:\WINDOWS\system32\config\SOFTWARE.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.gu.bak
2014-11-01 21:12 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Local\Mozilla
2014-11-01 20:37 - 2014-09-26 09:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-01 20:36 - 2014-06-14 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-01 20:36 - 2013-11-23 15:59 - 00000000 ____D () C:\ProgramData\Apple
2014-11-01 20:36 - 2013-11-23 15:57 - 00000000 ____D () C:\ProgramData\Intel
2014-11-01 20:36 - 2013-11-23 15:53 - 00000000 ____D () C:\Intel
2014-11-01 19:26 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mozilla
2014-11-01 19:20 - 2014-06-15 07:21 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\DVDVideoSoft
2014-11-01 19:20 - 2014-06-13 17:33 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Hewlett-Packard
2014-11-01 19:19 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2014-11-01 15:27 - 2014-06-13 17:14 - 00000000 ____D () C:\Users\Justus\AppData\Local\Packages
2014-11-01 11:48 - 2014-06-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-11-01 09:33 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Monthly expenditure
2014-10-31 12:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-10-30 16:45 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-30 10:42 - 2014-06-15 15:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 10:41 - 2014-06-15 15:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-30 10:40 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 10:37 - 2013-09-27 10:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-10-29 15:37 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-29 12:04 - 2014-06-16 10:14 - 00000000 ___RD () C:\Users\Justus\Dropbox
2014-10-29 12:04 - 2014-06-14 18:32 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Dropbox
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 09:15 - 2014-06-16 10:51 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mp3tag
2014-10-20 11:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-19 07:24 - 2014-06-15 08:02 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-18 09:45 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-17 08:52 - 2014-08-14 07:54 - 00000000 ____D () C:\Users\Justus\AppData\Local\Adobe
2014-10-17 08:43 - 2014-06-15 08:02 - 00003774 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:24 - 2013-08-22 14:44 - 00518504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 22:19 - 2014-06-13 17:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-16 22:15 - 2014-06-13 17:59 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 11:32 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-12 09:08 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Training
2014-10-09 13:59 - 2014-06-14 16:45 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Justus\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-04 07:55

==================== End Of Log ============================
FRST64 Addition:
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Justus at 2014-11-05 08:21:36
Running from C:\Users\Justus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{90C96F50-6055-4E41-A143-B0B02383223F}) (Version: 1.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX218 Series (HKLM\...\EPSON SX218 Series) (Version: - SEIKO EPSON Corporation)
Efficient Elements for presentations - Standard Edition (HKLM-x32\...\{CA7E2194-C2F8-4465-876F-92AF13B58231}) (Version: 2.0.43900.1 - Efficient Elements GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Ihr Firmenname)
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-GB)) (Version: 33.0 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{25C4294E-DDA8-EE68-0E16-FA6BD9C8684B}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.25.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Slice Audio File Splitter (HKLM-x32\...\Slice) (Version: - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

02-11-2014 16:19:34 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06E33511-285B-4439-97B2-9E90C39604C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1138D9E8-F953-42F1-A49C-307D9631AB72} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2012-11-20] ()
Task: {144111B4-D918-4BCD-A4E6-4B38B822F7C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {1B2A5D0D-37F3-4D08-9C86-15351173C465} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E19A6D5-55D8-4493-8DB2-2CE24BC66E08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BB746BC-BC29-43C1-A22B-1894082427C8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {50B3E99C-6CC0-4C98-A0E7-B832ECC68497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {61AA5B76-657D-45E2-BD74-AE12D01289E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {888127C6-E6E1-454E-ABEC-38E68E27FECA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {923391A6-FED3-442D-8D31-3D551AED6992} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {935677B2-EBDB-4858-82C4-A433FCD2E952} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {93C89366-CDC0-4952-B6D5-75D39FC829E1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B8EED6EA-5A4A-4C7E-B415-60A42E7AAD41} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {BB0FED68-CDDF-4E79-9313-ADBBC314B04B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {BE45617E-DE54-443A-B37F-B69DA1B340FD} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-10-28] (Glarysoft Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DACFFEEA-E810-44E2-AEE2-A12C88F3CF4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F4565828-4E1F-4E9D-93AF-132D7194F0C4} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-10-28] (Glarysoft Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2013-02-13 09:35 - 2013-02-13 09:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 09:35 - 2013-02-13 09:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-10-06 09:55 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-14 09:40 - 2013-10-23 08:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-10 12:30 - 2013-01-10 12:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2014-11-04 08:47 - 2014-11-04 08:48 - 00050477 _____ () C:\Users\Justus\Desktop\Defogger.exe
2013-11-23 15:57 - 2013-02-16 00:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-30 16:31 - 2014-10-19 22:14 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Justus\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: iPod Service => 3
HKLM\...\StartupApproved\Run: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NCPluginUpdater"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "GUDelayStartup"

========================= Accounts: ==========================

Administrator (S-1-5-21-2342487917-3089948869-1178489403-500 - Administrator - Disabled)
Gast (S-1-5-21-2342487917-3089948869-1178489403-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2342487917-3089948869-1178489403-1006 - Limited - Enabled)
Justus (S-1-5-21-2342487917-3089948869-1178489403-1002 - Administrator - Enabled) => C:\Users\Justus
UpdatusUser (S-1-5-21-2342487917-3089948869-1178489403-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/04/2014 09:59:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 240

Start Time: 01cff8030c7aecd4

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: c52ef5cd-646d-11e4-bea5-a0d3c1cba8d3

Faulting package full name:

Faulting package-relative application ID:

Error: (11/04/2014 09:58:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1
Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0x15cc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/02/2014 10:29:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x7b4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (11/02/2014 10:23:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 444

Start Time: 01cff683a9a35bd2

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 59419fb4-627a-11e4-bea3-a0d3c1cba8d3

Faulting package full name:

Faulting package-relative application ID:

Error: (11/02/2014 09:59:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ef0

Start Time: 01cff67ff08623a7

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: db12e7d5-6276-11e4-bea3-a0d3c1cba8d3

Faulting package full name:

Faulting package-relative application ID:

Error: (11/02/2014 09:58:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1
Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0xb6c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/02/2014 08:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1
Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0xe18
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/01/2014 07:25:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x448
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (11/01/2014 00:48:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x504
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (11/01/2014 11:50:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x80c
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5


System errors:
=============
Error: (11/04/2014 08:41:55 PM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/04/2014 08:41:25 PM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/04/2014 09:23:20 AM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/04/2014 09:22:50 AM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/04/2014 07:56:07 AM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/04/2014 07:55:37 AM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/03/2014 00:00:09 PM) (Source: DCOM) (EventID: 10010) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/03/2014 10:10:43 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer NIKO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1FA0E25A-CD2F-4D75-8CD5-AFA4D51024C5}.
The master browser is stopping or an election is being forced.

Error: (11/03/2014 09:07:48 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer NIKO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1FA0E25A-CD2F-4D75-8CD5-AFA4D51024C5}.
The master browser is stopping or an election is being forced.

Error: (11/02/2014 05:44:11 PM) (Source: Schannel) (EventID: 4116) (User: SPUGAT)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is DB3WNS4011109.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.


Microsoft Office Sessions:
=========================
Error: (11/04/2014 09:59:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.539724001cff8030c7aecd44294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exec52ef5cd-646d-11e4-bea5-a0d3c1cba8d3

Error: (11/04/2014 09:58:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb800000030000142515cc01cff8721743206fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc62a9ab8-646d-11e4-bea5-a0d3c1cba8d3

Error: (11/02/2014 10:29:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll_unloaded0.0.0.0512dd822c0000094000107b37b401cff687d6864d92C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll26eda34e-627b-11e4-bea5-a0d3c1cba8d3

Error: (11/02/2014 10:23:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.539744401cff683a9a35bd24294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe59419fb4-627a-11e4-bea3-a0d3c1cba8d3

Error: (11/02/2014 09:59:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.5397ef001cff67ff08623a74294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exedb12e7d5-6276-11e4-bea3-a0d3c1cba8d3

Error: (11/02/2014 09:58:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425b6c01cff6831f7244e4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlldbc57066-6276-11e4-bea3-a0d3c1cba8d3

Error: (11/02/2014 08:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425e1801cff672a4e516e4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb9c60a6e-6267-11e4-bea3-a0d3c1cba8d3

Error: (11/01/2014 07:25:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512dd822c0000094000107b344801cff6099aaff5cfC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dlle43c6821-61fc-11e4-bea3-a0d3c1cba8d3

Error: (11/01/2014 00:48:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512dd822c0000094000107b350401cff5d227a8d098C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll6e30c169-61c5-11e4-bea2-a0d3c1cba8d3

Error: (11/01/2014 11:50:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll_unloaded0.0.0.0512dd822c0000094000107b380c01cff5c9fc3eace0C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll4a5c9a34-61bd-11e4-bea1-a0d3c1cba8d3


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 12220.02 MB
Available physical RAM: 9737.08 MB
Total Pagefile: 14076.02 MB
Available Pagefile: 11495.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:456.22 GB) (Free:327.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:1.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (DATA) (Fixed) (Total:298.19 GB) (Free:221.74 GB) NTFS
Drive l: (Mucke) (Fixed) (Total:156.25 GB) (Free:10.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)

Partition: GPT Partition Type.

==================== End Of Log ============================
Gmer Log:
Zitat:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-05 08:37:40
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000033 TOSHIBA_MQ01ABD100 rev.AX001C 931.51GB
Running: Gmer-19357.exe; Driver: C:\Users\Justus\AppData\Local\Temp\uwldypod.sys


---- Kernel code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000216e00 15 bytes [00, F1, F6, 01, 40, 8F, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000216e10 11 bytes [00, 6D, FC, FF, 00, A3, C3, ...]

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\system32\lsass.exe[672] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\lsass.exe[672] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\lsass.exe[672] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\lsass.exe[672] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]
.text C:\Windows\System32\WUDFHost.exe[1376] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\Windows\System32\WUDFHost.exe[1376] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\Windows\System32\WUDFHost.exe[1376] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\Windows\System32\WUDFHost.exe[1376] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1652] C:\WINDOWS\System32\WSOCK32.dll!setsockopt + 194 00007ffdac771f6a 4 bytes [77, AC, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1652] C:\WINDOWS\System32\WSOCK32.dll!setsockopt + 218 00007ffdac771f82 4 bytes [77, AC, FD, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4684] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4684] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4684] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4684] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffdc26028c0 7 bytes JMP 00007ffec1ee02d0
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffdc26043d8 7 bytes JMP 00007ffec1ee0308
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffdc26b1f20 7 bytes JMP 00007ffec1ee0378
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffdc26b40b4 7 bytes JMP 00007ffec1ee03b0
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffdc26b4510 7 bytes JMP 00007ffec1ee0340
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffdc26b4af0 7 bytes JMP 00007ffec1ee0260
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffdc26dcea0 7 bytes JMP 00007ffec1ee0228
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffdc26dcf10 7 bytes JMP 00007ffec1ee0298
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffdc1ef299c 7 bytes JMP 00007ffec1ee00d8
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffdc1ef54c8 5 bytes JMP 00007ffec1ee0180
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffdc1ef55b0 5 bytes JMP 00007ffec1ee0148
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffdc1ef5e58 5 bytes JMP 00007ffec1ee0110
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffdc275b6f4 10 bytes JMP 00007ffec1ee0490
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffdc27645e8 5 bytes JMP 00007ffec1ee0458
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffdc2764760 1 byte JMP 00007ffec1ee03e8
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ffdc2764762 7 bytes {JMP 0xffffffffff77bc88}
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffdc2774fc0 5 bytes JMP 00007ffec1ee0420
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffdc31b1500 8 bytes JMP 00007ffec1ee01b8
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffdc31b1750 8 bytes JMP 00007ffec1ee01f0
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffdbfa07a88 5 bytes JMP 00007ffebf9f0110
.text C:\WINDOWS\System32\dwm.exe[2232] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffdbfa14990 5 bytes JMP 00007ffebf9f00d8
.text C:\WINDOWS\system32\nvvsvc.exe[1636] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[1636] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[1636] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[1636] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1140] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1140] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1140] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1140] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[1796] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffdc4a9169a 4 bytes [A9, C4, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[1796] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffdc4a916a2 4 bytes [A9, C4, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[1796] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffdc4a9181a 4 bytes [A9, C4, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[1796] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffdc4a91832 4 bytes [A9, C4, FD, 7F]

---- Threads - GMER 2.1 ----

Thread C:\WINDOWS\system32\csrss.exe [2992:2104] fffff9600080bb90
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [4444:2760] 0000000000981cce
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [4444:4908] 0000000074de3309
---- Processes - GMER 2.1 ----

Library C:\ProgramData\EPSON\EPSON SX218 Series\Language\0407.E_SCE0DB.DLL (*** suspicious ***) @ C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IARNGDE.EXE [6660] (EPSON Status Monitor 3/SEIKO EPSON CORPORATION)(2014-07-18 05:31:42) 0000000000940000

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

schrauber 05.11.2014 13:55
hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Spugat 05.11.2014 16:13
Hey,
vielen Dank schon mal für die Antwort.
Hier die Logs:

MBAM:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05/11/2014
Scan Time: 14:06:21
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.05.05
Rootkit Database: v2014.11.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Justus

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371582
Time Elapsed: 33 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
AdwCleaner:
Code:
# AdwCleaner v4.002 - Bericht erstellt am 05/11/2014 um 14:48:03
# DB v2014-11-02.1
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Justus - SPUGAT
# Gestartet von : C:\Users\Justus\Desktop\AdwCleaner_4.002.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0 (x86 en-GB)


*************************

AdwCleaner[R0].txt - [6501 octets] - [15/06/2014 11:33:13]
AdwCleaner[R1].txt - [2057 octets] - [01/11/2014 11:18:55]
AdwCleaner[R2].txt - [1072 octets] - [01/11/2014 11:41:51]
AdwCleaner[R3].txt - [1110 octets] - [05/11/2014 14:44:37]
AdwCleaner[S0].txt - [5310 octets] - [15/06/2014 11:34:42]
AdwCleaner[S1].txt - [2072 octets] - [01/11/2014 11:20:57]
AdwCleaner[S2].txt - [1134 octets] - [01/11/2014 11:48:41]
AdwCleaner[S3].txt - [1024 octets] - [05/11/2014 14:48:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1084 octets] ##########
JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 8.1 x64
Ran by Justus on 05/11/2014 at 14:53:29.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Justus\AppData\Roaming\mozilla\firefox\profiles\jtn1wmwz.default\prefs.js

user_pref("extensions.foxstart-cck@extensions.foxstart.com.install-event-fired", true);
user_pref("extensions.foxstart-cck@extensions.foxstart.com.version", "1.0");
user_pref("extensions.installedDistroAddon.foxstart-cck@extensions.foxstart.com", true);
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_executeCode", "var VBATES_IsValidUrl=function(currentUrl,currentBrowser,queryParam){try{var urlParts=curren
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partners", "{_&&_www.brandalley.co.uk_&&_:_&&_www.awin1.com/awclick.php?mid=3676&id=178119_&&_,_&&_www.curr
Emptied folder: C:\Users\Justus\AppData\Roaming\mozilla\firefox\profiles\jtn1wmwz.default\minidumps [15 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/11/2014 at 14:57:46.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Justus (administrator) on SPUGAT on 05-11-2014 15:07:14
Running from C:\Users\Justus\Desktop
Loaded Profile: Justus (Available profiles: UpdatusUser & Justus)
Platform: Windows 8.1 (X64) OS Language: German (Germany)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
HKU\S-1-5-21-2342487917-3089948869-1178489403-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE [283232 2012-10-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - xxx{553891B7-A0D5-4526-BE18-D3CE461D6310} -  No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 158.143.223.209 158.143.96.212
Tcpip\..\Interfaces\{1FA0E25A-CD2F-4D75-8CD5-AFA4D51024C5}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Foxstart Default Settings - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\foxstart-cck@extensions.foxstart.com [2014-10-30]
FF Extension: DownloadHelper - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: YouTube Center - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-09-25]
FF Extension: English (GB) Language Pack - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2014-10-07]
FF Extension: printpdf - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\printpdf@pavlov.net.xpi [2014-06-14]
FF Extension: Modify Headers - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-10-29]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-06-14]
FF Extension: Adblock Plus - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-14] (Microsoft Corporation)
S3 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-14] (Microsoft Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-05-10] (Pharos Systems International) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-05] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49200 2013-02-26] (Ralink Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2014-11-01] (Glarysoft Ltd)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-14] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-11-05] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 15:07 - 2014-11-05 15:08 - 00017110 _____ () C:\Users\Justus\Desktop\FRST.txt
2014-11-05 15:03 - 2014-11-05 15:03 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-11-05 14:57 - 2014-11-05 14:57 - 00002077 _____ () C:\Users\Justus\Desktop\JRT.txt
2014-11-05 14:53 - 2014-11-05 14:53 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-05 14:52 - 2014-11-05 14:52 - 00001164 _____ () C:\Users\Justus\Desktop\AdwCleaner[S3].txt
2014-11-05 14:43 - 2014-11-05 14:43 - 00001044 _____ () C:\Users\Justus\Desktop\MBAM.txt
2014-11-05 14:06 - 2014-11-05 14:06 - 01706359 _____ (Thisisu) C:\Users\Justus\Desktop\JRT.exe
2014-11-05 14:04 - 2014-11-05 14:04 - 01998336 _____ () C:\Users\Justus\Desktop\AdwCleaner_4.002.exe
2014-11-05 09:25 - 2014-11-05 15:05 - 00000000 ____D () C:\Users\Justus\Desktop\Trojanerforum
2014-11-05 09:15 - 2014-11-05 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-05 09:15 - 2014-11-05 09:15 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-05 08:42 - 2014-11-05 15:02 - 00001202 _____ () C:\WINDOWS\PFRO.log
2014-11-05 08:19 - 2014-11-05 15:07 - 00000000 ____D () C:\FRST
2014-11-05 08:17 - 2014-11-05 08:17 - 00000000 _____ () C:\Users\Justus\defogger_reenable
2014-11-05 08:14 - 2014-11-05 15:05 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat
2014-11-04 08:48 - 2014-11-04 08:48 - 02114560 _____ (Farbar) C:\Users\Justus\Desktop\FRST64.exe
2014-11-02 21:54 - 2014-11-05 10:09 - 00145577 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-02 10:26 - 2014-10-28 02:07 - 00028960 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe
2014-11-01 21:08 - 2014-11-01 21:08 - 00000000 ____D () C:\Users\Justus\Desktop\FG 7 8 EY40
2014-11-01 19:31 - 2014-11-01 19:31 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Avira
2014-11-01 19:30 - 2014-11-01 19:30 - 00000000 ____D () C:\Users\Justus\AppData\Local\Macromedia
2014-11-01 19:26 - 2014-11-05 09:18 - 00000000 ____D () C:\Users\Justus\AppData\Local\VirtualStore
2014-11-01 19:26 - 2014-11-01 19:26 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Synaptics
2014-11-01 19:25 - 2014-11-01 19:25 - 00000000 ____D () C:\ProgramData\Validity
2014-11-01 12:46 - 2014-11-01 12:46 - 00007607 _____ () C:\Users\Justus\AppData\Local\Resmon.ResmonCfg
2014-11-01 11:42 - 2014-11-01 11:42 - 00000000 ___HD () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-11-01 11:27 - 2014-11-01 11:27 - 00000000 ____D () C:\Users\Justus\AppData\Local\Microsoft Help
2014-11-01 11:17 - 2014-11-05 15:04 - 00000344 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-01 11:17 - 2014-11-05 08:52 - 00002618 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-11-01 11:17 - 2014-11-05 08:52 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 11:53 - 00002972 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-11-01 11:17 - 2014-11-01 11:45 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\GlarySoft
2014-11-01 11:17 - 2014-11-01 11:17 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-11-01 11:17 - 2014-11-01 11:17 - 00001115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-11-01 09:33 - 2014-11-04 15:44 - 00013187 _____ () C:\Users\Justus\Desktop\2014.11.xlsx
2014-10-30 16:31 - 2014-11-01 11:00 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-30 16:31 - 2014-10-30 16:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 16:31 - 2014-10-30 16:31 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-30 16:24 - 2014-10-30 16:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 15:46 - 2014-11-01 11:01 - 00000000 ____D () C:\Users\Justus\Desktop\backup
2014-10-30 11:15 - 2014-11-05 11:54 - 00006501 _____ () C:\Users\Justus\Desktop\School to-do.odt
2014-10-30 11:15 - 2014-11-04 09:07 - 00000000 ____D () C:\Users\Justus\Desktop\Reading
2014-10-30 11:15 - 2014-11-03 15:03 - 00008243 _____ () C:\Users\Justus\Desktop\to do.odt
2014-10-30 11:15 - 2014-10-30 11:16 - 00000000 ____D () C:\Users\Justus\Desktop\QMUL
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Efficient Elements
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Local\Efficient Elements
2014-10-16 10:11 - 2014-11-01 20:37 - 00000000 ____D () C:\Program Files (x86)\Pharos
2014-10-16 10:11 - 2014-10-16 10:11 - 00000000 ____D () C:\Program Files (x86)\PharosSystems
2014-10-16 10:11 - 2013-05-10 17:28 - 00757760 ____T (Pharos Systems International) C:\WINDOWS\system32\PSR6B04F.DLL
2014-10-16 10:11 - 2013-05-10 17:27 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2014-10-16 10:11 - 2013-05-10 17:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2014-10-16 08:34 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 08:33 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-16 08:33 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-16 08:33 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-16 08:33 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-16 08:33 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-16 08:33 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-16 08:33 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-16 08:32 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 08:32 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 08:31 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 08:31 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 08:31 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 08:31 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 08:31 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 08:31 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 08:31 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 08:31 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 08:31 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 08:31 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-16 08:31 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 08:31 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 08:31 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 08:31 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 08:31 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-16 08:31 - 2014-08-29 01:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 08:31 - 2014-08-29 00:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 08:31 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 08:31 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-16 08:31 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 08:31 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 03:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-16 08:31 - 2014-08-16 03:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-16 08:31 - 2014-08-16 03:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-16 08:31 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-16 08:31 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 08:31 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 08:31 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-16 08:31 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-16 08:31 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 08:31 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 08:31 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 08:31 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-16 08:31 - 2014-07-31 23:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 13:33 - 2014-10-15 13:36 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-10-15 13:33 - 2014-10-15 13:33 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\system32\cpwmon64.dll
2014-10-06 10:25 - 2014-10-11 08:30 - 00011271 _____ () C:\Users\Justus\Desktop\Supermarkt Vgl.xlsx
2014-10-06 10:23 - 2014-10-06 10:23 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-10-06 10:01 - 2014-10-06 10:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-06 09:58 - 2014-10-06 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-06 09:58 - 2014-10-06 10:04 - 00002428 _____ () C:\Users\Justus\Desktop\Word 2013.lnk
2014-10-06 09:55 - 2014-10-23 09:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 15:05 - 2014-06-14 19:18 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\ClassicShell
2014-11-05 15:03 - 2013-11-23 16:12 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-11-05 15:03 - 2013-11-23 16:12 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-11-05 15:03 - 2013-03-04 15:30 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-11-05 15:02 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-05 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-05 14:48 - 2014-06-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-11-05 14:48 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-05 14:36 - 2014-06-13 17:14 - 00000000 ____D () C:\Users\Justus\AppData\Local\Packages
2014-11-05 14:34 - 2014-06-14 16:18 - 00000000 ____D () C:\Users\Justus\Desktop\Neuer Ordner
2014-11-05 14:17 - 2014-06-14 18:15 - 00000000 ____D () C:\Users\Justus\AppData\Local\Last.fm
2014-11-05 14:06 - 2014-06-14 20:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-05 11:55 - 2014-06-13 17:23 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2342487917-3089948869-1178489403-1002
2014-11-05 09:49 - 2014-06-15 08:45 - 01167872 ___SH () C:\Users\Justus\Desktop\Thumbs.db
2014-11-05 08:17 - 2014-06-14 09:47 - 00000000 ____D () C:\Users\Justus
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-04 23:15 - 2013-11-23 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-04 22:59 - 2014-06-15 08:36 - 00000000 ____D () C:\Users\Justus\Desktop\Komische sachen
2014-11-04 22:52 - 2014-06-14 16:29 - 00000000 ____D () C:\The KMPlayer
2014-11-03 20:09 - 2014-03-18 10:03 - 01984420 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-03 20:09 - 2014-03-18 09:25 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-03 20:09 - 2014-03-18 09:25 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-02 22:05 - 2014-06-13 17:17 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Adobe
2014-11-02 10:27 - 2013-08-22 13:25 - 86769664 _____ () C:\WINDOWS\system32\config\SOFTWARE.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.gu.bak
2014-11-01 21:12 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Local\Mozilla
2014-11-01 20:37 - 2014-09-26 09:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-01 20:36 - 2014-06-14 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-01 20:36 - 2013-11-23 15:59 - 00000000 ____D () C:\ProgramData\Apple
2014-11-01 20:36 - 2013-11-23 15:57 - 00000000 ____D () C:\ProgramData\Intel
2014-11-01 20:36 - 2013-11-23 15:53 - 00000000 ____D () C:\Intel
2014-11-01 19:26 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mozilla
2014-11-01 19:20 - 2014-06-15 07:21 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\DVDVideoSoft
2014-11-01 19:20 - 2014-06-13 17:33 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Hewlett-Packard
2014-11-01 19:19 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2014-11-01 09:33 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Monthly expenditure
2014-10-31 12:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-10-30 10:42 - 2014-06-15 15:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 10:41 - 2014-06-15 15:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-30 10:40 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 10:37 - 2013-09-27 10:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-10-29 15:37 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-29 12:04 - 2014-06-16 10:14 - 00000000 ___RD () C:\Users\Justus\Dropbox
2014-10-29 12:04 - 2014-06-14 18:32 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Dropbox
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 09:15 - 2014-06-16 10:51 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mp3tag
2014-10-20 11:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-19 07:24 - 2014-06-15 08:02 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-18 09:45 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-17 08:52 - 2014-08-14 07:54 - 00000000 ____D () C:\Users\Justus\AppData\Local\Adobe
2014-10-17 08:43 - 2014-06-15 08:02 - 00003774 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:24 - 2013-08-22 14:44 - 00518504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 22:19 - 2014-06-13 17:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-16 22:15 - 2014-06-13 17:59 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 11:32 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-12 09:08 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Training
2014-10-09 13:59 - 2014-06-14 16:45 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Justus\AppData\Local\Temp\avgnt.exe
C:\Users\Justus\AppData\Local\Temp\Quarantine.exe
C:\Users\Justus\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-04 07:55

==================== End Of Log ============================
--- --- ---


FRST Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Justus at 2014-11-05 15:09:19
Running from C:\Users\Justus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{90C96F50-6055-4E41-A143-B0B02383223F}) (Version: 1.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX218 Series (HKLM\...\EPSON SX218 Series) (Version:  - SEIKO EPSON Corporation)
Efficient Elements for presentations - Standard Edition (HKLM-x32\...\{CA7E2194-C2F8-4465-876F-92AF13B58231}) (Version: 2.0.43900.1 - Efficient Elements GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version:  - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Ihr Firmenname)
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-GB)) (Version: 33.0 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{25C4294E-DDA8-EE68-0E16-FA6BD9C8684B}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.25.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Slice Audio File Splitter (HKLM-x32\...\Slice) (Version:  - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

02-11-2014 16:19:34 Geplanter Prüfpunkt
05-11-2014 09:10:42 Installed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06E33511-285B-4439-97B2-9E90C39604C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1138D9E8-F953-42F1-A49C-307D9631AB72} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2012-11-20] ()
Task: {144111B4-D918-4BCD-A4E6-4B38B822F7C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {1B2A5D0D-37F3-4D08-9C86-15351173C465} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E19A6D5-55D8-4493-8DB2-2CE24BC66E08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BB746BC-BC29-43C1-A22B-1894082427C8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {50B3E99C-6CC0-4C98-A0E7-B832ECC68497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {61AA5B76-657D-45E2-BD74-AE12D01289E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {888127C6-E6E1-454E-ABEC-38E68E27FECA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {923391A6-FED3-442D-8D31-3D551AED6992} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {935677B2-EBDB-4858-82C4-A433FCD2E952} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {93C89366-CDC0-4952-B6D5-75D39FC829E1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B8EED6EA-5A4A-4C7E-B415-60A42E7AAD41} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {BB0FED68-CDDF-4E79-9313-ADBBC314B04B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {BE45617E-DE54-443A-B37F-B69DA1B340FD} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-10-28] (Glarysoft Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DACFFEEA-E810-44E2-AEE2-A12C88F3CF4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F4565828-4E1F-4E9D-93AF-132D7194F0C4} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-10-28] (Glarysoft Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-14 09:40 - 2013-10-23 08:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2014-10-06 09:55 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-02-13 09:35 - 2013-02-13 09:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 09:35 - 2013-02-13 09:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-10-06 09:56 - 2014-10-06 09:56 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-10-30 16:31 - 2014-10-19 22:14 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-23 15:57 - 2013-02-16 00:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Justus\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: iPod Service => 3
HKLM\...\StartupApproved\Run: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NCPluginUpdater"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "GUDelayStartup"

========================= Accounts: ==========================

Administrator (S-1-5-21-2342487917-3089948869-1178489403-500 - Administrator - Disabled)
Gast (S-1-5-21-2342487917-3089948869-1178489403-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2342487917-3089948869-1178489403-1006 - Limited - Enabled)
Justus (S-1-5-21-2342487917-3089948869-1178489403-1002 - Administrator - Enabled) => C:\Users\Justus
UpdatusUser (S-1-5-21-2342487917-3089948869-1178489403-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2014 03:03:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x7b4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5


System errors:
=============
Error: (11/05/2014 03:06:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/05/2014 03:06:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/05/2014 03:04:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (11/05/2014 03:03:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll_unloaded0.0.0.0512dd822c0000094000107b37b401cff9099935fcfaC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dlled03f8d4-64fc-11e4-bea8-a0d3c1cba8d3


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 13%
Total physical RAM: 12220.02 MB
Available physical RAM: 10530.77 MB
Total Pagefile: 14076.02 MB
Available Pagefile: 12381.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:456.22 GB) (Free:327.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:1.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (DATA) (Fixed) (Total:298.19 GB) (Free:221.74 GB) NTFS
Drive l: (Mucke) (Fixed) (Total:156.25 GB) (Free:10.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 06.11.2014 10:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Spugat 06.11.2014 15:05
sooo, nachdem ESET nun ziemlich lang gebrauch hat, hier die logs:
(das Problem besteht leider noch immer)

ESET:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c0e717e04c7d2e40bd74dc7e20ad6061
# engine=20957
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-06 01:52:44
# local_time=2014-11-06 01:52:44 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 110402 15654962 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3126978 40163257 0 0
# scanned=270306
# found=24
# cleaned=0
# scan_time=10894
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=2FCA2173F2DD16DF8F1F990170FA4479FC5D5BFC ft=1 fh=c528dd1cda99a111 vn="Variante von Win32/ELEX.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="Variante von Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=E97CBDBD7CFED2C58464C1ABF186520022DE5666 ft=1 fh=7a2ea5ecc33ad0e3 vn="Variante von Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=251A3803C9AB15C6EAF576250F78DC4CC1D843F7 ft=1 fh=bbd71f22d491c083 vn="Variante von Win32/ELEX.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsProtectManger\wprotectmanager.exe.vir"
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Justus\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=54BC4AD8E5307E7FF9DBBEF94B60F847D27B8FDA ft=1 fh=90fcfd4440d863c5 vn="Variante von Win32/Toolbar.Conduit.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\NCH Swift Sound\Slice\slice.exe"
sh=281FFE7BB0A13C7B477C696AD65D9E61BC2FB6A3 ft=1 fh=4f4d4516d6495a0e vn="Variante von Win32/Toolbar.Conduit.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\NCH Swift Sound\Slice\slicesetup_CB-DL-Manager [1]_v2.00.exe"
sh=9A640159BC2F3E3039B2BE615C8789B09B3B5886 ft=1 fh=6ac2b98e40d863c5 vn="Variante von Win32/Toolbar.Conduit.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\NCH Swift Sound\Slice\uninst.exe"
sh=0ABFE3341F6B2588AD68D2F909E09CF75C96F8E6 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Baja_Los_Cabos7th_Edition_August_2007.rar"
sh=36156C957758E791A5E3307760DAC4F52C1476DE ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Guatemala 3rdEd 09 2007.rar"
sh=A33DF14B8DA0D83A91B749915ABE6BE3D05B4205 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Guatemala3rd_Edition_September_2007.rar"
sh=5274E25BE0325731CCF8BBF6511FA5150280E1DF ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Honduras Bay Islands 1st Ed 01 2007.rar"
sh=C31F5A476303DB6D18E5814E9F2DA791C1644579 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Honduras_the_Bay_Islands1st_Edition_January_2007.rar"
sh=F1893FBBABC47E37DEB6A131B0C3CC36ACA16FE3 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Mexican_Spanish1st_Edition_October_2003.rar"
sh=ACF25FD6FDA6EA03F26424880A380978EA8B5CA5 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Nicaragua_El_Salvador1st_Edition_October_2006.rar"
sh=9E852B265A6CE47C6318EBCCA0CCD8AE144282F0 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Panama4th_Edition_November_2007.rar"
sh=783883B72EB6C86DADA3C2F898BCC78C7EE72C31 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Puerto_Vallarta_Pacific_Mexico2nd_Edition_August_2006.rar"
sh=739F83A1663912C187A29518E6E9FA849D43457F ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="E:\mon\Lonely Planet Travel Guides\Yucatan3rd_Edition_November_2006.rar"
SecurityCheck:
Code:
Results of screen317's Security Check version 0.99.89 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Avira Desktop     
Windows Defender 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 60 
 Java 8 Update 25 
 Java version out of Date!
 Adobe Flash Player        15.0.0.189 
 Adobe Reader XI 
 Mozilla Firefox (33.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Justus (administrator) on SPUGAT on 06-11-2014 13:58:22
Running from C:\Users\Justus\Desktop
Loaded Profile: Justus (Available profiles: UpdatusUser & Justus)
Platform: Windows 8.1 (X64) OS Language: German (Germany)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
HKU\S-1-5-21-2342487917-3089948869-1178489403-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE [283232 2012-10-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {12C91797-6568-4DC5-9147-78C4280510F8} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - xxx{553891B7-A0D5-4526-BE18-D3CE461D6310} -  No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 158.143.223.209 158.143.96.212
Tcpip\..\Interfaces\{1FA0E25A-CD2F-4D75-8CD5-AFA4D51024C5}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Foxstart Default Settings - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\foxstart-cck@extensions.foxstart.com [2014-10-30]
FF Extension: DownloadHelper - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: YouTube Center - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-09-25]
FF Extension: English (GB) Language Pack - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2014-10-07]
FF Extension: printpdf - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\printpdf@pavlov.net.xpi [2014-06-14]
FF Extension: Modify Headers - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-10-29]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-06-14]
FF Extension: Adblock Plus - C:\Users\Justus\AppData\Roaming\Mozilla\Firefox\Profiles\jtn1wmwz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-14] (Microsoft Corporation)
S3 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-14] (Microsoft Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-05-10] (Pharos Systems International) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-05] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49200 2013-02-26] (Ralink Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2014-11-01] (Glarysoft Ltd)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-14] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-11-05] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-06 13:58 - 2014-11-06 13:59 - 00017292 _____ () C:\Users\Justus\Desktop\FRST.txt
2014-11-06 13:57 - 2014-11-06 13:57 - 00000868 _____ () C:\Users\Justus\Desktop\checkup.txt
2014-11-05 19:03 - 2014-11-06 12:43 - 00052882 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-05 15:03 - 2014-11-05 15:03 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-11-05 14:53 - 2014-11-05 14:53 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-05 09:25 - 2014-11-06 13:58 - 00000000 ____D () C:\Users\Justus\Desktop\Trojanerforum
2014-11-05 08:19 - 2014-11-06 13:58 - 00000000 ____D () C:\FRST
2014-11-05 08:17 - 2014-11-05 08:17 - 00000000 _____ () C:\Users\Justus\defogger_reenable
2014-11-05 08:14 - 2014-11-06 08:26 - 00004968 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat
2014-11-04 08:48 - 2014-11-04 08:48 - 02114560 _____ (Farbar) C:\Users\Justus\Desktop\FRST64.exe
2014-11-02 10:26 - 2014-10-28 02:07 - 00028960 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe
2014-11-01 21:08 - 2014-11-01 21:08 - 00000000 ____D () C:\Users\Justus\Desktop\FG 7 8 EY40
2014-11-01 19:31 - 2014-11-01 19:31 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Avira
2014-11-01 19:30 - 2014-11-01 19:30 - 00000000 ____D () C:\Users\Justus\AppData\Local\Macromedia
2014-11-01 19:26 - 2014-11-05 09:18 - 00000000 ____D () C:\Users\Justus\AppData\Local\VirtualStore
2014-11-01 19:26 - 2014-11-01 19:26 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Synaptics
2014-11-01 19:25 - 2014-11-01 19:25 - 00000000 ____D () C:\ProgramData\Validity
2014-11-01 12:46 - 2014-11-01 12:46 - 00007607 _____ () C:\Users\Justus\AppData\Local\Resmon.ResmonCfg
2014-11-01 11:42 - 2014-11-01 11:42 - 00000000 ___HD () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-11-01 11:27 - 2014-11-01 11:27 - 00000000 ____D () C:\Users\Justus\AppData\Local\Microsoft Help
2014-11-01 11:17 - 2014-11-06 08:06 - 00000344 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-01 11:17 - 2014-11-05 08:52 - 00002618 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-11-01 11:17 - 2014-11-05 08:52 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 11:53 - 00002972 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-11-01 11:17 - 2014-11-01 11:45 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\GlarySoft
2014-11-01 11:17 - 2014-11-01 11:17 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-11-01 11:17 - 2014-11-01 11:17 - 00001115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-11-01 11:17 - 2014-11-01 11:17 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-11-01 09:33 - 2014-11-06 10:47 - 00013355 _____ () C:\Users\Justus\Desktop\2014.11.xlsx
2014-10-30 16:31 - 2014-11-01 11:00 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-30 16:31 - 2014-10-30 16:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 16:31 - 2014-10-30 16:31 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-30 16:24 - 2014-10-30 16:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 15:46 - 2014-11-01 11:01 - 00000000 ____D () C:\Users\Justus\Desktop\backup
2014-10-30 11:15 - 2014-11-06 13:16 - 00006546 _____ () C:\Users\Justus\Desktop\School to-do.odt
2014-10-30 11:15 - 2014-11-06 13:07 - 00008032 _____ () C:\Users\Justus\Desktop\to do.odt
2014-10-30 11:15 - 2014-11-04 09:07 - 00000000 ____D () C:\Users\Justus\Desktop\Reading
2014-10-30 11:15 - 2014-10-30 11:16 - 00000000 ____D () C:\Users\Justus\Desktop\QMUL
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Efficient Elements
2014-10-29 08:38 - 2014-10-29 08:38 - 00000000 ____D () C:\Users\Justus\AppData\Local\Efficient Elements
2014-10-16 10:11 - 2014-11-01 20:37 - 00000000 ____D () C:\Program Files (x86)\Pharos
2014-10-16 10:11 - 2014-10-16 10:11 - 00000000 ____D () C:\Program Files (x86)\PharosSystems
2014-10-16 10:11 - 2013-05-10 17:28 - 00757760 ____T (Pharos Systems International) C:\WINDOWS\system32\PSR6B04F.DLL
2014-10-16 10:11 - 2013-05-10 17:27 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2014-10-16 10:11 - 2013-05-10 17:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2014-10-16 08:34 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 08:33 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-16 08:33 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-16 08:33 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-16 08:33 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-16 08:33 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-16 08:33 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-16 08:33 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-16 08:33 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-16 08:33 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-16 08:33 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-16 08:33 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-16 08:32 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 08:32 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 08:32 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 08:31 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 08:31 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 08:31 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 08:31 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 08:31 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 08:31 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 08:31 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 08:31 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 08:31 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 08:31 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 08:31 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 08:31 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 08:31 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 08:31 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 08:31 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 08:31 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 08:31 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 08:31 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-16 08:31 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 08:31 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 08:31 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 08:31 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 08:31 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-16 08:31 - 2014-08-29 01:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 08:31 - 2014-08-29 00:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 08:31 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 08:31 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-16 08:31 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-16 08:31 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 08:31 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 03:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-16 08:31 - 2014-08-16 03:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-16 08:31 - 2014-08-16 03:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-16 08:31 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-16 08:31 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 08:31 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-16 08:31 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 08:31 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-16 08:31 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-16 08:31 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-16 08:31 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 08:31 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 08:31 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 08:31 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 08:31 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 08:31 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-16 08:31 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-16 08:31 - 2014-08-16 00:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-16 08:31 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 08:31 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 08:31 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-16 08:31 - 2014-07-31 23:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 13:33 - 2014-10-15 13:36 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-10-15 13:33 - 2014-10-15 13:33 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\system32\cpwmon64.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-06 13:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-06 10:50 - 2014-06-14 16:18 - 00000000 ____D () C:\Users\Justus\Desktop\Neuer Ordner
2014-11-06 10:40 - 2014-06-15 08:45 - 00005156 _____ () C:\Users\Justus\Desktop\864788605.odt
2014-11-06 10:36 - 2014-06-15 08:36 - 00000000 ____D () C:\Users\Justus\Desktop\Komische sachen
2014-11-06 09:57 - 2014-06-13 17:14 - 00000000 ____D () C:\Users\Justus\AppData\Local\Packages
2014-11-06 09:33 - 2014-06-15 08:45 - 01200128 ___SH () C:\Users\Justus\Desktop\Thumbs.db
2014-11-06 08:32 - 2014-06-14 19:18 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\ClassicShell
2014-11-05 17:32 - 2014-06-14 18:15 - 00000000 ____D () C:\Users\Justus\AppData\Local\Last.fm
2014-11-05 15:57 - 2014-06-13 17:23 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2342487917-3089948869-1178489403-1002
2014-11-05 15:03 - 2013-11-23 16:12 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-11-05 15:03 - 2013-11-23 16:12 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-11-05 15:03 - 2013-03-04 15:30 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-11-05 15:02 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-05 14:48 - 2014-06-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-11-05 14:48 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-05 14:06 - 2014-06-14 20:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-05 08:17 - 2014-06-14 09:47 - 00000000 ____D () C:\Users\Justus
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-04 23:15 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-04 23:15 - 2013-11-23 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-04 22:52 - 2014-06-14 16:29 - 00000000 ____D () C:\The KMPlayer
2014-11-03 20:09 - 2014-03-18 10:03 - 01984420 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-03 20:09 - 2014-03-18 09:25 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-03 20:09 - 2014-03-18 09:25 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-02 22:05 - 2014-06-13 17:17 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Adobe
2014-11-02 10:27 - 2013-08-22 13:25 - 86769664 _____ () C:\WINDOWS\system32\config\SOFTWARE.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.gu.bak
2014-11-02 10:27 - 2013-08-22 13:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.gu.bak
2014-11-01 21:12 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Local\Mozilla
2014-11-01 20:37 - 2014-09-26 09:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-01 20:36 - 2014-06-14 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-01 20:36 - 2013-11-23 15:59 - 00000000 ____D () C:\ProgramData\Apple
2014-11-01 20:36 - 2013-11-23 15:57 - 00000000 ____D () C:\ProgramData\Intel
2014-11-01 20:36 - 2013-11-23 15:53 - 00000000 ____D () C:\Intel
2014-11-01 19:26 - 2014-06-14 16:10 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mozilla
2014-11-01 19:20 - 2014-06-15 07:21 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\DVDVideoSoft
2014-11-01 19:20 - 2014-06-13 17:33 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Hewlett-Packard
2014-11-01 19:19 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2014-11-01 09:33 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Monthly expenditure
2014-10-31 12:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-10-30 10:42 - 2014-06-15 15:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 10:41 - 2014-06-15 15:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-30 10:40 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 10:37 - 2013-09-27 10:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-10-29 15:37 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-29 12:04 - 2014-06-16 10:14 - 00000000 ___RD () C:\Users\Justus\Dropbox
2014-10-29 12:04 - 2014-06-14 18:32 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Dropbox
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 09:04 - 2014-06-14 16:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 09:15 - 2014-06-16 10:51 - 00000000 ____D () C:\Users\Justus\AppData\Roaming\Mp3tag
2014-10-23 09:02 - 2014-10-06 09:55 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-20 11:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-19 07:24 - 2014-06-15 08:02 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-18 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-18 09:45 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-17 08:52 - 2014-08-14 07:54 - 00000000 ____D () C:\Users\Justus\AppData\Local\Adobe
2014-10-17 08:43 - 2014-06-15 08:02 - 00003774 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:24 - 2013-08-22 14:44 - 00518504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 22:19 - 2014-06-13 17:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-10-16 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-16 22:15 - 2014-06-13 17:59 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 11:32 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-12 09:08 - 2014-06-15 08:43 - 00000000 ____D () C:\Users\Justus\Desktop\Training
2014-10-11 08:30 - 2014-10-06 10:25 - 00011271 _____ () C:\Users\Justus\Desktop\Supermarkt Vgl.xlsx
2014-10-09 13:59 - 2014-06-14 16:45 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-09 13:59 - 2014-06-14 16:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Justus\AppData\Local\Temp\avgnt.exe
C:\Users\Justus\AppData\Local\Temp\Quarantine.exe
C:\Users\Justus\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-04 07:55

==================== End Of Log ============================
--- --- ---


FRST Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Justus at 2014-11-06 14:00:19
Running from C:\Users\Justus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{90C96F50-6055-4E41-A143-B0B02383223F}) (Version: 1.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX218 Series (HKLM\...\EPSON SX218 Series) (Version:  - SEIKO EPSON Corporation)
Efficient Elements for presentations - Standard Edition (HKLM-x32\...\{CA7E2194-C2F8-4465-876F-92AF13B58231}) (Version: 2.0.43900.1 - Efficient Elements GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version:  - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Ihr Firmenname)
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-GB)) (Version: 33.0 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{25C4294E-DDA8-EE68-0E16-FA6BD9C8684B}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.25.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Slice Audio File Splitter (HKLM-x32\...\Slice) (Version:  - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Justus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2342487917-3089948869-1178489403-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Justus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

02-11-2014 16:19:34 Geplanter Prüfpunkt
05-11-2014 09:10:42 Installed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06E33511-285B-4439-97B2-9E90C39604C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1138D9E8-F953-42F1-A49C-307D9631AB72} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2012-11-20] ()
Task: {144111B4-D918-4BCD-A4E6-4B38B822F7C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {1B2A5D0D-37F3-4D08-9C86-15351173C465} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E19A6D5-55D8-4493-8DB2-2CE24BC66E08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BB746BC-BC29-43C1-A22B-1894082427C8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {50B3E99C-6CC0-4C98-A0E7-B832ECC68497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {61AA5B76-657D-45E2-BD74-AE12D01289E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {888127C6-E6E1-454E-ABEC-38E68E27FECA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {923391A6-FED3-442D-8D31-3D551AED6992} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {935677B2-EBDB-4858-82C4-A433FCD2E952} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {93C89366-CDC0-4952-B6D5-75D39FC829E1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SPUGAT-Justus Spugat => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B8EED6EA-5A4A-4C7E-B415-60A42E7AAD41} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {BB0FED68-CDDF-4E79-9313-ADBBC314B04B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {BE45617E-DE54-443A-B37F-B69DA1B340FD} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-10-28] (Glarysoft Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DACFFEEA-E810-44E2-AEE2-A12C88F3CF4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F4565828-4E1F-4E9D-93AF-132D7194F0C4} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-10-28] (Glarysoft Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-10-15 13:33 - 2013-10-23 13:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2014-10-06 09:55 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-02-13 09:35 - 2013-02-13 09:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 09:35 - 2013-02-13 09:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-14 09:40 - 2013-10-23 08:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-10 12:30 - 2013-01-10 12:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-11-23 15:57 - 2013-02-16 00:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-06 09:56 - 2014-10-06 09:56 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2013-10-27 07:03 - 2013-10-27 07:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-30 16:31 - 2014-10-19 22:14 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Justus\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: iPod Service => 3
HKLM\...\StartupApproved\Run: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NCPluginUpdater"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "GUDelayStartup"

========================= Accounts: ==========================

Administrator (S-1-5-21-2342487917-3089948869-1178489403-500 - Administrator - Disabled)
Gast (S-1-5-21-2342487917-3089948869-1178489403-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2342487917-3089948869-1178489403-1006 - Limited - Enabled)
Justus (S-1-5-21-2342487917-3089948869-1178489403-1002 - Administrator - Enabled) => C:\Users\Justus
UpdatusUser (S-1-5-21-2342487917-3089948869-1178489403-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2014 01:57:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 01:53:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 11:14:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1430

Start Time: 01cff99876fa56b5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 219aa93e-65a6-11e4-bea8-a0d3c1cba8d3

Faulting package full name:

Faulting package-relative application ID:

Error: (11/06/2014 11:14:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1
Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0xe08
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/06/2014 10:48:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:11 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (11/05/2014 03:06:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/05/2014 03:06:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/05/2014 03:04:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (11/06/2014 01:57:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\Trojanerforum\esetsmartinstaller_deu.exe

Error: (11/06/2014 01:53:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/06/2014 11:14:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.5397143001cff99876fa56b54294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe219aa93e-65a6-11e4-bea8-a0d3c1cba8d3

Error: (11/06/2014 11:14:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425e0801cff998aa6ad4bbC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2263db1d-65a6-11e4-bea8-a0d3c1cba8d3

Error: (11/06/2014 10:48:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:11 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 12220.02 MB
Available physical RAM: 8969.84 MB
Total Pagefile: 14076.02 MB
Available Pagefile: 10461.33 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:456.22 GB) (Free:326.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:1.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (DATA) (Fixed) (Total:298.19 GB) (Free:221.74 GB) NTFS
Drive l: (Mucke) (Fixed) (Total:156.25 GB) (Free:10.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 07.11.2014 08:33
Alle Browser? Und an andern Rechnern im Netzwerk hast Du das Problem nicht?

Spugat 07.11.2014 14:12
Hey,
ja sowohl IE als auch Firefox, wobei Firefox noch etwas langsamer zu sein schein.
An anderen Rechnern in dem Netwerk besteht das problem nicht. Bzw. ich habe das Problem in verschidenen Netzwerken.

LG

schrauber 08.11.2014 07:41
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.





Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Minidump Files
Klicke Go und poste den Inhalt der Result.txt.

Spugat 08.11.2014 10:23
FSS:
Code:
Farbar Service Scanner Version: 21-07-2014
Ran by Justus (administrator) on 08-11-2014 at 07:49:13
Running from "C:\Users\Justus\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
MiniToolBox:
Code:
MiniToolBox by Farbar  Version: 21-07-2014
Ran by Justus (administrator) on 08-11-2014 at 07:51:55
Running from "C:\Users\Justus\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Ralink RT3290 802.11bgn Wi-Fi Adapter = WiFi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="LAN-Verbindung* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-Verbindung* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

  Host Name . . . . . . . . . . . . : Spugat
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter LAN-Verbindung* 3:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Virtueller Microsoft-Adapter f�r direktes WiFi
  Physical Address. . . . . . . . . : 34-23-87-2D-A6-BD
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter WiFi:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Ralink RT3290 802.11bgn Wi-Fi Adapter
  Physical Address. . . . . . . . . : 34-23-87-2D-A6-BB
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::5dbf:6e42:d667:e68e%4(Preferred)
  IPv4 Address. . . . . . . . . . . : 109.246.110.34(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.254.0
  Lease Obtained. . . . . . . . . . : 08 November 2014 07:35:15
  Lease Expires . . . . . . . . . . : 08 November 2014 10:35:15
  Default Gateway . . . . . . . . . : 109.246.110.1
  DHCP Server . . . . . . . . . . . : 109.246.110.1
  DHCPv6 IAID . . . . . . . . . . . : 322184071
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-12-53-BE-A0-D3-C1-CB-A8-D3
  DNS Servers . . . . . . . . . . . : 8.8.8.8
                                      8.8.4.4
  NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
  Physical Address. . . . . . . . . : A0-D3-C1-CB-A8-D3
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2a00:1450:4009:80b::1009
          74.125.230.136
          74.125.230.142
          74.125.230.128
          74.125.230.132
          74.125.230.129
          74.125.230.137
          74.125.230.131
          74.125.230.133
          74.125.230.135
          74.125.230.130
          74.125.230.134


Pinging google.com [74.125.230.142] with 32 bytes of data:
Reply from 74.125.230.142: bytes=32 time=7ms TTL=58
Reply from 74.125.230.142: bytes=32 time=4ms TTL=58

Ping statistics for 74.125.230.142:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 7ms, Average = 5ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  98.138.253.109
          206.190.36.45
          98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=148ms TTL=51
Reply from 206.190.36.45: bytes=32 time=148ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 148ms, Maximum = 148ms, Average = 148ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...34 23 87 2d a6 bd ......Virtueller Microsoft-Adapter f�r direktes WiFi
  4...34 23 87 2d a6 bb ......Ralink RT3290 802.11bgn Wi-Fi Adapter
  3...a0 d3 c1 cb a8 d3 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0    109.246.110.1  109.246.110.34    25
    109.246.110.0    255.255.254.0        On-link    109.246.110.34    281
  109.246.110.34  255.255.255.255        On-link    109.246.110.34    281
  109.246.111.255  255.255.255.255        On-link    109.246.110.34    281
        127.0.0.0        255.0.0.0        On-link        127.0.0.1    306
        127.0.0.1  255.255.255.255        On-link        127.0.0.1    306
  127.255.255.255  255.255.255.255        On-link        127.0.0.1    306
        224.0.0.0        240.0.0.0        On-link        127.0.0.1    306
        224.0.0.0        240.0.0.0        On-link    109.246.110.34    281
  255.255.255.255  255.255.255.255        On-link        127.0.0.1    306
  255.255.255.255  255.255.255.255        On-link    109.246.110.34    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  4    281 fe80::/64                On-link
  4    281 fe80::5dbf:6e42:d667:e68e/128
                                    On-link
  1    306 ff00::/8                On-link
  4    281 ff00::/8                On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/06/2014 02:08:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 11.0.736.0, time stamp: 0x510a4797
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x512dd822
Exception code: 0xc0000094
Fault offset: 0x000107b3
Faulting process ID: 0x7e4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report ID: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (11/06/2014 01:57:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 01:53:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 11:14:55 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1430

Start Time: 01cff99876fa56b5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 219aa93e-65a6-11e4-bea8-a0d3c1cba8d3

Faulting package full name:

Faulting package-relative application ID:

Error: (11/06/2014 11:14:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1
Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0xe08
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/06/2014 10:48:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/06/2014 10:48:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (11/08/2014 07:46:45 AM) (Source: DCOM) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/08/2014 07:46:15 AM) (Source: DCOM) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/07/2014 04:53:18 PM) (Source: DCOM) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/07/2014 04:52:48 PM) (Source: DCOM) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/07/2014 03:29:02 PM) (Source: DCOM) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/07/2014 03:28:32 PM) (Source: DCOM) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/07/2014 01:36:57 PM) (Source: DCOM) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/07/2014 01:36:27 PM) (Source: DCOM) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/07/2014 00:20:45 PM) (Source: DCOM) (User: SPUGAT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/07/2014 00:20:15 PM) (Source: DCOM) (User: SPUGAT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (11/06/2014 02:08:36 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll_unloaded0.0.0.0512dd822c0000094000107b37e401cff9cb13608ac6C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll65be5a0f-65be-11e4-bea9-a0d3c1cba8d3

Error: (11/06/2014 01:57:58 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\Trojanerforum\esetsmartinstaller_deu.exe

Error: (11/06/2014 01:53:51 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/06/2014 11:14:55 AM) (Source: Application Hang)(User: )
Description: firefox.exe33.0.0.5397143001cff99876fa56b54294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe219aa93e-65a6-11e4-bea8-a0d3c1cba8d3

Error: (11/06/2014 11:14:55 AM) (Source: Application Error)(User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425e0801cff998aa6ad4bbC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2263db1d-65a6-11e4-bea8-a0d3c1cba8d3

Error: (11/06/2014 10:48:21 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:20 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:15 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe

Error: (11/06/2014 10:48:14 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Justus\Desktop\esetsmartinstaller_deu.exe



=========================== Installed Programs ============================
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{90C96F50-6055-4E41-A143-B0B02383223F}) (Version: 1.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6117 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX218 Series (HKLM\...\EPSON SX218 Series) (Version:  - SEIKO EPSON Corporation)
Efficient Elements for presentations - Standard Edition (HKLM-x32\...\{CA7E2194-C2F8-4465-876F-92AF13B58231}) (Version: 2.0.43900.1 - Efficient Elements GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version:  - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Ihr Firmenname)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.7.1002 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-GB)) (Version: 33.0.3 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{25C4294E-DDA8-EE68-0E16-FA6BD9C8684B}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.25.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Slice Audio File Splitter (HKLM-x32\...\Slice) (Version:  - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 12220.02 MB
Available physical RAM: 9163.35 MB
Total Pagefile: 14076.02 MB
Available Pagefile: 10724.43 MB
Total Virtual: 4095.88 MB
Available Virtual: 3984.46 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:456.22 GB) (Free:324.82 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:1.98 GB) NTFS
3 Drive e: (DATA) (Fixed) (Total:298.19 GB) (Free:221.74 GB) NTFS
4 Drive l: (Mucke) (Fixed) (Total:156.25 GB) (Free:10.23 GB) NTFS

========================= Users: ========================================

User accounts for \\SPUGAT

Administrator            Gast                    Justus                 
UpdatusUser             

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

schrauber 08.11.2014 20:37
Warum nutzt Du Google DNS und nicht den vom Anbieter? Was für ein anbieter ist das? Wo sitzt Du?

Hast Du an den IP Einstellungen sonst noch was gemacht?
Zitat:
255.255.254.0
das is nämlich arg komisch.

Bitte Minitoolbox an einem andern Rechner im Netzwerk laufen lassen, Log posten.

Spugat 10.11.2014 15:27
Hey,
ich sitze in London, der Anbieter ist Keycom.
Das mit dem Google DNS hatte ich nachdem die Probleme auftraten als tipp gelesen und ob der Ergenisslosigkeit total vergessen (wurde weder langsamer, noch schneller). Sorry, dass ich daran nicht mehr gedacht habe!

Ich habe eben außerdem feststellen müssen, dass offensichtlich mein Amazon account und meine email adresse von jemand anderem benutz wurden. haben die bisherigen Testergebnisse irgeneinen Anhaltspunkt geliefert woher meine Zugangsdaten bekannt worden sein könnten?

LG

hier das MiniToolBox Log von einem anderen pc im Netzwerk:
Code:
MiniToolBox by Farbar  Version: 21-07-2014
Ran by husseyg (administrator) on 10-11-2014 at 14:18:51
Running from "C:\Users\husseyg\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter = WiFi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

  Host Name . . . . . . . . . . . . : Grainne
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Mixed
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 2:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
  Physical Address. . . . . . . . . : 34-23-87-D2-05-3A
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter WiFi:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
  Physical Address. . . . . . . . . : 34-23-87-D2-05-3A
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::180a:a612:8f85:fb53%4(Preferred)
  IPv4 Address. . . . . . . . . . . : 109.246.110.206(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.254.0
  Lease Obtained. . . . . . . . . . : 10 November 2014 09:49:26
  Lease Expires . . . . . . . . . . : 10 November 2014 17:11:13
  Default Gateway . . . . . . . . . : 109.246.110.1
  DHCP Server . . . . . . . . . . . : 109.246.110.1
  DHCPv6 IAID . . . . . . . . . . . : 70525831
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-28-2A-CB-A0-D3-C1-66-48-F1
  DNS Servers . . . . . . . . . . . : 212.9.96.21
                                      109.246.192.21
  NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . : D1-Line.COM
  Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
  Physical Address. . . . . . . . . : A0-D3-C1-66-48-F1
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft 6to4 Adapter
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2002:6df6:6ece::6df6:6ece(Preferred)
  Default Gateway . . . . . . . . . :
  DHCPv6 IAID . . . . . . . . . . . : 318767104
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-28-2A-CB-A0-D3-C1-66-48-F1
  DNS Servers . . . . . . . . . . . : 212.9.96.21
                                      109.246.192.21
  NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:c7f:27f1:9209:9131(Preferred)
  Link-local IPv6 Address . . . . . : fe80::c7f:27f1:9209:9131%7(Preferred)
  Default Gateway . . . . . . . . . :
  DHCPv6 IAID . . . . . . . . . . . : 335544320
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-28-2A-CB-A0-D3-C1-66-48-F1
  NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{4A2EA4F1-A40C-46A5-93C1-E696C898709C}:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
Server:  dns2.keycom.co.uk
Address:  212.9.96.21

Name:    google.com
Addresses:  2a00:1450:400c:c04::65
          74.125.230.104
          74.125.230.97
          74.125.230.102
          74.125.230.101
          74.125.230.99
          74.125.230.98
          74.125.230.105
          74.125.230.103
          74.125.230.100
          74.125.230.96
          74.125.230.110


Pinging google.com [74.125.230.97] with 32 bytes of data:
Reply from 74.125.230.97: bytes=32 time=3ms TTL=57
Reply from 74.125.230.97: bytes=32 time=6ms TTL=57

Ping statistics for 74.125.230.97:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 6ms, Average = 4ms
Server:  dns2.keycom.co.uk
Address:  212.9.96.21

Name:    yahoo.com
Addresses:  206.190.36.45
          98.139.183.24
          98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=100ms TTL=52
Reply from 98.139.183.24: bytes=32 time=98ms TTL=52

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 98ms, Maximum = 100ms, Average = 99ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...34 23 87 d2 05 3a ......Microsoft Wi-Fi Direct Virtual Adapter
  4...34 23 87 d2 05 3a ......Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
  3...a0 d3 c1 66 48 f1 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0    109.246.110.1  109.246.110.206    25
    109.246.110.0    255.255.254.0        On-link  109.246.110.206    281
  109.246.110.206  255.255.255.255        On-link  109.246.110.206    281
  109.246.111.255  255.255.255.255        On-link  109.246.110.206    281
        127.0.0.0        255.0.0.0        On-link        127.0.0.1    306
        127.0.0.1  255.255.255.255        On-link        127.0.0.1    306
  127.255.255.255  255.255.255.255        On-link        127.0.0.1    306
        224.0.0.0        240.0.0.0        On-link        127.0.0.1    306
        224.0.0.0        240.0.0.0        On-link  109.246.110.206    281
  255.255.255.255  255.255.255.255        On-link        127.0.0.1    306
  255.255.255.255  255.255.255.255        On-link  109.246.110.206    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:5ef5:79fb:c7f:27f1:9209:9131/128
                                    On-link
  6  1030 2002::/16                On-link
  6    286 2002:6df6:6ece::6df6:6ece/128
                                    On-link
  4    281 fe80::/64                On-link
  7    306 fe80::/64                On-link
  7    306 fe80::c7f:27f1:9209:9131/128
                                    On-link
  4    281 fe80::180a:a612:8f85:fb53/128
                                    On-link
  1    306 ff00::/8                On-link
  4    281 ff00::/8                On-link
  7    306 ff00::/8                On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 666796

Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 666796

Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 663687

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 663687

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1625

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1625

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/09/2014 09:48:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12774828


System errors:
=============
Error: (11/10/2014 01:58:06 PM) (Source: DCOM) (User: Grainne)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/10/2014 01:57:36 PM) (Source: DCOM) (User: Grainne)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/10/2014 11:00:05 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 11 time(s).

Error: (11/10/2014 02:50:06 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 10 time(s).

Error: (11/09/2014 06:15:55 PM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 9 time(s).

Error: (11/09/2014 02:17:26 PM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 8 time(s).

Error: (11/09/2014 03:01:51 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 7 time(s).

Error: (11/08/2014 09:21:51 PM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 6 time(s).

Error: (11/08/2014 05:41:12 PM) (Source: DCOM) (User: Grainne)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/08/2014 05:40:42 PM) (Source: DCOM) (User: Grainne)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 666796

Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 666796

Error: (11/10/2014 11:11:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 663687

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 663687

Error: (11/10/2014 11:11:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1625

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1625

Error: (11/10/2014 11:00:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/09/2014 09:48:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12774828


CodeIntegrity Errors:
===================================
  Date: 2014-07-24 13:39:50.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-24 13:39:49.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-18 12:20:48.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-18 12:20:48.565
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.



=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30925 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{301D3AA1-5DCC-FCFD-622E-3C7CBA87C80F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
AMD Start Now (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.5.3303 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.3.4503 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.5.3228 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.5.3304 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.2.3305 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.2.3302 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes en-GB (HKLM-x32\...\{C438C1D0-A46C-4BFA-AF02-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 12.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP SimplePass (Version: 8.00.54 - Hewlett-Packard) Hidden
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Money Plus (HKLM-x32\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Money Shared Libraries (x32 Version: 17.0.0.3817 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3554.07 MB
Available physical RAM: 1077.15 MB
Total Pagefile: 7138.07 MB
Available Pagefile: 3309.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.07 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:679.67 GB) (Free:621.55 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.19 GB) (Free:1.85 GB) NTFS
4 Drive f: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT

========================= Users: ========================================

User accounts for \\GRAINNE

Administrator            Guest                    husseyg                 

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

schrauber 11.11.2014 07:47
Hmm, das Log sieht genau so schlecht aus.
Die Accounts wurden warscheinlich nur online gehackt.

Spugat 11.11.2014 10:24
Hmmm... ok hört sich ja nicht so gut an.
Ist mein pc / meine Daten denn aktuell noch gefährdet?
Wie soll ich nun weiter vorgehen?
Was bedeutet es, dass das andere Log ähnlich schlecht aussieht? Ebenfalls Virenbefall?

Danke...

schrauber 12.11.2014 08:11
Nein, die Pingwerte sind einfach langsam/schlecht. Liegt an deiner Verbindung.

Malware ist da keine mehr.

Spugat 12.11.2014 08:44
Gut, danke...
Also liegen die langsamen Browser (die ja auch bei lan bzw. internetverbindung über das sehr schnelle Uninetzwerk) langsam sind an etwas anderem?
Hast du noch Tipps wie ich mich für die Zukunft schützen kann?
Kann/soll ich bei defogger re-enablen?

LG


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:48 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131