Trojaner-Board - Trojaner-Meldung über Telekom

So,
hier die Addition.txt:FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015

Ran by Max at 2015-04-15 12:32:53

Running from C:\Users\Max\Desktop\Desktop\Software\AntiMaleware

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)

Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)

AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)

Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)

ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.018 - ASUSTek Computer Inc.)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)

AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)

Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.6.8941 - )

Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)

Camtasia Studio 8 (HKLM-x32\...\{6BED66AA-1DC6-474B-AC70-205CC3A68A39}) (Version: 8.4.4.1859 - TechSmith Corporation)

Craften Terminal 3.5.4 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.4 - Craften.de)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.0.8370 - Blizzard Entertainment)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Free YouTube to MP3 Converter version 3.12.53.113 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.)

GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)

GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)

High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden

Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)

ISY USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.14 - ISY)

ISY USB Wireless Adapter (x32 Version: 1.0.0.14 - ISY) Hidden

Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)

Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )

League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden

MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)

MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{EC27D0F4-981D-431B-9F41-CE84163880F1}) (Version: 21.0.0.27 - MAGIX Software GmbH)

MAGIX Music Maker 2015 Premium (Version: 21.0.0.27 - MAGIX Software GmbH) Hidden

MAGIX Music Maker 2015 Premium Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

MAGIX Music Maker 2015 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{80F0BB42-43FA-4B4F-9B35-C3668B2AD75D}) (Version: 7.0.2.6 - MAGIX Software GmbH)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden

Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MP4 Player  (HKLM-x32\...\MP4 Player) (Version:  - )

MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)

Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)

Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)

Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)

Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)

Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)

Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)

Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)

Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)

Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)

Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)

Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)

NVIDIA 3D Vision Controller-Treiber 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden

Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)

Thunder Master v1.5 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.5.0.0 - Palit Microsystems Ltd.)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Vita 2 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita Analog Synths (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita Celtic Harp (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita Drum Engine (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita Jazz Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita Urban Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Vita World Flutes (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XSplit (HKLM-x32\...\{F3EF5DE8-1120-4B77-99A3-4DC232E8C129}) (Version: 1.0.1201.0504 - SplitMediaLabs)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1474156649-2985491596-1782255080-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Max\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2015-03-02 19:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0543D774-44D9-4789-8ED8-CEB3710A0FC0} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()

Task: {10A6FBE0-4216-4D21-A594-27DC54AA7189} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)

Task: {204DB001-C72E-4F4E-8F5B-F24AA2FEABA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)

Task: {3041159B-433E-4977-87A5-A0C1D1FA46B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {4728AC95-8724-4B28-8F2C-B64962CFF975} - System32\Tasks\{880B6F77-5541-49D1-95A7-8F873D814D80} => pcalua.exe -a C:\Users\Max\Downloads\wlsetup-web.exe -d C:\Users\Max\Downloads

Task: {4C59B58F-6855-4FCA-BFA1-16F09CFC32AC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {4D8E0F37-5CCE-4A1E-9DB7-BCE7DD1C9348} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)

Task: {69968C12-7BDB-4AF3-B58D-B3E298460441} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {6CA2877C-3246-4E16-BE85-C84862B2DC92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)

Task: {E377A424-B529-4BDC-BE20-F5D88DD01BCF} - System32\Tasks\AdobeAAMUpdater-1.0-Max-PC-Max => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)

Task: {E92854CE-1179-4742-8318-5F1957ED1E90} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {F50AB08E-D074-48F1-9CE1-B178B81EC566} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2015-02-25 21:19 - 2015-02-25 21:19 - 00620056 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

2013-09-23 18:20 - 2013-09-12 09:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2008-11-06 19:23 - 2008-11-06 19:23 - 00772096 _____ () C:\Program Files (x86)\MP4 Player\Mp4Player.exe

2014-12-19 16:57 - 2014-12-19 16:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

2011-07-14 18:01 - 2011-07-14 18:01 - 07006208 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-53.dll

2011-07-14 18:01 - 2011-07-14 18:01 - 00132096 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll

2011-07-14 18:01 - 2011-07-14 18:01 - 00958976 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-53.dll

2011-07-14 18:01 - 2011-07-14 18:01 - 00239616 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-0.dll

2015-01-07 22:27 - 2015-01-07 22:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll

2015-03-05 14:44 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-03-05 14:44 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-03-05 14:44 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-03-05 14:44 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-03-05 14:44 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll

2015-03-05 14:44 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-03-05 14:44 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-03-05 14:44 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-03-05 14:44 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-03-05 14:44 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-03-05 14:44 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-03-05 14:44 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00113320 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zlib1.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00297128 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\stat.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00106664 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\boost_filesystem-vc120-mt-1_56.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00022696 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\boost_system-vc120-mt-1_56.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00046760 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\boost_date_time-vc120-mt-1_56.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00076968 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\suhvadapter.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00041640 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00088744 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc120-mt-1_56.dll

2015-01-23 16:59 - 2015-01-13 18:44 - 00030888 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_chrono-vc120-mt-1_56.dll

2014-05-18 17:45 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Max\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1474156649-2985491596-1782255080-500 - Administrator - Disabled)

Gast (S-1-5-21-1474156649-2985491596-1782255080-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1474156649-2985491596-1782255080-1004 - Limited - Enabled)

Max (S-1-5-21-1474156649-2985491596-1782255080-1000 - Administrator - Enabled) => C:\Users\Max

UpdatusUser (S-1-5-21-1474156649-2985491596-1782255080-1002 - Limited - Enabled) => C:\Users\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/15/2015 00:25:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/14/2015 06:05:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/13/2015 07:50:30 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/13/2015 04:55:18 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/12/2015 07:48:12 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/08/2015 09:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CamtasiaStudio.exe, Version: 8.4.4.1859, Zeitstempel: 0x545d6760

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000374

Fehleroffset: 0x000ce753

ID des fehlerhaften Prozesses: 0x19e8

Startzeit der fehlerhaften Anwendung: 0xCamtasiaStudio.exe0

Pfad der fehlerhaften Anwendung: CamtasiaStudio.exe1

Pfad des fehlerhaften Moduls: CamtasiaStudio.exe2

Berichtskennung: CamtasiaStudio.exe3
 

Error: (04/08/2015 07:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/08/2015 01:18:10 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/07/2015 10:02:36 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CamtasiaStudio.exe, Version: 8.4.4.1859, Zeitstempel: 0x545d6760

Name des fehlerhaften Moduls: mc_mux_mp4_ds.ax, Version: 9.6.8.2473, Zeitstempel: 0x50cb1d3b

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000dc48

ID des fehlerhaften Prozesses: 0x1d4c

Startzeit der fehlerhaften Anwendung: 0xCamtasiaStudio.exe0

Pfad der fehlerhaften Anwendung: CamtasiaStudio.exe1

Pfad des fehlerhaften Moduls: CamtasiaStudio.exe2

Berichtskennung: CamtasiaStudio.exe3
 

Error: (04/07/2015 09:26:41 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CamtasiaStudio.exe, Version: 8.4.4.1859, Zeitstempel: 0x545d6760

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000374

Fehleroffset: 0x000ce753

ID des fehlerhaften Prozesses: 0x2354

Startzeit der fehlerhaften Anwendung: 0xCamtasiaStudio.exe0

Pfad der fehlerhaften Anwendung: CamtasiaStudio.exe1

Pfad des fehlerhaften Moduls: CamtasiaStudio.exe2

Berichtskennung: CamtasiaStudio.exe3
 
 

System errors:

=============

Error: (04/15/2015 00:25:02 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 

Error: (04/15/2015 00:25:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/15/2015 00:25:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
 

Error: (04/15/2015 00:25:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/15/2015 00:25:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.
 

Error: (04/13/2015 07:30:09 PM) (Source: volsnap) (EventID: 36) (User: )

Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 

Error: (04/13/2015 04:58:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/13/2015 04:58:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
 

Error: (04/12/2015 07:48:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/12/2015 07:48:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.
 
 

Microsoft Office Sessions:

=========================

Error: (04/15/2015 00:25:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/14/2015 06:05:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/13/2015 07:50:30 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/13/2015 04:55:18 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/12/2015 07:48:12 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/08/2015 09:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CamtasiaStudio.exe8.4.4.1859545d6760ntdll.dll6.1.7601.18247521ea8e7c0000374000ce75319e801d07228b5329183C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\SysWOW64\ntdll.dll9c89c16e-de21-11e4-9845-60a44c65ad3e
 

Error: (04/08/2015 07:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/08/2015 01:18:10 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/07/2015 10:02:36 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CamtasiaStudio.exe8.4.4.1859545d6760mc_mux_mp4_ds.ax9.6.8.247350cb1d3bc00000050000dc481d4c01d07168d24acd20C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Program Files (x86)\TechSmith\Camtasia Studio 8\mc_mux_mp4_ds.ax08f0e874-dd61-11e4-a494-60a44c65ad3e
 

Error: (04/07/2015 09:26:41 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CamtasiaStudio.exe8.4.4.1859545d6760ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753235401d071671eaac62fC:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\SysWOW64\ntdll.dll03fa8ec3-dd5c-11e4-a494-60a44c65ad3e
 
 

CodeIntegrity Errors:

===================================

  Date: 2015-04-15 12:27:01.025

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-14 18:05:30.801

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 19:51:36.282

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 19:47:32.984

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 18:18:44.067

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 18:02:17.203

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 17:39:38.367

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 17:28:09.941

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-13 16:55:47.027

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-04-12 19:50:08.060

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: AMD FX(tm)-6300 Six-Core Processor 

Percentage of memory in use: 51%

Total physical RAM: 8092.98 MB

Available physical RAM: 3957.12 MB

Total Pagefile: 16184.14 MB

Available Pagefile: 12116.79 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:931.41 GB) (Free:647.48 GB) NTFS

Drive d: (MM2015Prem) (CDROM) (Total:7.26 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1DFC9BC8)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

Und die FRST.txt.... Insofern sie benötigt wird:
FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015

Ran by Max (administrator) on MAX-PC on 15-04-2015 12:32:12

Running from C:\Users\Max\Desktop\Desktop\Software\AntiMaleware

Loaded Profiles: Max & UpdatusUser (Available profiles: Max & UpdatusUser)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe

(Akamai Technologies, Inc.) C:\Users\Max\AppData\Local\Akamai\netsession_win.exe

() C:\Program Files (x86)\MP4 Player\Mp4Player.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Akamai Technologies, Inc.) C:\Users\Max\AppData\Local\Akamai\netsession_win.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2050416 2012-07-18] (Palit Microsystems Ltd.)

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Max\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Run: [MP4 Player] => C:\Program Files (x86)\MP4 Player\mp4Player.exe [772096 2008-11-06] ()

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk

ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-1474156649-2985491596-1782255080-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1474156649-2985491596-1782255080-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-13] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-13] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 

FireFox:

========

FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681

FF SelectedSearchEngine: StartWeb

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()

FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-13] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-11-13] (Oracle Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-09-12] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-09-12] (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-18] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-18] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)

FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681\Extensions\{f7dbd335-4ad3-350d-8327-8d6d36da87eb} [2014-05-29]

FF Extension: glindorus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681\Extensions\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}.xpi [2014-09-21]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-23]

FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681\extensions\048da175-3ee8-49e5-9d6f-2feb4d4793d5@3f15bd8f-93f6-4d68-a7c5-ae4f792d6bd4.com [Not Found]

FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qgtuo0zr.default-1396713386681\extensions\firefoxmini@go.im.xpi [Not Found]
 

Chrome: 

=======

CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Adblock Plus) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-21]

CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-18]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-02-25] ()
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)

S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)

S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)

S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)

S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)

S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-14 19:09 - 2015-04-14 19:09 - 00000668 _____ () C:\Users\Max\Desktop\Template [By RevoxGFX]222.lnk

2015-04-14 18:54 - 2015-04-14 18:54 - 202211884 _____ () C:\Users\Max\Desktop\ANUS.wav

2015-04-14 18:34 - 2015-04-14 18:53 - 3267086880 _____ () C:\Users\Max\Desktop\javaw 2015-04-14 18-34-57-68.avi

2015-04-14 18:08 - 2015-04-14 18:12 - 48839598 _____ () C:\Users\Max\Downloads\@EPs §bDeep Freeze.zip

2015-04-13 19:55 - 2015-04-13 19:56 - 30128686 _____ () C:\Users\Max\Downloads\@EPs §bLegendRP.zip

2015-04-13 18:11 - 2015-04-13 18:14 - 13070120 _____ () C:\Users\Max\Desktop\DÖDEÖ!.psd

2015-04-12 20:20 - 2015-04-12 20:20 - 00081317 _____ () C:\Users\Max\Desktop\Skinpackv3.rar

2015-04-12 20:20 - 2015-04-12 20:20 - 00000000 ____D () C:\Users\Max\Desktop\dasdsa

2015-04-12 20:19 - 2015-04-12 20:20 - 00081317 _____ () C:\Users\Max\Downloads\Skinpackv3.rar

2015-04-08 21:17 - 2015-04-08 21:25 - 00059591 _____ () C:\Users\Max\Desktop\Peniscatch.camproj

2015-04-08 20:19 - 2015-04-08 20:19 - 00018235 _____ () C:\Users\Max\Desktop\wasvd.camproj

2015-04-08 20:13 - 2015-04-08 20:13 - 55800364 _____ () C:\Users\Max\Desktop\wavasg.wav

2015-04-08 19:46 - 2015-04-08 19:46 - 11490219 _____ () C:\Users\Max\Desktop\OfficialRevox V1.wmv

2015-04-08 19:45 - 2015-04-08 19:46 - 11490219 _____ () C:\Users\Max\Downloads\OfficialRevox V1.wmv

2015-04-08 19:42 - 2015-04-08 19:42 - 87892524 _____ () C:\Users\Max\Desktop\ADO)LF.wav

2015-04-08 15:09 - 2015-04-08 15:09 - 00235876 _____ () C:\Users\Max\Downloads\distortion_of_the_brain_and_mind (1).zip

2015-04-08 14:31 - 2015-04-08 14:31 - 17801728 _____ () C:\Users\Max\Desktop\PEDO.psd

2015-04-08 13:32 - 2015-04-08 13:33 - 00016793 _____ () C:\Users\Max\Downloads\dragon_is_coming.zip

2015-04-07 21:27 - 2015-04-08 14:32 - 00205553 _____ () C:\Users\Max\Desktop\sashs.camproj

2015-04-07 21:15 - 2015-04-07 21:12 - 00068790 _____ () C:\Users\Max\Desktop\fsfsasfa.camproj

2015-04-07 14:11 - 2015-04-07 14:11 - 00011663 _____ () C:\Users\Max\Desktop\hhah.camproj

2015-04-07 14:06 - 2015-04-07 14:06 - 90654764 _____ () C:\Users\Max\Desktop\gh.wav

2015-04-07 13:13 - 2015-04-07 13:13 - 13705206 _____ () C:\Users\Max\Downloads\TEMPLATE by DoxiArts.rar

2015-04-07 12:46 - 2015-04-07 13:00 - 38254993 _____ () C:\Users\Max\Desktop\Thumbnails21.psd

2015-04-07 12:24 - 2015-04-07 12:24 - 01996844 _____ () C:\Users\Max\Desktop\ffas.wav

2015-04-06 22:12 - 2015-04-06 22:13 - 00000000 ___SD () C:\Windows\system32\GWX

2015-04-06 22:12 - 2015-04-06 22:12 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

2015-04-06 21:50 - 2015-04-07 12:58 - 00095357 _____ () C:\Users\Max\Desktop\PENIS.camproj

2015-04-06 20:22 - 2015-04-06 20:22 - 92846124 _____ () C:\Users\Max\Desktop\Pedo.wav

2015-04-03 11:17 - 2015-04-03 11:17 - 00000000 ____D () C:\Users\Max\Desktop\OP MUSIK

2015-04-02 20:35 - 2015-04-02 21:02 - 00051011 _____ () C:\Users\Max\Desktop\saddsa.camproj

2015-04-02 14:00 - 2015-04-02 14:00 - 00057894 _____ () C:\Users\Max\Downloads\sf_sports_night.zip

2015-04-01 19:52 - 2015-04-01 19:52 - 00213293 _____ () C:\Users\Max\Downloads\true_lies.zip

2015-04-01 19:52 - 2015-04-01 19:52 - 00013565 _____ () C:\Users\Max\Downloads\04b_30.zip

2015-04-01 19:51 - 2015-04-01 19:51 - 00235876 _____ () C:\Users\Max\Downloads\distortion_of_the_brain_and_mind.zip

2015-03-31 19:50 - 2015-03-31 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-03-31 19:50 - 2015-03-31 19:50 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2015-03-29 00:51 - 2015-03-29 00:51 - 00000000 ____D () C:\Users\Max\Desktop\Cartoon

2015-03-29 00:30 - 2015-03-29 00:30 - 00102081 _____ () C:\Users\Max\Desktop\Unbenannt.camproj

2015-03-28 23:39 - 2015-04-03 11:21 - 00000000 ____D () C:\Users\Max\Desktop\GoPro

2015-03-28 23:25 - 2015-03-28 23:37 - 258793447 _____ () C:\Users\Max\Downloads\ZirtrixFx ~ BIG GFX PACK! ALL NEW POPULAR STUFF!.rar

2015-03-28 23:25 - 2015-03-28 23:29 - 68612759 _____ () C:\Users\Max\Downloads\ExclusivePack 2015 by AtmoArtworks.psd

2015-03-28 23:24 - 2015-04-14 19:09 - 00000000 ____D () C:\Users\Max\Desktop\Banner

2015-03-28 23:24 - 2015-03-28 23:24 - 17645373 _____ () C:\Users\Max\Downloads\Displace Effect.psd

2015-03-28 23:24 - 2015-03-28 23:24 - 03564158 _____ () C:\Users\Max\Downloads\FMR 4.0 (1).zip

2015-03-28 23:24 - 2015-03-28 23:24 - 01840976 _____ () C:\Users\Max\Downloads\MinecraftLightroom by AtmoArtworks (1).c4d

2015-03-27 17:22 - 2015-03-27 20:58 - 00101173 _____ () C:\Users\Max\Desktop\asdsa.camproj

2015-03-27 17:08 - 2015-03-27 17:11 - 00000000 ____D () C:\Users\Max\Desktop\kot

2015-03-27 16:17 - 2015-03-27 16:18 - 21825102 _____ () C:\Users\Max\Downloads\§4Rotschlag PvP Pack§4.zip

2015-03-25 14:24 - 2015-03-25 14:27 - 46508969 _____ () C:\Users\Max\Downloads\@EPs §cTokyo Ghoul.zip

2015-03-25 14:17 - 2015-03-25 14:17 - 00000752 _____ () C:\Users\Max\Desktop\Lol.lnk

2015-03-24 20:37 - 2015-04-02 21:25 - 37552953 _____ () C:\Users\Max\Desktop\Thumbnails2.psd

2015-03-24 20:26 - 2015-03-24 20:36 - 00059729 _____ () C:\Users\Max\Desktop\Info.camproj

2015-03-24 20:13 - 2015-03-24 20:13 - 02168320 _____ () C:\Users\Max\Downloads\adwcleaner_4.113.exe

2015-03-24 19:21 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-03-24 19:21 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-03-24 19:21 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-03-24 19:21 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-03-24 19:21 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-03-24 19:21 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-03-24 19:21 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-03-24 19:21 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-03-23 21:57 - 2015-03-23 21:57 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk

2015-03-23 21:57 - 2015-03-23 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2015-03-23 21:53 - 2015-03-23 21:54 - 30668968 _____ (Riot Games) C:\Users\Max\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe

2015-03-22 21:51 - 2015-03-24 20:12 - 31416364 _____ () C:\Users\Max\Desktop\AudioPoo.wav

2015-03-21 23:45 - 2015-03-21 23:45 - 00094995 _____ () C:\Users\Max\Downloads\minecraftia (1).zip

2015-03-21 23:24 - 2015-03-29 21:30 - 00000000 ____D () C:\Users\Max\Desktop\OfficialRevox

2015-03-21 23:22 - 2015-03-21 23:22 - 00000723 _____ () C:\Users\Max\Desktop\C4D (3).lnk

2015-03-21 23:21 - 2015-03-28 23:30 - 00000000 ____D () C:\Users\Max\Desktop\Alles

2015-03-21 14:01 - 2015-03-21 14:01 - 00007822 _____ () C:\Users\Max\Desktop\JRT.txt

2015-03-21 13:57 - 2015-03-21 13:57 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-21 13:55 - 2015-03-21 13:56 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.1.4.1018.exe

2015-03-21 13:55 - 2015-03-21 13:55 - 01388672 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe

2015-03-21 13:50 - 2015-03-24 20:16 - 00000000 ____D () C:\AdwCleaner

2015-03-20 23:25 - 2015-03-20 23:26 - 34575364 _____ () C:\Users\Max\Downloads\HyperDzn EXCLUSIVEPACK.rar

2015-03-20 17:37 - 2015-03-20 17:37 - 00006237 _____ () C:\Users\Max\Downloads\button_layer_styles-1.asl.zip

2015-03-20 16:17 - 2015-03-20 16:17 - 00015372 _____ () C:\Users\Max\Downloads\web20layerstylesv1.asl.zip

2015-03-20 16:15 - 2015-03-20 16:15 - 00002003 _____ () C:\Users\Max\Downloads\Adobe_CS3_Gradients.grd.zip

2015-03-20 15:44 - 2015-03-20 15:46 - 90883207 _____ () C:\Users\Max\Downloads\CodeDraco HUGE FREE FONT PACK!.rar

2015-03-18 21:58 - 2015-03-18 21:58 - 00010969 _____ () C:\Users\Max\Downloads\gang_of_three.zip

2015-03-18 21:57 - 2015-03-18 21:57 - 00094995 _____ () C:\Users\Max\Downloads\minecraftia.zip

2015-03-17 20:20 - 2015-03-17 20:20 - 00897109 _____ () C:\Users\Max\Downloads\OptiFine_1.8.0_HD_U_D1.jar

2015-03-16 21:05 - 2015-03-16 21:08 - 19077000 _____ () C:\Users\Max\Downloads\@EPs §dFaithful Edit.zip
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-15 12:32 - 2015-02-21 21:38 - 00000000 ____D () C:\FRST

2015-04-15 12:31 - 2013-09-23 19:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-15 12:31 - 2013-09-23 19:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-15 12:31 - 2013-09-23 19:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-15 12:31 - 2013-09-23 19:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-04-15 12:29 - 2013-09-23 22:29 - 01739005 _____ () C:\Windows\WindowsUpdate.log

2015-04-15 12:29 - 2013-09-23 19:47 - 00000000 ____D () C:\ProgramData\MFAData

2015-04-15 12:26 - 2013-09-25 20:27 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype

2015-04-15 12:25 - 2015-03-05 14:40 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-04-15 12:25 - 2014-09-06 19:49 - 00000000 ____D () C:\Users\Max\AppData\Local\LogMeIn Hamachi

2015-04-15 12:24 - 2014-05-18 17:40 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-15 12:24 - 2013-09-23 18:21 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-04-15 12:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-04-15 12:24 - 2009-07-14 06:51 - 00137129 _____ () C:\Windows\setupact.log

2015-04-14 18:57 - 2014-05-06 19:36 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Audacity

2015-04-14 18:45 - 2014-05-18 17:40 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-14 18:13 - 2015-02-05 22:43 - 00000000 ____D () C:\Users\Max\AppData\Roaming\.minecraft

2015-04-14 18:12 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-04-14 18:12 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-04-14 18:04 - 2013-09-23 19:45 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe

2015-04-13 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2015-04-08 19:09 - 2009-07-14 06:45 - 06829064 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-04-08 14:54 - 2013-04-15 17:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat

2015-04-08 14:54 - 2013-04-15 17:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat

2015-04-08 14:54 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-04-08 14:05 - 2013-09-23 18:20 - 00754280 _____ () C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT

2015-04-02 20:24 - 2014-09-07 22:05 - 00000000 ____D () C:\Users\Max\AppData\Roaming\DVDVideoSoft

2015-04-02 13:47 - 2013-11-23 22:55 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client

2015-03-30 21:21 - 2015-01-31 20:24 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2015-03-30 21:19 - 2014-11-20 16:33 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps

2015-03-30 15:25 - 2013-10-02 17:21 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

2015-03-29 00:49 - 2015-03-06 16:07 - 00000000 ____D () C:\Users\Max\Desktop\OfficialRevox OneChannel

2015-03-25 14:08 - 2014-12-14 18:46 - 00000000 ____D () C:\Windows\system32\appraiser

2015-03-25 14:08 - 2014-05-06 20:07 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-03-24 19:21 - 2015-02-10 21:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-03-21 13:57 - 2015-02-10 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-03-20 22:41 - 2015-03-08 05:25 - 17243389 _____ () C:\Users\Max\Desktop\Thumbnails.psd

2015-03-18 21:07 - 2014-10-18 18:37 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-18 21:07 - 2013-09-25 20:27 - 00000000 ____D () C:\ProgramData\Skype

2015-03-17 21:06 - 2015-02-28 22:12 - 00000723 _____ () C:\Users\Max\Desktop\G3t R3kt.lnk

2015-03-17 07:15 - 2015-02-10 20:59 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-03-17 07:15 - 2015-02-10 20:59 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-03-17 07:15 - 2015-02-10 20:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
 

==================== Files in the root of some directories =======
 

2015-02-08 22:09 - 2015-02-08 22:09 - 0000112 _____ () C:\Users\Max\AppData\Roaming\JP2K CS6 Prefs

2014-08-18 15:01 - 2014-08-18 15:01 - 0000036 ____H () C:\Users\Max\AppData\Roaming\swk.ini

2013-12-01 16:47 - 2013-12-01 16:47 - 0000096 _____ () C:\Users\Max\AppData\Roaming\version2.xml

2015-02-16 21:14 - 2015-03-06 17:09 - 0001456 _____ () C:\Users\Max\AppData\Local\Adobe Für Web speichern 13.0 Prefs

2013-12-26 13:25 - 2014-02-27 18:18 - 0000600 _____ () C:\Users\Max\AppData\Local\PUTTY.RND

2015-02-02 20:41 - 2015-02-02 20:41 - 0051320 _____ () C:\Users\Max\AppData\Local\recently-used.xbel

2014-06-24 17:20 - 2014-06-24 17:20 - 0007605 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg
 

Some content of TEMP:

====================

C:\Users\Max\AppData\Local\Temp\Quarantine.exe

C:\Users\Max\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Max\AppData\Local\Temp\sqlite3.dll

C:\Users\Max\AppData\Local\Temp\tmd_34011236.exe

C:\Users\Max\AppData\Local\Temp\tmd_34015068.exe

C:\Users\Max\AppData\Local\Temp\tmd_34015833.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-13 18:53
 

==================== End Of Log ============================

--- --- ---

--- --- ---