Trojaner-Board - Omiga Plus auf PC eingenistet

Hi!

Danke für Deine schnelle Antwort. Bin gerade unterwegs und werde das heute abend sofort erledigen!

Gruß
Flip

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014

Ran by Philipp (administrator) on PHILIPP on 26-07-2014 20:24:10

Running from C:\Users\Philipp\Downloads

Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files (x86)\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files\005\hzunyanhtn64.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\System32\PnkBstrA.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe

(AVAST Software) C:\Program Files (x86)\Avast\avastui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe 

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" 

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)

HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-05] (Microsoft Corp.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [Steam] => D:\Steam\steam.exe [1753280 2014-07-16] (Valve Corporation)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\Avast\ashShA64.dll (AVAST Software)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x325A822BD6DECD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE64.dll (AVAST Software)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File

FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File

FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: WOT - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]

FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-21]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files (x86)\Avast\WebRep\FF [2013-06-01]
 

Chrome: 

=======

CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl

CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"

CHR DefaultSearchKeyword: omiga-plus

CHR DefaultSearchProvider: omiga-plus

CHR DefaultSearchURL: hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1406053764&from=ild&uid=HitachiXHDS721010DLE630_MSK521Y201R9WB01R9WBX&q={searchTerms}

CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]

CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]

CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]

CHR Extension: (Google Search) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]

CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]

CHR Extension: (Gmail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-05]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avast! Antivirus; C:\Program Files (x86)\Avast\AvastSvc.exe [50344 2014-05-05] (AVAST Software)

S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-05] (Microsoft Corp.)

R2 hzunyanhtn64; C:\Program Files\005\hzunyanhtn64.exe [709120 2014-07-22] () [File not signed]

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)

R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-02-02] ()

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-01-18] ()

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-05] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-05] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-05] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-05] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-05] ()

R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)

S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)

R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-18] (DT Soft Ltd)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-07-26 20:24 - 2014-07-26 20:24 - 00017271 _____ () C:\Users\Philipp\Downloads\FRST.txt

2014-07-26 20:24 - 2014-07-26 20:24 - 00000000 ____D () C:\FRST

2014-07-26 20:23 - 2014-07-26 20:23 - 02093568 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe

2014-07-26 03:45 - 2014-07-26 03:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-26 03:41 - 2014-07-26 03:41 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-26 03:41 - 2014-07-26 03:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-26 03:40 - 2014-07-26 03:40 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-22 21:49 - 2014-07-23 19:26 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-22 21:48 - 2014-07-22 21:48 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-07-22 21:48 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-07-22 21:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-07-22 21:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-07-22 21:05 - 2014-07-22 21:08 - 00000000 ____D () C:\AdwCleaner

2014-07-22 21:05 - 2014-07-22 21:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-22 21:04 - 2014-07-22 21:04 - 01354223 _____ () C:\Users\Philipp\Downloads\adwcleaner_3.216.exe

2014-07-22 21:02 - 2014-07-22 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Philipp\Downloads\SpyHunter-Installer.exe

2014-07-22 20:28 - 2014-07-22 20:28 - 00000000 ____D () C:\Program Files\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A

2014-07-22 20:27 - 2014-07-22 20:28 - 00000000 ____D () C:\Program Files\005

2014-07-22 20:26 - 2014-07-22 20:27 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10

2014-07-22 20:25 - 2014-07-22 20:25 - 00410944 _____ () C:\Users\Philipp\Downloads\HDvid-codec-Chrome.exe

2014-07-20 22:52 - 2014-07-20 22:52 - 00219880 _____ () C:\Users\Philipp\Downloads\ChalkDust.ttf

2014-07-20 19:18 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-07-20 19:18 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-20 19:14 - 2014-07-20 19:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-16 22:04 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2014-07-16 22:02 - 2014-07-16 22:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iPod

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iTunes

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-10 21:14 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-10 21:14 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-10 21:14 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-10 21:14 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-10 21:14 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-10 21:14 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-10 21:14 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-10 21:14 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-10 21:14 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-10 21:14 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-10 21:14 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-10 21:14 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2014-07-10 21:14 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-10 21:14 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-07-10 21:14 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-10 21:13 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-10 21:13 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-10 21:13 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-10 21:13 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-10 21:13 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-10 21:13 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-10 21:13 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-10 21:13 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-10 21:13 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-10 21:13 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-10 21:13 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-10 21:13 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-10 21:13 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-10 21:13 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-10 21:13 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-10 21:13 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-10 21:13 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-10 21:13 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-10 21:13 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-10 21:13 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-10 21:13 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-10 21:13 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-10 21:13 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-10 21:13 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-07-10 21:13 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-10 21:13 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-10 21:13 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-07-10 21:13 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-10 21:13 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-10 21:13 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-10 21:13 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-10 21:13 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-10 21:13 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-10 21:13 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-10 21:13 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-07-10 21:13 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-07-10 21:13 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-07-10 21:13 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-07-10 21:13 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-10 21:12 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-07-10 21:12 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-07-10 21:12 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-07-05 21:38 - 2014-07-05 21:38 - 00001346 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00001342 _____ () C:\Users\Philipp\Desktop\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\WINDOWS\Sun

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Knuddels

2014-07-05 21:34 - 2014-07-05 21:37 - 30821240 _____ () C:\Users\Philipp\Downloads\KnuddelsJavaUpdater.exe

2014-07-04 21:09 - 2014-07-04 21:09 - 00032620 _____ () C:\Users\Philipp\Downloads\falling_rain.zip

2014-07-02 21:37 - 2014-07-04 21:28 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Adobe

2014-07-01 20:14 - 2014-07-01 20:14 - 00004442 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log

2014-07-01 20:13 - 2014-07-01 20:13 - 00918952 _____ (Oracle Corporation) C:\Users\Philipp\Downloads\chromeinstall-7u60.exe

2014-06-27 14:07 - 2014-06-27 14:07 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieUserList

2014-06-27 14:07 - 2014-06-27 14:07 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieSiteList
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-07-26 20:24 - 2014-07-26 20:24 - 00017271 _____ () C:\Users\Philipp\Downloads\FRST.txt

2014-07-26 20:24 - 2014-07-26 20:24 - 00000000 ____D () C:\FRST

2014-07-26 20:24 - 2012-11-19 10:30 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1797940879-3817046080-3839618400-1001

2014-07-26 20:23 - 2014-07-26 20:23 - 02093568 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe

2014-07-26 20:22 - 2014-01-08 15:39 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E137030-5456-4E70-B930-C6E9370B91E3}

2014-07-26 20:19 - 2014-02-03 14:23 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-26 20:19 - 2013-12-25 21:41 - 00000000 __RDO () C:\Users\Philipp\SkyDrive

2014-07-26 20:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-07-26 03:48 - 2014-02-03 14:23 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-26 03:45 - 2014-07-26 03:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-26 03:45 - 2013-01-19 15:03 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-26 03:45 - 2012-11-19 10:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-26 03:41 - 2014-07-26 03:41 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-26 03:41 - 2014-07-26 03:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-26 03:40 - 2014-07-26 03:40 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-26 03:31 - 2013-12-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2014-07-26 03:31 - 2012-12-24 23:01 - 00000000 ____D () C:\Program Files\DivX

2014-07-26 03:31 - 2012-12-24 23:00 - 00000000 ____D () C:\Program Files (x86)\DivX

2014-07-26 03:31 - 2012-12-24 22:59 - 00000000 ____D () C:\ProgramData\DivX

2014-07-26 02:55 - 2013-09-05 21:01 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-07-26 00:38 - 2013-11-14 09:26 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-07-26 00:38 - 2013-11-14 09:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat

2014-07-26 00:38 - 2013-11-14 09:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat

2014-07-25 23:48 - 2013-12-25 21:11 - 01709475 _____ () C:\WINDOWS\WindowsUpdate.log

2014-07-23 19:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-23 19:42 - 2013-03-14 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-23 19:40 - 2013-03-14 20:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-23 19:40 - 2013-03-14 20:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-23 19:26 - 2014-07-22 21:49 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-22 21:48 - 2014-07-22 21:48 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2013-06-03 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-22 21:10 - 2013-06-01 18:39 - 00004164 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update

2014-07-22 21:09 - 2013-12-25 21:11 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-22 21:09 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-22 21:09 - 2013-08-22 16:44 - 05091784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-22 21:08 - 2014-07-22 21:05 - 00000000 ____D () C:\AdwCleaner

2014-07-22 21:08 - 2013-11-14 00:18 - 00061728 _____ () C:\WINDOWS\PFRO.log

2014-07-22 21:08 - 2013-08-22 15:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI

2014-07-22 21:07 - 2014-06-22 18:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-22 21:07 - 2014-02-03 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-22 21:07 - 2014-01-30 15:53 - 00001083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-22 21:07 - 2013-12-25 21:39 - 00001017 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-07-22 21:06 - 2014-07-22 21:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-22 21:04 - 2014-07-22 21:04 - 01354223 _____ () C:\Users\Philipp\Downloads\adwcleaner_3.216.exe

2014-07-22 21:02 - 2014-07-22 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Philipp\Downloads\SpyHunter-Installer.exe

2014-07-22 20:28 - 2014-07-22 20:28 - 00000000 ____D () C:\Program Files\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A

2014-07-22 20:28 - 2014-07-22 20:27 - 00000000 ____D () C:\Program Files\005

2014-07-22 20:27 - 2014-07-22 20:26 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10

2014-07-22 20:25 - 2014-07-22 20:25 - 00410944 _____ () C:\Users\Philipp\Downloads\HDvid-codec-Chrome.exe

2014-07-20 22:52 - 2014-07-20 22:52 - 00219880 _____ () C:\Users\Philipp\Downloads\ChalkDust.ttf

2014-07-20 21:08 - 2012-11-19 11:34 - 00000000 ____D () C:\ProgramData\Origin

2014-07-20 20:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-07-20 19:16 - 2013-06-01 18:39 - 00000000 ____D () C:\Program Files (x86)\Avast

2014-07-20 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-20 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-20 19:14 - 2014-07-20 19:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-20 19:14 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-20 19:14 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-20 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-20 19:14 - 2013-07-18 17:10 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-20 19:13 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-07-20 19:13 - 2012-12-11 21:09 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-07-16 22:06 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-16 22:02 - 2014-07-16 22:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iPod

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\Program Files\iTunes

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-10 21:55 - 2013-09-05 21:01 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2014-07-05 21:38 - 2014-07-05 21:38 - 00001346 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00001342 _____ () C:\Users\Philipp\Desktop\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\WINDOWS\Sun

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Knuddels

2014-07-05 21:37 - 2014-07-05 21:34 - 30821240 _____ () C:\Users\Philipp\Downloads\KnuddelsJavaUpdater.exe

2014-07-04 21:28 - 2014-07-02 21:37 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Adobe

2014-07-04 21:09 - 2014-07-04 21:09 - 00032620 _____ () C:\Users\Philipp\Downloads\falling_rain.zip

2014-07-01 20:15 - 2013-10-15 23:45 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 20:14 - 2014-07-01 20:14 - 00004442 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log

2014-07-01 20:13 - 2014-07-01 20:13 - 00918952 _____ (Oracle Corporation) C:\Users\Philipp\Downloads\chromeinstall-7u60.exe

2014-07-01 16:23 - 2013-08-22 16:46 - 00327492 _____ () C:\WINDOWS\setupact.log

2014-07-01 12:09 - 2013-06-24 11:57 - 00000000 ____D () C:\Users\Philipp\Desktop\Anni Musik

2014-07-01 00:45 - 2014-07-10 21:12 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-06-30 20:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing

2014-06-28 09:48 - 2014-07-10 21:12 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-06-28 09:07 - 2014-07-10 21:12 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-06-27 14:07 - 2014-06-27 14:07 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieUserList

2014-06-27 14:07 - 2014-06-27 14:07 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieSiteList

2014-06-26 22:55 - 2014-07-20 19:18 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-06-26 22:55 - 2014-07-20 19:18 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-26 00:43 - 2014-02-03 14:23 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-26 00:43 - 2014-02-03 14:23 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
 

Some content of TEMP:

====================

C:\Users\Philipp\AppData\Local\Temp\DivXSetup.exe

C:\Users\Philipp\AppData\Local\Temp\install_reader11_de_mssd_aaa_aih.exe

C:\Users\Philipp\AppData\Local\Temp\JavaRa.exe

C:\Users\Philipp\AppData\Local\Temp\jli.dll

C:\Users\Philipp\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Philipp\AppData\Local\Temp\jre-7u60-windows-i586.exe

C:\Users\Philipp\AppData\Local\Temp\keytool.exe

C:\Users\Philipp\AppData\Local\Temp\msvcr100.dll

C:\Users\Philipp\AppData\Local\Temp\node.exe

C:\Users\Philipp\AppData\Local\Temp\nv3DVStreaming.dll

C:\Users\Philipp\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Philipp\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Philipp\AppData\Local\Temp\nvStereoApiI.dll

C:\Users\Philipp\AppData\Local\Temp\nvStInst.exe

C:\Users\Philipp\AppData\Local\Temp\Quarantine.exe

C:\Users\Philipp\AppData\Local\Temp\RSPUpgradeInstaller.exe

C:\Users\Philipp\AppData\Local\Temp\sonarinst.exe

C:\Users\Philipp\AppData\Local\Temp\sqlite3.exe

C:\Users\Philipp\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-22 21:19
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014

Ran by Philipp at 2014-07-26 20:25:32

Running from C:\Users\Philipp\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

allday savings (HKLM\...\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A) (Version: 2.0.1 - allday savings) <==== ATTENTION

AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)

Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.167.0 - Microsoft Corporation)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)

Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)

Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Jagged Alliance - Back in Action (HKLM-x32\...\Steam App 57740) (Version:  - Coreplay GmbH)

Jagged Alliance: Crossfire (HKLM-x32\...\Steam App 205810) (Version:  - Coreplay GmbH)

Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)

Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden

K-Lite Mega Codec Pack 10.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.0 - )

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)

Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)

Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)

NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)

Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.6.3 - Vaclav Slavik)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)

Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)

SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden

SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)

The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)

TheHDvid-Codec V10 (HKLM-x32\...\TheHDvid-Codec V10) (Version: 1.34.7.1 - home) <==== ATTENTION

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)

WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED)

WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-1797940879-3817046080-3839618400-1001_Classes\CLSID\{e985ec35-2219-47fc-8829-396c62bc92d8}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
 

==================== Restore Points  =========================
 

05-07-2014 19:37:27 Knuddels Updater

13-07-2014 22:23:03 Geplanter Prüfpunkt

17-07-2014 20:27:17 Windows Update

23-07-2014 17:39:51 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2012-11-29 22:20 - 2012-11-29 22:40 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {05759DA5-9B2F-4421-A5D5-8F0085810A75} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {0F4B6EC9-03CC-437A-AAD2-45CBF8BFFA78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {0F5C30FC-CA1B-461D-95C6-704CB7A6922D} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-11 No Task File <==== ATTENTION

Task: {115A044F-DC33-4B26-901C-339888F7996F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)

Task: {175D6683-0DDA-4327-8825-C6A5104BDC30} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-6 No Task File <==== ATTENTION

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2476D9C0-0925-4883-87D9-ED54B1AA81AD} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-7 No Task File <==== ATTENTION

Task: {2B340D87-6409-478E-9AFE-6BB2D274115D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-20] (Microsoft Corporation)

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {32C85C73-DCF0-48FB-8912-DFD4F6BE9108} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-4 No Task File <==== ATTENTION

Task: {34B25AC8-1F2B-4AAE-A8DF-619A5DC05256} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {39AEB97F-4567-49CC-8F9C-6B26398BF178} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {408948AD-3CAA-4CF2-8A65-7E528C6C10CB} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-2 No Task File <==== ATTENTION

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {523F6EF5-AE7C-4FD5-A77A-2F48EB34A9FF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {61D09EB6-7DBF-419C-AFD9-4CC932F057A8} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION

Task: {67930A1F-7715-4C20-BF37-0878D1B7AFB9} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-3 No Task File <==== ATTENTION

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {812F66E0-FFBB-4CB1-8C4C-8B55A92CFFF1} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-5_user No Task File <==== ATTENTION

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {9348057A-F223-46D1-AD66-43CF3165B577} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender 2013\mtasklaunch.exe

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {A1002D4C-C9F3-49BD-878C-4A20BFF97541} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)

Task: {B035700A-794E-4F4B-AD18-AA9C57A38DB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)

Task: {B399C2E7-CC57-4C2A-B17C-300BC839E08F} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\Avast\AvastEmUpdate.exe [2014-05-05] (AVAST Software)

Task: {BF0993AB-C0CC-4EE1-A469-9CFFC489840D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()

Task: {C20A5488-C780-41B5-961B-6F2DF665EC27} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION

Task: {C75584B2-02BE-4E7E-A9D2-A522D1E088C0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-philipp.niehaus@gmx.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

Task: {C949C664-CF74-4F45-BD78-3456183F58FA} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-5 No Task File <==== ATTENTION

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {E77990C8-7402-4754-B20E-6852EAC438BF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E982E9B6-B518-4583-830F-BA7979A26CC6} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {FE297B98-8920-41DB-B98A-E4A4E4CF9C1C} - \ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe-1 No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-07-22 20:28 - 2014-07-22 20:28 - 00709120 _____ () C:\Program Files\005\hzunyanhtn64.exe

2014-02-02 02:01 - 2014-02-02 02:01 - 00076888 _____ () C:\WINDOWS\system32\PnkBstrA.exe

2013-12-25 21:11 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-07-22 06:47 - 2014-07-22 06:47 - 02793472 _____ () C:\Program Files (x86)\Avast\defs\14072101\algo.dll

2014-07-26 03:07 - 2014-07-26 03:07 - 02794496 _____ () C:\Program Files (x86)\Avast\defs\14072501\algo.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-12-03 10:57 - 2013-12-03 10:57 - 19336120 _____ () C:\Program Files (x86)\Avast\libcef.dll

2014-07-20 19:50 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-20 19:50 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-20 19:50 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-20 19:50 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-20 19:50 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6

AlternateDataStreams: C:\Users\Philipp\SkyDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: SwitchBoard => 3

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "MouseDriver"

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "SwitchBoard"

HKLM\...\StartupApproved\Run32: => "DivXUpdate"

HKLM\...\StartupApproved\Run32: => "DivXMediaServer"

HKCU\...\StartupApproved\Run: => "Steam"

HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"

HKCU\...\StartupApproved\Run: => "ApplePhotoStreams"

HKCU\...\StartupApproved\Run: => "iCloudServices"
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/23/2014 07:40:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (07/22/2014 08:26:51 PM) (Source: MsiInstaller) (EventID: 11309) (User: PHILIPP)

Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 

Error: (07/21/2014 09:17:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.0.0.370, Zeitstempel: 0x4f72c3ee

Name des fehlerhaften Moduls: AdobePSL.dll, Version: 13.0.0.19655, Zeitstempel: 0x4f44dad4

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0055112d

ID des fehlerhaften Prozesses: 0x11c0

Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0

Pfad der fehlerhaften Anwendung: InDesign.exe1

Pfad des fehlerhaften Moduls: InDesign.exe2

Berichtskennung: InDesign.exe3

Vollständiger Name des fehlerhaften Pakets: InDesign.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
 

Error: (07/21/2014 09:04:27 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.0.0.370, Zeitstempel: 0x4f72c3ee

Name des fehlerhaften Moduls: AdobePSL.dll, Version: 13.0.0.19655, Zeitstempel: 0x4f44dad4

Ausnahmecode: 0xc000041d

Fehleroffset: 0x0055112d

ID des fehlerhaften Prozesses: 0x1430

Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0

Pfad der fehlerhaften Anwendung: InDesign.exe1

Pfad des fehlerhaften Moduls: InDesign.exe2

Berichtskennung: InDesign.exe3

Vollständiger Name des fehlerhaften Pakets: InDesign.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
 

Error: (07/21/2014 09:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.0.0.370, Zeitstempel: 0x4f72c3ee

Name des fehlerhaften Moduls: AdobePSL.dll, Version: 13.0.0.19655, Zeitstempel: 0x4f44dad4

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0055112d

ID des fehlerhaften Prozesses: 0x1430

Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0

Pfad der fehlerhaften Anwendung: InDesign.exe1

Pfad des fehlerhaften Moduls: InDesign.exe2

Berichtskennung: InDesign.exe3

Vollständiger Name des fehlerhaften Pakets: InDesign.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
 

Error: (07/20/2014 09:51:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.0.0.370, Zeitstempel: 0x4f72c3ee

Name des fehlerhaften Moduls: AdobePSL.dll, Version: 13.0.0.19655, Zeitstempel: 0x4f44dad4

Ausnahmecode: 0xc000041d

Fehleroffset: 0x0055112d

ID des fehlerhaften Prozesses: 0x7a8

Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0

Pfad der fehlerhaften Anwendung: InDesign.exe1

Pfad des fehlerhaften Moduls: InDesign.exe2

Berichtskennung: InDesign.exe3

Vollständiger Name des fehlerhaften Pakets: InDesign.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
 

Error: (07/20/2014 09:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.0.0.370, Zeitstempel: 0x4f72c3ee

Name des fehlerhaften Moduls: AdobePSL.dll, Version: 13.0.0.19655, Zeitstempel: 0x4f44dad4

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0055112d

ID des fehlerhaften Prozesses: 0x7a8

Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0

Pfad der fehlerhaften Anwendung: InDesign.exe1

Pfad des fehlerhaften Moduls: InDesign.exe2

Berichtskennung: InDesign.exe3

Vollständiger Name des fehlerhaften Pakets: InDesign.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
 

Error: (07/20/2014 07:21:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Explorer.EXE, Version 6.3.9600.17039 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: edc
 

Startzeit: 01cfa43eb4a83bb8
 

Endzeit: 0
 

Anwendungspfad: C:\WINDOWS\Explorer.EXE
 

Berichts-ID: 31081227-1032-11e4-bf06-902b3498ea74
 

Vollständiger Name des fehlerhaften Pakets: 
 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (07/17/2014 10:27:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (07/17/2014 08:09:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)

Description: There was an error with the Windows Location Provider database
 
 

System errors:

=============

Error: (07/22/2014 09:09:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.
 

Error: (07/22/2014 09:09:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "WindowsMangerProtect Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/20/2014 09:06:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (07/20/2014 09:06:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
 

Error: (07/20/2014 07:17:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.
 

Error: (07/20/2014 07:13:13 PM) (Source: DCOM) (EventID: 10010) (User: PHILIPP)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (07/20/2014 07:13:13 PM) (Source: DCOM) (EventID: 10010) (User: PHILIPP)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (07/20/2014 07:13:13 PM) (Source: DCOM) (EventID: 10010) (User: PHILIPP)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (07/20/2014 07:13:13 PM) (Source: DCOM) (EventID: 10010) (User: PHILIPP)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (07/20/2014 07:13:13 PM) (Source: DCOM) (EventID: 10010) (User: PHILIPP)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
 

Microsoft Office Sessions:

=========================

Error: (07/23/2014 07:40:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert
 

Error: (07/22/2014 08:26:51 PM) (Source: MsiInstaller) (EventID: 11309) (User: PHILIPP)

Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/21/2014 09:17:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: InDesign.exe8.0.0.3704f72c3eeAdobePSL.dll13.0.0.196554f44dad4c00000050055112d11c001cfa51862defd37D:\Programme\Adobe\Adobe InDesign CS6\InDesign.exeD:\Programme\Adobe\Adobe InDesign CS6\AdobePSL.dlla4836a1a-110b-11e4-bf06-902b3498ea74
 

Error: (07/21/2014 09:04:27 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: InDesign.exe8.0.0.3704f72c3eeAdobePSL.dll13.0.0.196554f44dad4c000041d0055112d143001cfa5168f15452bD:\Programme\Adobe\Adobe InDesign CS6\InDesign.exeD:\Programme\Adobe\Adobe InDesign CS6\AdobePSL.dlld5ddd7f8-1109-11e4-bf06-902b3498ea74
 

Error: (07/21/2014 09:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: InDesign.exe8.0.0.3704f72c3eeAdobePSL.dll13.0.0.196554f44dad4c00000050055112d143001cfa5168f15452bD:\Programme\Adobe\Adobe InDesign CS6\InDesign.exeD:\Programme\Adobe\Adobe InDesign CS6\AdobePSL.dlld3bbd26d-1109-11e4-bf06-902b3498ea74
 

Error: (07/20/2014 09:51:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: InDesign.exe8.0.0.3704f72c3eeAdobePSL.dll13.0.0.196554f44dad4c000041d0055112d7a801cfa45407e3c32fD:\Programme\Adobe\Adobe InDesign CS6\InDesign.exeD:\Programme\Adobe\Adobe InDesign CS6\AdobePSL.dll4cb5d6fd-1047-11e4-bf06-902b3498ea74
 

Error: (07/20/2014 09:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: InDesign.exe8.0.0.3704f72c3eeAdobePSL.dll13.0.0.196554f44dad4c00000050055112d7a801cfa45407e3c32fD:\Programme\Adobe\Adobe InDesign CS6\InDesign.exeD:\Programme\Adobe\Adobe InDesign CS6\AdobePSL.dll4a680e60-1047-11e4-bf06-902b3498ea74
 

Error: (07/20/2014 07:21:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Explorer.EXE6.3.9600.17039edc01cfa43eb4a83bb80C:\WINDOWS\Explorer.EXE31081227-1032-11e4-bf06-902b3498ea74
 

Error: (07/17/2014 10:27:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert
 

Error: (07/17/2014 08:09:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)

Description: -2147024883
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-05-14 23:09:11.029

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2013-02-04 21:56:59.520

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_010\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-02-01 07:04:58.658

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_010\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-31 23:36:40.634

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_010\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-31 23:02:27.737

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_010\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-31 21:25:22.198

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_010\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-31 21:03:12.710

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_009\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-31 21:02:07.928

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_009\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-29 19:03:41.869

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_009\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2013-01-29 18:49:17.112

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_009\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 18%

Total physical RAM: 8173.38 MB

Available physical RAM: 6649.08 MB

Total Pagefile: 17379.38 MB

Available Pagefile: 15616.65 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:160 GB) (Free:18.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:189.43 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1837034F)

Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=772 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

Sooo, da sind sie schon :)

Zwei Probleme habe ich tatsächlich noch. Zum einen hat der Eset Scanner 11 Bedrohungen gefunden und zum anderen ist seit der Installation von Eset meine Festplatte fast voll. Ich habe jetzt nicht mehr im Kopf, wie viel GB ich vorher noch frei hatte, aber selbst nach der Deinstallation und dem Löschen des Papierkorbs bleibt meine Platte im roten Bereich. Kann das sein? Ich habe sonst auf der Systempartition außer Eset nichts weiter installiert.

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=394dfba1b2c5d349bf32a95f5eed9d8e

# engine=19482

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-08-03 10:47:05

# local_time=2014-08-04 12:47:05 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=783 16777213 100 97 1229417 171526515 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 7003858 54714155 0 0

# scanned=377430

# found=11

# cleaned=0

# scan_time=11608

sh=B5E3D8B48401CF6F09B53FC0933E3A65CC50245A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\3ca247fa-9984-458b-8f20-7bfa05c8d784.crx"

sh=E425457C79F8F06067AC9B682A37C1C485E7140F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\a081d7e9-50f5-4785-b3fe-935c0eb8134a.crx"

sh=B5E3D8B48401CF6F09B53FC0933E3A65CC50245A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe.crx"

sh=638A57FE2EA6589C7BFF397C5BF26A3029DAB678 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\ff9a72b4-1cb1-4399-b6ee-760d6d1a1afe.xpi"

sh=5F38AA9BA35C5B4D681DB026664DF3C5E81B7172 ft=1 fh=b65f006a4b039d1c vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\TheHDvid-Codec V10-buttonutil.dll"

sh=F9B32EA430DB7B7664171E812CDA50CAE20C9F11 ft=1 fh=233d4e8afc09f571 vn="Variante von Win64/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1797940879-3817046080-3839618400-1001\$RA24VHM\TheHDvid-Codec V10-buttonutil64.dll"

sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\nsprotector.js.vir"

sh=2C72C2967E07E465C85E06D7DE9F53AE59FD524C ft=1 fh=818637f81cd0ffe9 vn="Variante von Win32/ELEX.AB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir"

sh=DC534EE9AC7785306C6076460E3DF9C7B0AD3799 ft=1 fh=97dff54846362986 vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"

sh=2C72C2967E07E465C85E06D7DE9F53AE59FD524C ft=1 fh=818637f81cd0ffe9 vn="Variante von Win32/ELEX.AB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"

sh=9CA8EBFF024F34D076C7BFFF92B978D99251DC66 ft=1 fh=03cf8fdbea9a76d3 vn="Variante von Win32/ELEX.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"

Code:

 Results of screen317's Security Check version 0.99.85  

   x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Windows Defender   

avast! Antivirus   

 Antivirus up to date!   
 `````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 65  

 Java version out of Date! 

 Adobe Flash Player         14.0.0.145  

 Adobe Reader XI  

 Mozilla Firefox (31.0) 

 Mozilla Thunderbird (31.0.) 

 Google Chrome 35.0.1916.153  

 Google Chrome 36.0.1985.125  
 ````````Process Check: objlist.exe by Laurent````````  

 Avast AvastSvc.exe   

 Avast avastui.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

FRST:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014

Ran by Philipp (administrator) on PHILIPP on 04-08-2014 06:44:27

Running from C:\Users\Philipp\Downloads

Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AVAST Software) C:\Program Files (x86)\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\System32\PnkBstrA.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(AVAST Software) C:\Program Files (x86)\Avast\avastui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Valve Corporation) D:\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Mozilla Corporation) D:\Programme\Thunderbird\thunderbird.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Users\Philipp\Desktop\SecurityCheck.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)

HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-05] (Microsoft Corp.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [Steam] => D:\Steam\steam.exe [1753280 2014-07-16] (Valve Corporation)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

HKU\S-1-5-21-1797940879-3817046080-3839618400-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\Avast\ashShA64.dll (AVAST Software)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x325A822BD6DECD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE64.dll (AVAST Software)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File

FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Programme\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: WOT - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]

FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ufbknbgn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-21]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files (x86)\Avast\WebRep\FF [2013-06-01]
 

Chrome: 

=======

CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl

CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"

CHR DefaultSearchKeyword: omiga-plus

CHR DefaultSearchProvider: omiga-plus

CHR DefaultSearchURL: hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1406053764&from=ild&uid=HitachiXHDS721010DLE630_MSK521Y201R9WB01R9WBX&q={searchTerms}

CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]

CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]

CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]

CHR Extension: (Google Search) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]

CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]

CHR Extension: (Gmail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-05]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avast! Antivirus; C:\Program Files (x86)\Avast\AvastSvc.exe [50344 2014-05-05] (AVAST Software)

S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-05] (Microsoft Corp.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)

R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-07-28] ()

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-07-28] ()

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-05] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-05] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-05] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-05] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-05] ()

R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)

S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)

R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-18] (DT Soft Ltd)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-04 06:44 - 2014-08-04 06:44 - 00017476 _____ () C:\Users\Philipp\Downloads\FRST.txt

2014-08-04 06:44 - 2014-08-04 06:44 - 00000000 ____D () C:\Users\Philipp\Downloads\FRST-OlderVersion

2014-08-03 21:22 - 2014-08-03 21:22 - 02347384 _____ (ESET) C:\Users\Philipp\Downloads\esetsmartinstaller_deu.exe

2014-08-03 21:22 - 2014-08-03 21:22 - 00854390 _____ () C:\Users\Philipp\Desktop\SecurityCheck.exe

2014-07-30 23:19 - 2014-07-30 23:19 - 01361309 _____ () C:\Users\Philipp\Desktop\adwcleaner_3.302.exe

2014-07-30 22:08 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2014-07-30 22:07 - 2014-07-30 22:07 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp

2014-07-30 22:05 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 16122344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2014-07-30 22:05 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00835032 _____ () C:\WINDOWS\system32\nvmcumd.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2014-07-30 22:05 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2014-07-27 18:55 - 2014-07-27 18:55 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe

2014-07-27 17:31 - 2014-07-27 17:31 - 00001290 _____ () C:\Users\Philipp\Desktop\Revo Uninstaller.lnk

2014-07-27 17:31 - 2014-07-27 17:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-27 17:25 - 2014-07-27 17:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Philipp\Downloads\revosetup95.exe

2014-07-26 20:24 - 2014-08-04 06:44 - 00000000 ____D () C:\FRST

2014-07-26 20:23 - 2014-08-04 06:44 - 02094080 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe

2014-07-26 03:45 - 2014-07-26 03:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-26 03:41 - 2014-07-26 03:41 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-26 03:41 - 2014-07-26 03:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-26 03:40 - 2014-07-26 03:40 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-22 21:49 - 2014-07-30 23:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-22 21:48 - 2014-07-22 21:48 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-07-22 21:48 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-07-22 21:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-07-22 21:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-07-22 21:05 - 2014-07-30 23:21 - 00000000 ____D () C:\AdwCleaner

2014-07-22 21:05 - 2014-07-22 21:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-22 21:04 - 2014-07-22 21:04 - 01354223 _____ () C:\Users\Philipp\Downloads\adwcleaner_3.216.exe

2014-07-22 21:02 - 2014-07-22 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Philipp\Downloads\SpyHunter-Installer.exe

2014-07-22 20:28 - 2014-07-22 20:28 - 00000000 ____D () C:\Program Files\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A

2014-07-22 20:27 - 2014-07-30 23:14 - 00000000 ____D () C:\Program Files\005

2014-07-20 22:52 - 2014-07-20 22:52 - 00219880 _____ () C:\Users\Philipp\Downloads\ChalkDust.ttf

2014-07-20 19:18 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-07-20 19:18 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-20 19:14 - 2014-07-20 19:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-16 22:04 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2014-07-16 22:02 - 2014-07-16 22:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iPod

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iTunes

2014-07-13 15:19 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-10 21:14 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-10 21:14 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-10 21:14 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-10 21:14 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-10 21:14 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-10 21:14 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-10 21:14 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-10 21:14 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-10 21:14 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-10 21:14 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-10 21:14 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-10 21:14 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2014-07-10 21:14 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-10 21:14 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-07-10 21:14 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-10 21:13 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-10 21:13 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-10 21:13 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-10 21:13 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-10 21:13 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-10 21:13 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-10 21:13 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-10 21:13 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-10 21:13 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-10 21:13 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-10 21:13 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-10 21:13 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-10 21:13 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-10 21:13 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-10 21:13 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-10 21:13 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-10 21:13 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-10 21:13 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-10 21:13 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-10 21:13 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-10 21:13 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-10 21:13 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-10 21:13 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-10 21:13 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-07-10 21:13 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-10 21:13 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-10 21:13 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-07-10 21:13 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-10 21:13 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-10 21:13 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-10 21:13 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-10 21:13 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-10 21:13 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-10 21:13 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-10 21:13 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-07-10 21:13 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-07-10 21:13 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-07-10 21:13 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-07-10 21:13 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-10 21:12 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-07-10 21:12 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-07-10 21:12 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-07-05 21:38 - 2014-07-05 21:38 - 00001346 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00001342 _____ () C:\Users\Philipp\Desktop\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\WINDOWS\Sun

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Knuddels

2014-07-05 21:34 - 2014-07-05 21:37 - 30821240 _____ () C:\Users\Philipp\Downloads\KnuddelsJavaUpdater.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-04 06:44 - 2014-08-04 06:44 - 00017476 _____ () C:\Users\Philipp\Downloads\FRST.txt

2014-08-04 06:44 - 2014-08-04 06:44 - 00000000 ____D () C:\Users\Philipp\Downloads\FRST-OlderVersion

2014-08-04 06:44 - 2014-07-26 20:24 - 00000000 ____D () C:\FRST

2014-08-04 06:44 - 2014-07-26 20:23 - 02094080 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe

2014-08-04 06:38 - 2014-01-08 15:39 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E137030-5456-4E70-B930-C6E9370B91E3}

2014-08-04 06:36 - 2012-11-19 10:30 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1797940879-3817046080-3839618400-1001

2014-08-04 05:55 - 2013-09-05 21:01 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-08-04 05:48 - 2014-02-03 14:23 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-04 05:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-08-04 00:48 - 2014-02-03 14:23 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-03 21:39 - 2013-01-19 16:20 - 00000000 ____D () C:\Users\Philipp\Documents\My Games

2014-08-03 21:22 - 2014-08-03 21:22 - 02347384 _____ (ESET) C:\Users\Philipp\Downloads\esetsmartinstaller_deu.exe

2014-08-03 21:22 - 2014-08-03 21:22 - 00854390 _____ () C:\Users\Philipp\Desktop\SecurityCheck.exe

2014-08-03 19:27 - 2013-12-25 21:11 - 01086267 _____ () C:\WINDOWS\WindowsUpdate.log

2014-08-03 18:21 - 2013-12-25 21:41 - 00000000 __RDO () C:\Users\Philipp\SkyDrive

2014-08-02 01:04 - 2012-11-19 11:34 - 00000000 ____D () C:\ProgramData\Origin

2014-08-01 23:51 - 2012-12-30 12:26 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TS3Client

2014-08-01 23:04 - 2014-01-04 19:34 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe

2014-08-01 20:13 - 2014-01-04 19:34 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0

2014-08-01 17:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-30 23:53 - 2012-11-21 03:26 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-07-30 23:53 - 2012-11-21 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-07-30 23:53 - 2012-11-21 03:26 - 00000000 ____D () C:\Program Files\WinRAR

2014-07-30 23:52 - 2013-11-14 09:26 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-07-30 23:52 - 2013-11-14 09:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat

2014-07-30 23:52 - 2013-11-14 09:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat

2014-07-30 23:48 - 2014-06-22 18:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-30 23:45 - 2013-12-25 21:11 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-30 23:45 - 2013-11-14 00:18 - 00071874 _____ () C:\WINDOWS\PFRO.log

2014-07-30 23:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-30 23:44 - 2013-08-22 15:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI

2014-07-30 23:21 - 2014-07-22 21:05 - 00000000 ____D () C:\AdwCleaner

2014-07-30 23:19 - 2014-07-30 23:19 - 01361309 _____ () C:\Users\Philipp\Desktop\adwcleaner_3.302.exe

2014-07-30 23:17 - 2014-07-22 21:49 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-30 23:17 - 2013-06-01 18:39 - 00004164 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update

2014-07-30 23:14 - 2014-07-22 20:27 - 00000000 ____D () C:\Program Files\005

2014-07-30 23:14 - 2013-03-14 20:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-30 23:14 - 2013-03-14 20:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-30 23:14 - 2012-11-19 10:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-30 22:08 - 2013-12-25 21:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-07-30 22:08 - 2013-10-23 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-07-30 22:08 - 2013-08-22 16:46 - 00327804 _____ () C:\WINDOWS\setupact.log

2014-07-30 22:07 - 2014-07-30 22:07 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp

2014-07-30 22:07 - 2013-12-25 21:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-07-30 21:56 - 2013-11-17 01:40 - 00000000 ____D () C:\Users\Philipp\AppData\Local\NVIDIA Corporation

2014-07-28 21:17 - 2014-02-02 02:01 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe

2014-07-28 21:01 - 2014-01-04 19:34 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe

2014-07-28 21:01 - 2013-03-14 21:05 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2014-07-28 21:00 - 2013-07-21 21:40 - 00235263 _____ () C:\WINDOWS\DirectX.log

2014-07-27 18:55 - 2014-07-27 18:55 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe

2014-07-27 17:31 - 2014-07-27 17:31 - 00001290 _____ () C:\Users\Philipp\Desktop\Revo Uninstaller.lnk

2014-07-27 17:31 - 2014-07-27 17:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-27 17:26 - 2014-07-27 17:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Philipp\Downloads\revosetup95.exe

2014-07-26 03:45 - 2014-07-26 03:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-26 03:45 - 2013-01-19 15:03 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-26 03:41 - 2014-07-26 03:41 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-26 03:41 - 2014-07-26 03:41 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-26 03:41 - 2014-07-26 03:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-26 03:40 - 2014-07-26 03:40 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-26 03:31 - 2013-12-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2014-07-26 03:31 - 2012-12-24 23:01 - 00000000 ____D () C:\Program Files\DivX

2014-07-26 03:31 - 2012-12-24 23:00 - 00000000 ____D () C:\Program Files (x86)\DivX

2014-07-26 03:31 - 2012-12-24 22:59 - 00000000 ____D () C:\ProgramData\DivX

2014-07-25 15:50 - 2014-06-11 22:10 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2014-07-25 15:50 - 2014-06-11 22:10 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2014-07-25 15:50 - 2013-10-28 20:04 - 01283136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2014-07-25 15:50 - 2013-10-28 20:04 - 01126480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2014-07-23 19:42 - 2013-03-14 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-22 21:48 - 2014-07-22 21:48 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2014-07-22 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-22 21:48 - 2013-06-03 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-22 21:09 - 2013-08-22 16:44 - 05091784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-22 21:07 - 2014-02-03 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-22 21:07 - 2014-01-30 15:53 - 00001083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-22 21:07 - 2013-12-25 21:39 - 00001017 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-07-22 21:06 - 2014-07-22 21:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-22 21:04 - 2014-07-22 21:04 - 01354223 _____ () C:\Users\Philipp\Downloads\adwcleaner_3.216.exe

2014-07-22 21:02 - 2014-07-22 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Philipp\Downloads\SpyHunter-Installer.exe

2014-07-22 20:28 - 2014-07-22 20:28 - 00000000 ____D () C:\Program Files\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A

2014-07-20 22:52 - 2014-07-20 22:52 - 00219880 _____ () C:\Users\Philipp\Downloads\ChalkDust.ttf

2014-07-20 20:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-07-20 19:16 - 2013-06-01 18:39 - 00000000 ____D () C:\Program Files (x86)\Avast

2014-07-20 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-20 19:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-20 19:14 - 2014-07-20 19:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-20 19:14 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-20 19:14 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-20 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-20 19:14 - 2013-07-18 17:10 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-20 19:13 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-07-20 19:13 - 2012-12-11 21:09 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-07-16 22:06 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-16 22:02 - 2014-07-16 22:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-13 15:20 - 2014-07-13 15:20 - 00000000 ____D () C:\Program Files\iPod

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\Program Files\iTunes

2014-07-13 15:20 - 2014-07-13 15:19 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-10 21:55 - 2013-09-05 21:01 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2014-07-05 21:38 - 2014-07-05 21:38 - 00001346 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00001342 _____ () C:\Users\Philipp\Desktop\Knuddels.de.lnk

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\WINDOWS\Sun

2014-07-05 21:38 - 2014-07-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Knuddels

2014-07-05 21:37 - 2014-07-05 21:34 - 30821240 _____ () C:\Users\Philipp\Downloads\KnuddelsJavaUpdater.exe
 

Some content of TEMP:

====================

C:\Users\Philipp\AppData\Local\Temp\DivXSetup.exe

C:\Users\Philipp\AppData\Local\Temp\install_reader11_de_mssd_aaa_aih.exe

C:\Users\Philipp\AppData\Local\Temp\JavaRa.exe

C:\Users\Philipp\AppData\Local\Temp\jli.dll

C:\Users\Philipp\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Philipp\AppData\Local\Temp\jre-7u60-windows-i586.exe

C:\Users\Philipp\AppData\Local\Temp\keytool.exe

C:\Users\Philipp\AppData\Local\Temp\msvcr100.dll

C:\Users\Philipp\AppData\Local\Temp\node.exe

C:\Users\Philipp\AppData\Local\Temp\nv3DVStreaming.dll

C:\Users\Philipp\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Philipp\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Philipp\AppData\Local\Temp\nvStereoApiI.dll

C:\Users\Philipp\AppData\Local\Temp\nvStInst.exe

C:\Users\Philipp\AppData\Local\Temp\RSPUpgradeInstaller.exe

C:\Users\Philipp\AppData\Local\Temp\sonarinst.exe

C:\Users\Philipp\AppData\Local\Temp\sqlite3.exe

C:\Users\Philipp\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-08-01 17:43
 

==================== End Of Log ============================

--- --- ---