Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Asus Notebook Internetverbindung bricht manchmal ab (https://www.trojaner-board.de/156972-asus-notebook-internetverbindung-bricht-manchmal-ab.html)

haiflosse 28.07.2014 17:45
Asus Notebook Internetverbindung bricht manchmal ab
 
Ich habe hier ein Asus Notebook wo ich manchmal Probleme habe mit der Internetverbindung. Die Verbindung stelle ich mit einem mobilen Internetstick her. Die Verbindung wird manchmal in unregelmäßigen Abständen unterbrochen.
Auch ist er seit beginn langsamer geworden.

Hoffe da kann mir jemand dabei helfen den Rechner zu überprüfen.
Danke

schrauber 28.07.2014 18:17
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


haiflosse 28.07.2014 18:57
Vielen Dank für die Antwort.
Hier die Ergebnisse
frst

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by MainUser (administrator) on MAINUSER-PC on 28-07-2014 19:53:47
Running from C:\Users\MainUser\Downloads\daten
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ArcSoft) C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [USBChargerPlusTray] => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] => C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [518712 2013-02-04] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TAG_A1Dashboard.exe] => C:\Program Files (x86)\A1 Dashboard\A1Dashboard.exe [4254264 2013-02-04] (WebToGo Gmbh)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-28] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\MountPoints2: {c77e6bd9-ce55-11e0-9c30-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: F - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {21f82a6f-dc46-11e3-8669-d0df9a97499f} - G:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {21f82a86-dc46-11e3-8669-d0df9a97499f} - G:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {66e6df14-1670-11e4-b831-d0df9a97499f} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {66e6df85-1670-11e4-b831-10bf4857ce70} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {7b2189e6-51a3-11e1-a793-14dae9a396d3} - G:\Autorun.exe
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {b1726d41-abfc-11e1-9d2b-14dae9a396d3} - G:\Startme.exe
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\MountPoints2: {c77cddc5-1674-11e4-b183-d0df9a97499f} - F:\.\Autorun.exe AUTORUN=1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-04-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
ShortcutTarget: Device Monitor.lnk -> C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe (ArcSoft)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8A49A2E0-AA2F-48D6-9353-27AE621A229A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=55F0582E-08A2-4CF2-882E-547A89949C6F&apn_sauid=72859671-8B2F-4DA6-A59D-244965000E9F
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: IEPlugin Class -> {11222041-111B-46E3-BD29-EFB2449479B1} -> C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6D7848F4-8AE8-4E73-92D9-5EA59DF6AC37}: [NameServer]194.48.128.199 194.48.139.254

FireFox:
========
FF ProfilePath: C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\h1q6r9b0.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=8 - C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox
FF Extension: ArcSoft Video Downloader Extension - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2012-02-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-28]

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=55F0582E-08A2-4CF2-882E-547A89949C6F&apn_ptnrs=U3&apn_sauid=72859671-8B2F-4DA6-A59D-244965000E9F&apn_dtid=OSJ000YYAT&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (registryAccess) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaphcodaeekobnmpkdljikkcogmgmb\7.13.2.0_0\background/registryAccess.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll (Google Inc.)
CHR Plugin: (Google Update) - C:\Users\MainUser\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Norton Identity Protection) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-03-28]
CHR Extension: (Google Wallet) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-28] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [500792 2013-02-04] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-28] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 xudwekej; xudwekej.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 19:53 - 2014-07-28 19:53 - 00000000 ____D () C:\FRST
2014-07-28 19:30 - 2014-07-28 19:53 - 00000000 ____D () C:\Users\MainUser\Downloads\daten
2014-07-28 19:26 - 2014-07-28 19:26 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406568402114
2014-07-28 19:26 - 2014-07-28 19:26 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-28 19:26 - 2014-07-28 19:26 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-28 19:26 - 2014-07-28 19:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-28 19:26 - 2014-07-28 19:26 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\AVAST Software
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-28 18:45 - 2014-07-28 19:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\MainUser\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:27 - 2011-10-24 16:36 - 00422400 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00218624 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00098304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00087040 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00072192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-07-28 18:27 - 2011-08-16 17:17 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-07-28 18:27 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-07-28 18:27 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-07-28 18:27 - 2010-08-06 07:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-07-28 18:27 - 2010-07-27 09:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-07-28 18:27 - 2010-03-20 12:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-07-28 18:25 - 2014-07-28 18:25 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-07-28 18:25 - 2014-07-28 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1 Dashboard
2014-07-21 09:12 - 2014-07-21 09:13 - 00000000 ____D () C:\Users\MainUser\Desktop\BewerbungMF-Cleantechnik
2014-07-21 08:00 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-21 08:00 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-21 08:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-21 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-21 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-21 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-21 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-21 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-21 07:59 - 2014-05-28 12:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 12259328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 09079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 02457600 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 01496576 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-21 07:59 - 2014-05-28 12:17 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-21 07:59 - 2014-05-28 12:17 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-21 07:59 - 2014-05-28 12:16 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-21 07:59 - 2014-05-28 11:51 - 10992640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 01234432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-21 07:59 - 2014-05-28 11:50 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-21 07:59 - 2014-05-28 11:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-21 07:59 - 2014-05-28 11:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-21 07:59 - 2014-05-28 11:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-21 07:59 - 2014-05-28 11:14 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-21 07:59 - 2014-05-28 10:54 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-21 07:57 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-21 07:57 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-21 07:57 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 19:54 - 2011-08-24 15:30 - 01285579 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 19:53 - 2014-07-28 19:53 - 00000000 ____D () C:\FRST
2014-07-28 19:53 - 2014-07-28 19:30 - 00000000 ____D () C:\Users\MainUser\Downloads\daten
2014-07-28 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-07-28 19:38 - 2011-04-13 04:33 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 19:38 - 2011-04-13 04:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 19:36 - 2009-07-14 06:45 - 00015504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 19:36 - 2009-07-14 06:45 - 00015504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 19:31 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-28 19:28 - 2013-10-14 09:58 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-07-28 19:28 - 2012-01-16 17:45 - 00001403 _____ () C:\Users\MainUser\Desktop\Internet Explorer.lnk
2014-07-28 19:26 - 2014-07-28 19:26 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406568402114
2014-07-28 19:26 - 2014-07-28 19:26 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-28 19:26 - 2014-07-28 19:26 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-28 19:26 - 2014-07-28 19:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-28 19:26 - 2014-07-28 19:26 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\AVAST Software
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-28 19:25 - 2014-07-28 18:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-28 19:25 - 2013-10-31 19:39 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\Skype
2014-07-28 19:22 - 2012-02-07 21:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-28 19:22 - 2011-08-24 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-28 19:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 19:22 - 2009-07-14 06:51 - 00177862 _____ () C:\Windows\setupact.log
2014-07-28 18:52 - 2012-02-07 17:44 - 00000000 ____D () C:\ProgramData\Norton
2014-07-28 18:52 - 2011-04-13 03:39 - 00816522 _____ () C:\Windows\PFRO.log
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\MainUser\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:38 - 2011-02-19 06:24 - 00721562 _____ () C:\Windows\system32\perfh007.dat
2014-07-28 18:38 - 2011-02-19 06:24 - 00158306 _____ () C:\Windows\system32\perfc007.dat
2014-07-28 18:38 - 2009-07-14 07:13 - 01680252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-28 18:25 - 2014-07-28 18:25 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-07-28 18:25 - 2014-07-28 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1 Dashboard
2014-07-28 18:25 - 2012-02-07 18:10 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard
2014-07-28 18:18 - 2013-05-26 08:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-28 18:10 - 2014-03-22 21:39 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C5B9D04-03E2-4A05-9A63-04E6294BF2B4}
2014-07-24 09:21 - 2014-01-19 21:03 - 00000000 ____D () C:\Users\MainUser\Documents\Outlook-Dateien
2014-07-23 08:15 - 2014-01-16 21:26 - 00000000 ____D () C:\Users\MainUser\Desktop\Monatliche Zahlungen+Versicherungen
2014-07-23 07:37 - 2011-08-24 15:52 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-07-23 07:35 - 2009-07-14 06:45 - 00345056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-23 07:33 - 2014-05-06 22:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-23 07:33 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-23 07:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-23 07:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-21 20:59 - 2012-01-16 17:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-21 20:58 - 2013-07-23 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-21 20:56 - 2012-01-16 18:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-21 09:13 - 2014-07-21 09:12 - 00000000 ____D () C:\Users\MainUser\Desktop\BewerbungMF-Cleantechnik
2014-07-21 07:57 - 2013-11-23 20:08 - 00000000 ____D () C:\Users\MainUser\Desktop\Lebenslauf Walter Alt und Neu
2014-07-21 07:27 - 2012-01-22 23:11 - 00000336 _____ () C:\Windows\Tasks\RegUse.job
2014-07-10 22:18 - 2013-05-26 08:16 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 22:18 - 2013-05-26 08:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 22:18 - 2013-05-26 08:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 08:54 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-06 11:14 - 2013-03-13 15:28 - 00000000 ____D () C:\Users\MainUser\Desktop\Passwörter
2014-06-30 04:09 - 2014-07-21 08:00 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-21 08:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\MainUser\AppData\Local\Temp\1mh6qpd4.dll
C:\Users\MainUser\AppData\Local\Temp\ApnStub.exe
C:\Users\MainUser\AppData\Local\Temp\contentDATs.exe
C:\Users\MainUser\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chra_aih.exe
C:\Users\MainUser\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe
C:\Users\MainUser\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\MainUser\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\MainUser\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\MainUser\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\MainUser\AppData\Local\Temp\ose00000.exe
C:\Users\MainUser\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\MainUser\AppData\Local\Temp\unInstall2.exe
C:\Users\MainUser\AppData\Local\Temp\_isD28B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-06-05 19:15

==================== End Of Log ============================
--- --- ---


addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by MainUser at 2014-07-28 19:55:20
Running from C:\Users\MainUser\Downloads\daten
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A1 Dashboard (HKLM-x32\...\TAG) (Version: 2.0.2 - A1 Telekom Austria AG)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
ArcSoft MediaConverter 3 (HKLM-x32\...\{EE27AA87-8593-4B8A-A595-29E289C5520F}) (Version: 3.1.8.81 - ArcSoft)
ArcSoft MediaImpression 2 (HKLM-x32\...\{044197D0-BA1C-4567-A8E3-A6491A6DC4EE}) (Version: 2.0.19.573 - ArcSoft)
ArcSoft Video Downloader (HKLM-x32\...\{C8B44566-839A-459C-A73D-49764CE216CC}) (Version: 2.0.0.39 - ArcSoft)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.0 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 1.0.20.0 - Brother Industries, Ltd.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version:  - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 3.0.195.27 - Google Inc.)
Google Update Helper (x32 Version: 1.2.183.13 - Google Inc.) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2012.01.03 - www.hardcopy.de)
HEROLD Marketing CD business 4/2011 (HKLM-x32\...\{BCAF4D35-6824-4567-B159-9E6435083603}) (Version: 11.4 - HEROLD Business Data)
HEROLD Marketing CD Komponenten (x32 Version: 5.1 - HEROLD Business Data) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.39 - NVIDIA Corporation)
NVIDIA Control Panel 268.39 (Version: 268.39 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6839 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6370 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-05-2014 16:28:33 Windows Update
06-05-2014 20:15:32 Windows Update
15-05-2014 16:38:06 Windows Update
15-05-2014 19:16:00 Windows Update
18-05-2014 17:16:03 Windows-Sicherung
26-05-2014 04:29:09 Windows-Sicherung
01-06-2014 13:59:08 Windows Update
01-06-2014 17:28:55 Windows-Sicherung
10-06-2014 17:12:59 Windows-Sicherung
13-06-2014 19:37:28 Windows Update
13-06-2014 20:43:43 Windows Update
15-06-2014 19:34:59 Windows-Sicherung
17-06-2014 14:22:20 Windows Update
21-06-2014 05:37:10 Windows Update
22-06-2014 20:21:47 Windows-Sicherung
24-06-2014 16:35:23 Windows Update
01-07-2014 18:32:54 Windows-Sicherung
06-07-2014 09:17:32 Windows Update
14-07-2014 09:05:55 Windows-Sicherung
21-07-2014 05:37:58 Windows-Sicherung
21-07-2014 05:56:59 Windows Update
21-07-2014 18:54:00 Windows Update
28-07-2014 16:12:39 Windows-Sicherung
28-07-2014 17:25:04 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DE99C99-FE1B-4B8D-8D1E-E0F3D1E21797} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {28F80562-0849-41BE-88DD-AC4A9245119B} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {3039FD79-8019-427C-B9FE-852FD95D9B66} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {34BF57D9-1E4F-456C-BC39-0E74F015C151} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {3B216CDD-3968-4515-BFEA-9B3745B68686} - System32\Tasks\RegUse => C:\Program Files (x86)\RegUse\RegUse.exe
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {92BBA571-414F-4223-9655-5DA51D071832} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {9AA882C9-210B-45D9-BCAB-98BFA2C52EAB} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {B9F2794D-F27B-40DF-A37D-9F179CDBF48A} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2011-03-18] ()
Task: {BB1E4DE6-FEBF-412F-BFE9-3A485F3C7037} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {DA0E53D3-4758-470D-A853-22E98329B1E8} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2011-03-18] ()
Task: {FA17E896-737C-4235-9221-8CD30AD0D535} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-28] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegUse.job => C:\Program Files (x86)\RegUse\RegUse.exe

==================== Loaded Modules (whitelisted) =============

2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-08-24 15:50 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-05-15 18:18 - 2013-02-04 13:58 - 00500792 _____ () C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe
2011-06-20 16:01 - 2011-03-26 09:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-15 18:18 - 2013-02-04 13:58 - 00518712 ____N () C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-01-18 22:21 - 2011-01-18 22:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-01-21 17:58 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-15 18:18 - 2013-02-04 13:56 - 00256512 ____N () C:\Program Files (x86)\A1 Dashboard\WtgMobileBroadband7.dll
2014-02-14 20:05 - 2014-02-14 20:05 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-08-24 15:33 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-28 19:26 - 2014-07-28 19:26 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-28 19:26 - 2014-07-28 19:26 - 02787840 _____ () C:\Program Files\AVAST Software\Avast\defs\14062601\algo.dll
2014-07-28 19:36 - 2014-07-28 19:36 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
2014-07-28 19:26 - 2014-07-28 19:26 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-09 18:24 - 2013-11-18 02:56 - 01042432 _____ () C:\Users\MainUser\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.3.132\Blingext.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MainUser^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hardcopy.LNK => C:\Windows\pss\Hardcopy.LNK.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RegUse => C:\Program Files (x86)\RegUse\RegUse.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 07:25:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary qbyaanrx.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/28/2014 06:26:31 PM) (Source: VSS) (EventID: 12291) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen bzw. Verwenden der COM+-Verfasserveröffentlichungsschnittstelle ist ein Fehler aufgetreten: BackupShutdown [0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
].

Error: (07/28/2014 06:26:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IMultiInterfaceEventControl::GetSubscriptions" ist ein unerwarteter Fehler aufgetreten. hr = 0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.
.

Error: (07/28/2014 06:12:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: A1Dashboard.exe, Version: 1.0.0.1, Zeitstempel: 0x510fa180
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc21
ID des fehlerhaften Prozesses: 0x788
Startzeit der fehlerhaften Anwendung: 0xA1Dashboard.exe0
Pfad der fehlerhaften Anwendung: A1Dashboard.exe1
Pfad des fehlerhaften Moduls: A1Dashboard.exe2
Berichtskennung: A1Dashboard.exe3

Error: (07/24/2014 09:02:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 360

Startzeit: 01cfa70d175330d2

Endzeit: 20

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: 6ac22d74-1300-11e4-8668-10bf4857ce70

Error: (07/24/2014 09:01:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a1c

Startzeit: 01cfa70cd6d88338

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: 44cd0f57-1300-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:58:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: A1Dashboard.exe, Version: 1.0.0.1, Zeitstempel: 0x510fa180
Name des fehlerhaften Moduls: A1Dashboard.exe, Version: 1.0.0.1, Zeitstempel: 0x510fa180
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00048f0c
ID des fehlerhaften Prozesses: 0xfc4
Startzeit der fehlerhaften Anwendung: 0xA1Dashboard.exe0
Pfad der fehlerhaften Anwendung: A1Dashboard.exe1
Pfad des fehlerhaften Moduls: A1Dashboard.exe2
Berichtskennung: A1Dashboard.exe3

Error: (07/24/2014 08:58:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19fc

Startzeit: 01cfa70c4ca657de

Endzeit: 20

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: d0d3fbc4-12ff-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:55:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: A1Dashboard.exe, Version: 1.0.0.1, Zeitstempel: 0x510fa180
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc21
ID des fehlerhaften Prozesses: 0xf9c
Startzeit der fehlerhaften Anwendung: 0xA1Dashboard.exe0
Pfad der fehlerhaften Anwendung: A1Dashboard.exe1
Pfad des fehlerhaften Moduls: A1Dashboard.exe2
Berichtskennung: A1Dashboard.exe3

Error: (07/24/2014 08:54:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005


System errors:
=============
Error: (07/28/2014 07:55:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:55:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:53:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:53:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:52:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:51:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:50:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:49:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:48:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.

Error: (07/28/2014 07:48:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LMS erreicht.


Microsoft Office Sessions:
=========================
Error: (07/28/2014 07:25:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary qbyaanrx.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/28/2014 06:26:31 PM) (Source: VSS) (EventID: 12291) (User: )
Description: BackupShutdown0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.

Error: (07/28/2014 06:26:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: IMultiInterfaceEventControl::GetSubscriptions0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.

Error: (07/28/2014 06:12:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: A1Dashboard.exe1.0.0.1510fa180ole32.dll6.1.7601.175144ce7b96fc00000050003bc2178801cfaa7e3a129a8dC:\Program Files (x86)\A1 Dashboard\A1Dashboard.exeC:\Windows\syswow64\ole32.dllf05939b7-1671-11e4-b831-10bf4857ce70

Error: (07/24/2014 09:02:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.500036001cfa70d175330d220C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE6ac22d74-1300-11e4-8668-10bf4857ce70

Error: (07/24/2014 09:01:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.50001a1c01cfa70cd6d883380C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE44cd0f57-1300-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:58:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: A1Dashboard.exe1.0.0.1510fa180A1Dashboard.exe1.0.0.1510fa180c000000500048f0cfc401cfa70ca733d559C:\Program Files (x86)\A1 Dashboard\A1Dashboard.exeC:\Program Files (x86)\A1 Dashboard\A1Dashboard.exef7fd5431-12ff-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:58:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.500019fc01cfa70c4ca657de20C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEd0d3fbc4-12ff-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:55:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: A1Dashboard.exe1.0.0.1510fa180ole32.dll6.1.7601.175144ce7b96fc00000050003bc21f9c01cfa70af038339cC:\Program Files (x86)\A1 Dashboard\A1Dashboard.exeC:\Windows\syswow64\ole32.dll813f067f-12ff-11e4-8668-10bf4857ce70

Error: (07/24/2014 08:54:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8100.98 MB
Available physical RAM: 5937.59 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 13505.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:400.55 GB) (Free:325.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:505.96 GB) (Free:26.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0CD9B3F5)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=401 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 GB) - (Type=OF Extended)

==================== End Of Log ============================
Vielen Dank

schrauber 29.07.2014 10:18
hi,


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

haiflosse 29.07.2014 14:20
Danke für die Antwort.
Hier das Logfile
Code:
ComboFix 14-07-29.01 - MainUser 29.07.2014  14:26:38.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.43.1031.18.8101.6143 [GMT 2:00]
ausgeführt von:: c:\users\MainUser\Downloads\daten\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0611C883-EE21-4CC3-A149-58982787F4FF}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0E45798C-EE4B-4FF2-BCD1-8EF094400D77}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0F060344-DF56-4013-9DFF-5C584601A72A}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{119285E0-9A4E-4B0D-B2A2-1F584F36AE8E}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{264B5C1F-E87C-4005-B3A1-797F70B1CD5E}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{2E0E74F5-C05A-4978-8A2B-0AD18B227221}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{33386B99-5A38-4AE9-AE49-F534A695F7C1}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5A5A90B9-1033-4EAB-ADC2-173B3E68CDB1}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{78F3BECA-8092-4B38-9A35-BC3A41BD17DA}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{87524440-9473-4636-933D-302BF44BC862}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A2290D93-C126-4D92-9A35-084BBC0A66F6}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A44067B3-1E85-4D6B-9CEF-C5AD517DF50C}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{AF58D61D-E5C7-4AA2-90C2-1FDF6D0139F8}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BC5480B5-A18C-4194-9D52-11F1FF93F7BC}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FCEBE658-6FEE-4F9F-836C-A65100BD35CE}.xps
c:\users\MainUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FD761337-8B72-470D-8BDE-49EC5A644758}.xps
c:\users\MainUser\Desktop\Internet Explorer.lnk
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-06-28 bis 2014-07-29  ))))))))))))))))))))))))))))))
.
.
2014-07-29 12:34 . 2014-07-29 12:34        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F95E4DE0-5F18-4CD0-8F5A-DECC967DD01B}\offreg.dll
2014-07-29 12:34 . 2014-07-29 12:34        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-07-29 12:34 . 2014-07-29 12:34        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2014-07-28 17:53 . 2014-07-28 17:56        --------        d-----w-        C:\FRST
2014-07-28 17:26 . 2014-07-28 17:26        --------        d-----w-        c:\users\MainUser\AppData\Roaming\AVAST Software
2014-07-28 17:26 . 2014-07-28 17:26        92008        ----a-w-        c:\windows\system32\drivers\aswStm.sys
2014-07-28 17:26 . 2014-07-28 17:26        224896        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2014-07-28 17:26 . 2014-07-28 17:26        1041168        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2014-07-28 17:26 . 2014-07-28 17:26        427360        ----a-w-        c:\windows\system32\drivers\aswsp.sys
2014-07-28 17:26 . 2014-07-28 17:26        65776        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2014-07-28 17:26 . 2014-07-28 17:26        79184        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2014-07-28 17:26 . 2014-07-28 17:26        29208        ----a-w-        c:\windows\system32\drivers\aswHwid.sys
2014-07-28 17:26 . 2014-07-28 17:26        93568        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2014-07-28 17:26 . 2014-07-28 17:26        307344        ----a-w-        c:\windows\system32\aswBoot.exe
2014-07-28 17:26 . 2014-07-28 17:26        43152        ----a-w-        c:\windows\avastSS.scr
2014-07-28 17:25 . 2014-07-28 17:25        --------        d-----w-        c:\program files\AVAST Software
2014-07-28 16:45 . 2014-07-28 17:25        --------        d-----w-        c:\programdata\AVAST Software
2014-07-28 16:27 . 2011-10-24 14:36        422400        ----a-w-        c:\windows\system32\drivers\ewusbwwan.sys
2014-07-28 16:27 . 2011-09-09 09:51        218624        ----a-w-        c:\windows\system32\drivers\ew_juwwanecm.sys
2014-07-28 16:27 . 2011-09-09 09:51        72192        ----a-w-        c:\windows\system32\drivers\ew_jucdcecm.sys
2014-07-28 16:27 . 2011-09-09 09:51        28672        ----a-w-        c:\windows\system32\drivers\ew_juextctrl.sys
2014-07-28 16:27 . 2011-09-09 09:51        98304        ----a-w-        c:\windows\system32\drivers\ew_jucdcacm.sys
2014-07-28 16:27 . 2011-09-09 09:51        87040        ----a-w-        c:\windows\system32\drivers\ew_jubusenum.sys
2014-07-28 16:27 . 2011-08-16 15:17        223232        ----a-w-        c:\windows\system32\drivers\ewusbmdm.sys
2014-07-28 16:27 . 2010-10-08 14:59        32768        ----a-w-        c:\windows\system32\drivers\ewdcsc.sys
2014-07-28 16:27 . 2010-09-26 16:09        22016        ----a-w-        c:\windows\system32\drivers\ew_hwupgrade.sys
2014-07-28 16:27 . 2010-08-06 05:43        1001472        ----a-w-        c:\windows\system32\drivers\mod7700.sys
2014-07-28 16:27 . 2010-07-27 07:52        117248        ----a-w-        c:\windows\system32\drivers\ew_hwusbdev.sys
2014-07-28 16:27 . 2010-03-20 10:06        13952        ----a-w-        c:\windows\system32\drivers\ew_usbenumfilter.sys
2014-07-21 06:00 . 2014-06-03 10:02        1719296        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL
2014-07-21 06:00 . 2014-06-03 10:02        1389568        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll
2014-07-21 06:00 . 2014-06-03 10:02        1380864        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll
2014-07-21 06:00 . 2014-06-03 10:02        1354240        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-21 06:00 . 2014-05-30 06:45        497152        ----a-w-        c:\windows\system32\drivers\afd.sys
2014-07-21 06:00 . 2014-06-03 09:29        936960        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-21 06:00 . 2014-06-30 02:09        519168        ----a-w-        c:\windows\system32\aepdu.dll
2014-07-21 06:00 . 2014-06-30 02:04        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-07-21 05:58 . 2014-07-02 03:09        10924376        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F95E4DE0-5F18-4CD0-8F5A-DECC967DD01B}\mpengine.dll
2014-07-21 05:57 . 2014-06-05 14:45        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-07-21 05:57 . 2014-06-05 14:26        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-07-21 05:57 . 2014-06-05 14:25        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-23 05:37 . 2011-08-24 13:52        45056        ----a-w-        c:\windows\system32\acovcnt.exe
2014-07-21 18:56 . 2012-01-16 16:43        96441528        ----a-w-        c:\windows\system32\MRT.exe
2014-07-14 17:02 . 2014-06-15 16:14        163504        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-07-10 20:18 . 2013-05-26 06:16        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 20:18 . 2013-05-26 06:16        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-06-10 2255360]
"USBChargerPlusTray"="c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [2011-04-18 496560]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2010-10-28 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"TAG_A1Dashboard_Launcher.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe" [2013-02-04 518712]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"TAG_A1Dashboard.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard.exe" [2013-02-04 4254264]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-28 4086432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-13 548528]
Device Monitor.lnk - c:\program files (x86)\ArcSoft\MediaConverter 3\Monitor.exe -H [2012-2-7 139264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xudwekej;xudwekej;xudwekej.sys;xudwekej.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TAG_Service;A1 Dashboard Service;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWRVRT
*NewlyCreated* - ASWSP
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-26 20:18]
.
2014-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2014-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-28 17:26        634872        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 392216]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 415768]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-12 2213992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Mit PDF Viewer Plus öffnen - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: crystalservices.at\intern
TCP: Interfaces\{6D7848F4-8AE8-4E73-92D9-5EA59DF6AC37}: NameServer = 194.48.128.199 194.48.139.254
FF - ProfilePath - c:\users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\h1q6r9b0.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-29  14:37:25
ComboFix-quarantined-files.txt  2014-07-29 12:37
.
Vor Suchlauf: 10 Verzeichnis(se), 352.029.241.344 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 353.428.271.104 Bytes frei
.
- - End Of File - - 34C4FF3CB23F6756357E28D76BDCD524
A36C5E4F47E84449FF07ED3517B43A31
Danke

schrauber 30.07.2014 11:44
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

haiflosse 30.07.2014 15:27
Danke für die Hilfe.
Hier die Ergebnisse:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 30.07.2014
Suchlauf-Zeit: 13:24:02
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: MainUser

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 271170
Verstrichene Zeit: 8 Min, 14 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
PUP.Optional.Softonic.A, C:\Users\MainUser\Downloads\SoftonicDownloader_fuer_internet-explorer-8 (1).exe, In Quarantäne, [fd4c40bf7bffca6c000301611ee33ac6],
PUP.Optional.Softonic.A, C:\Users\MainUser\Downloads\SoftonicDownloader_fuer_internet-explorer-8.exe, In Quarantäne, [5aef5ba4c0ba75c1f0134c16e021cd33],

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
# AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 13:43:05
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : MainUser - MAINUSER-PC
# Gestartet von : C:\Users\MainUser\Downloads\daten\adwcleaner_3.301.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\MainUser\AppData\Local\apn
Ordner Gefunden : C:\Users\MainUser\AppData\Local\PackageAware

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.18487


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\h1q6r9b0.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2255 octets] - [30/07/2014 13:43:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2315 octets] ##########
Code:
# AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 13:55:09
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : MainUser - MAINUSER-PC
# Gestartet von : C:\Users\MainUser\Downloads\daten\adwcleaner_3.301.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\MainUser\AppData\Local\apn
Ordner Gelöscht : C:\Users\MainUser\AppData\Local\PackageAware

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\Softonic

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.18487


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\h1q6r9b0.default\prefs.js ]


-\\ Google Chrome v0.0.0.0

[ Datei : C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2407 octets] - [30/07/2014 13:43:05]
AdwCleaner[S0].txt - [2158 octets] - [30/07/2014 13:55:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2218 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by MainUser on 30.07.2014 at 14:24:29,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A49A2E0-AA2F-48D6-9353-27AE621A229A}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{020571A4-D3CA-4BBE-BA5B-C1E17C3637CA}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{04EC081A-7698-4241-85B8-40FB9789CA46}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{05B33297-A185-4609-9F9C-F46D574C9F63}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{070A8CB8-FB12-4267-86CB-7A70F450C92B}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{08109392-C289-4B6A-B08B-1AB507E1C8C8}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{083401B9-61A6-4F1F-AA15-F095BB5F31A4}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{10341F45-25B0-4939-BEA4-1DCCC1246861}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{1106807E-3C02-4311-AF55-8822996A9B7B}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{1350AE4D-3D15-4C07-A728-1DD33D4EA5B2}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{150798BA-6B22-4A81-B779-D0A1101888F0}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{19D9832D-C9EC-42FF-949D-19CD92F9EFB5}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{1B3B809B-9A24-4422-8C1F-3E31E92EDDAD}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{1C8EDB9A-54B0-4535-8908-29A40F5A880C}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{1D3969C1-7680-4F39-B5DA-8C356D005E1E}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{217A67A9-6F8C-4A92-AC38-D36F3C34FFDE}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{22F364CA-F1DC-4104-90A8-060DEF5C62FB}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{31544199-1C2F-46A4-AE45-5775B0ECD889}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{33917CAA-7B83-4174-93ED-C14151297C90}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{39232450-B7EC-4BFC-AB54-14F20A723A34}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{3B249AB4-F8C4-4C41-B058-D184D64B983E}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{3FB28A58-EDE2-4E56-BEAD-E2AFA04C7A6F}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{403B56C1-3251-4890-BBCB-691B0BE50B99}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{406437F2-C869-4A96-B86D-1AF97D950CF9}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{40C48016-C8C5-4CF9-ACD8-A07912ED5497}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{426913B3-6771-4AE1-A6C2-7E93DEBF6D84}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{43F2A3B0-A5F2-429E-8B4B-96667F9DA1D9}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{49236639-BB1C-4559-B8D0-D78F8EDB8E88}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{50ED63D9-1AF3-40CA-8DDB-D428635341A1}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{516DBA40-695C-4921-BA42-C01CB7F48EB9}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{532CB23A-013B-4CBF-A911-4632EEFB7C28}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{54C9F8D3-79B5-49A2-890F-35CF2D35E667}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{56AF7682-5859-4AAA-9257-DDBC9F52414D}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{5793A333-58FE-4BE2-9363-C0C632F0EDE9}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{57B521C2-2A5A-4470-A917-40C343A01BA7}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{58C0C261-FA85-4B9D-BAA0-AF0BCAA0B469}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{5BF7EF98-0227-401E-914A-98F163702DB8}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{5D21FBBA-0425-4123-BAEC-17EDC13ACB77}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{60C72E19-68C1-404A-9061-512BDD6FBCDB}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{616399BA-8A4C-4EE9-A76D-86FD859FEC8C}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{69BE7A05-78EB-41DA-8920-E19CDBBE831F}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{69FF8ABE-3203-46F3-8796-B09527BAC468}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{6D9D9BDF-78EB-4A89-AC13-13F024B992AB}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{6DAAC529-A99D-48FD-82E4-F61E75CD965F}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{6F09D68F-F94C-4658-A1BD-84978DBD4C8D}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{738D357C-6590-4D92-8DEF-85528A90DC50}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{7984C4CD-5BB3-41A7-B13F-F63C5D2196C1}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{7CAA7D73-4543-4BD1-8532-9B7FFF5E46A4}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{7E9D6D8E-478A-4038-B11D-70F61C569399}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{82E816DC-2BD8-457E-9C02-6834E530DB56}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{84108740-884F-4011-9A78-B538898BA492}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{8669E9DC-DA46-4D92-930C-189D64FA9367}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{8776378C-9AC3-454C-9E08-EFE42638DF1B}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{8F6B63F1-DB23-4F65-8435-35FB03FF6594}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{8F8CEEE1-86AD-48D8-BB47-49BE60C3B1EF}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{906A8633-8350-41A5-923E-3B81A13A5DE6}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{907A26CB-A153-43B8-8E64-1C00CC0E45B0}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{91A9148F-DD4B-4E99-A318-4D8CDB851A5C}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{92F635C4-A19B-4EA0-823A-701923EAAD60}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{951DFA2F-98A3-44E0-B420-3EB1B79B2A63}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{968EAB51-E77F-4D0C-97FA-2E8F2FFB741C}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{9A120AB3-9D67-4B71-A099-844E5CAD5F93}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{9A91BB6A-335D-4C71-B8E8-038BB67F9104}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{9AC0F0BC-68A7-4820-AECC-B0532AFB8EA8}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{A116B5EB-F449-4433-A3BE-A6B854FD07C6}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{A3157C7E-9861-4030-AD64-618BECCF3B97}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{A67356E0-4E88-4107-9F33-EF1C9EC5FEBE}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{A975BE31-9EAF-4C43-9B73-0C0C2B53BFCA}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{AB2D8527-76BF-4B5B-846E-D4BDEA06AEB4}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{ACE9B61E-0909-4782-86F4-735FE51B08FF}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{AFC2896A-3175-409E-8F84-C8BA40C5E2ED}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{B632CA59-91C8-44DC-9E26-22763CE2D7A5}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{B7AA469E-8C4B-4D2E-8C8B-6C540B94DE83}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{B86456D5-820A-43B5-9887-A6BEF7FB6A49}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{B8EAC4DD-1DE3-43A3-A2AB-0C7586627993}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{B9E425A6-4DB9-47D6-9A7A-B7989FC79105}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{BB618987-AD57-4171-8A12-DD1B82FEBE48}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{BC94B025-FD2A-4824-878D-0664319C692B}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{BE3A668A-3B23-4FC7-90E9-02F3FA49C723}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{BF3724E9-72AE-4D6A-A6F9-4CC01138CB9D}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{C2F04798-27AC-4F6B-924E-1765C29D9F47}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{C31BE1F2-1D56-404C-B7A5-12187EEF1819}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{C3301C06-6DC2-48F1-AD65-71DFB707A2EB}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{C45E396B-1CCE-43F6-BF64-CA5F8833116A}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{C7E8E597-A3E6-4854-B2C9-4FEEED55C284}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CA39E45E-CBAE-4641-880F-F9BFED275A60}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CAAC1925-850E-49B9-8C67-C669552AA3AA}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CAC55659-8ADD-4B26-A317-DF18308E41FA}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CE18B4ED-E15F-42F7-8D06-F484AF586654}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CE63A355-86B5-48B9-975D-684A17F47A74}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{CEE79A25-A5B4-44D6-899C-A0B8926C7C3D}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{D2EC45E6-5790-4DE0-B000-44100125292B}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{D5015217-180B-4054-98F9-1DF0E6D2E0C7}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{D5BA86DC-C9BC-4181-BCEF-EBFA90955E66}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{D8FF55C6-29EC-4485-AE20-74F715AFFFA4}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{DB015053-FC41-44C6-8750-15308A774A3C}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{DC211A13-E3AC-452B-804D-067509F2BBFD}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{E30FECE8-63BC-4942-A16D-AB5B2FE3FF60}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{E3E2E881-ECBB-4FF4-8181-90349529CFC0}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{E586357A-521D-470E-9547-D24534731155}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{E7095C9D-351E-4A5B-A21A-6700B8C956D2}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{E8DBE3C5-81CB-4E19-B7EC-F58E0C63A6BD}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{EB51DA32-3828-4920-B04A-634552738CDA}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{EFD9E86E-D753-4CCB-A8B1-62F6B3218945}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F0914B95-304C-44D8-AF81-E8B8ADADE932}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F092189A-8449-4C10-97D7-B76CDF85F266}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F0F2CFC2-BB08-4300-BE12-EF466708C0B6}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F10901FA-9A28-4D44-9CAD-9C08FF150BFB}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F3F8A5CF-4B89-484A-9F89-72613F6A444E}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F7AA59F1-C75C-492E-836A-B8D9BFAA9761}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F8C31875-9EFB-4681-BA04-EA6E30C53E8E}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{F8EAF8FE-0E5C-4B1D-952F-F16085F0CFC6}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{FEC56D3D-4164-4FBF-A72F-B6A8B39D5DC3}
Successfully deleted: [Empty Folder] C:\Users\MainUser\appdata\local\{FFD793C7-ED28-4A45-A1C3-37A21CD34CF5}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2014 at 15:27:48,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Danke

schrauber 31.07.2014 09:44

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

haiflosse 31.07.2014 20:54
Danke für die Antwort.
Hier die Ergebnisse

Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5caca534b188344c96424ebc41c505f5
# engine=19437
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-31 06:33:35
# local_time=2014-07-31 08:33:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 198189 263329 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 110281 158461465 0 0
# scanned=184309
# found=4
# cleaned=0
# scan_time=22720
sh=F6B91770500D72C04E894F9CBBC86D7F8AEEADA1 ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\MAINUSER-PC\Backup Set 2014-01-19 190001\Backup Files 2014-02-16 190001\Backup files 1.zip"
sh=C924682F58F016227075B7038E46A9B8AAA76394 ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\MAINUSER-PC\Backup Set 2014-03-16 195205\Backup Files 2014-03-16 195205\Backup files 1.zip"
sh=C08119E3D14C529330ECC1F6683D272F540134FA ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\MAINUSER-PC\Backup Set 2014-04-20 190001\Backup Files 2014-04-20 190001\Backup files 1.zip"
sh=B6025D6303D07B67733A0A7FA0D567D698D8281C ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\MAINUSER-PC\Backup Set 2014-07-01 203232\Backup Files 2014-07-01 203232\Backup files 1.zip"
Code:
Results of screen317's Security Check version 0.99.85 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 51 
 Java version out of Date!
 Adobe Reader 10.1.10 Adobe Reader out of Date! 
 Mozilla Firefox 27.0.1 Firefox out of Date! 
 Google Chrome 3.0.195.27 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by MainUser (administrator) on MAINUSER-PC on 31-07-2014 21:47:10
Running from C:\Users\MainUser\Downloads\daten
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ArcSoft) C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [USBChargerPlusTray] => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] => C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [518712 2013-02-04] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TAG_A1Dashboard.exe] => C:\Program Files (x86)\A1 Dashboard\A1Dashboard.exe [4254264 2013-02-04] (WebToGo Gmbh)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-28] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1000\...\MountPoints2: {c77e6bd9-ce55-11e0-9c30-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-2300201689-4087343971-1570647928-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-04-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
ShortcutTarget: Device Monitor.lnk -> C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe (ArcSoft)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: IEPlugin Class -> {11222041-111B-46E3-BD29-EFB2449479B1} -> C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6D7848F4-8AE8-4E73-92D9-5EA59DF6AC37}: [NameServer]194.48.128.199 194.48.139.254

FireFox:
========
FF ProfilePath: C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\h1q6r9b0.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=8 - C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox
FF Extension: ArcSoft Video Downloader Extension - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2012-02-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-28]

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=55F0582E-08A2-4CF2-882E-547A89949C6F&apn_ptnrs=U3&apn_sauid=72859671-8B2F-4DA6-A59D-244965000E9F&apn_dtid=OSJ000YYAT&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\MainUser\AppData\Local\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (registryAccess) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaphcodaeekobnmpkdljikkcogmgmb\7.13.2.0_0\background/registryAccess.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll (Google Inc.)
CHR Plugin: (Google Update) - C:\Users\MainUser\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Norton Identity Protection) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-03-28]
CHR Extension: (Google Wallet) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-28] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [500792 2013-02-04] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-28] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 xudwekej; xudwekej.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 15:27 - 2014-07-30 15:27 - 00013228 _____ () C:\Users\MainUser\Desktop\JRT.txt
2014-07-30 14:24 - 2014-07-30 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-07-30 13:42 - 2014-07-30 13:55 - 00000000 ____D () C:\AdwCleaner
2014-07-30 13:23 - 2014-07-31 14:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-30 13:22 - 2014-07-30 13:22 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-30 13:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-30 13:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-30 13:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-29 14:37 - 2014-07-29 14:37 - 00024077 _____ () C:\ComboFix.txt
2014-07-29 14:24 - 2014-07-29 14:37 - 00000000 ____D () C:\Qoobox
2014-07-29 14:24 - 2014-07-29 14:35 - 00000000 ____D () C:\Windows\erdnt
2014-07-29 14:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-29 14:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-29 14:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-29 14:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-29 14:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-29 14:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-29 14:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-29 14:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-28 19:53 - 2014-07-31 21:47 - 00000000 ____D () C:\FRST
2014-07-28 19:30 - 2014-07-31 21:47 - 00000000 ____D () C:\Users\MainUser\Downloads\daten
2014-07-28 19:26 - 2014-07-28 19:26 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-28 19:26 - 2014-07-28 19:26 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-28 19:26 - 2014-07-28 19:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-28 19:26 - 2014-07-28 19:26 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\AVAST Software
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-28 18:45 - 2014-07-28 19:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\MainUser\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:27 - 2011-10-24 16:36 - 00422400 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00218624 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00098304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00087040 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00072192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-07-28 18:27 - 2011-09-09 11:51 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-07-28 18:27 - 2011-08-16 17:17 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-07-28 18:27 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-07-28 18:27 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-07-28 18:27 - 2010-08-06 07:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-07-28 18:27 - 2010-07-27 09:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-07-28 18:27 - 2010-03-20 12:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-07-28 18:25 - 2014-07-28 18:25 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-07-28 18:25 - 2014-07-28 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1 Dashboard
2014-07-21 09:12 - 2014-07-21 09:13 - 00000000 ____D () C:\Users\MainUser\Desktop\BewerbungMF-Cleantechnik
2014-07-21 08:00 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-21 08:00 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-21 08:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-21 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-21 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-21 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-21 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-21 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-21 07:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-21 07:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-21 07:59 - 2014-05-28 12:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 12259328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 09079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 02457600 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 01496576 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-21 07:59 - 2014-05-28 12:17 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-21 07:59 - 2014-05-28 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-21 07:59 - 2014-05-28 12:17 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-21 07:59 - 2014-05-28 12:16 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-21 07:59 - 2014-05-28 11:51 - 10992640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 01234432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-21 07:59 - 2014-05-28 11:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-21 07:59 - 2014-05-28 11:50 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-21 07:59 - 2014-05-28 11:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-21 07:59 - 2014-05-28 11:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-21 07:59 - 2014-05-28 11:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-21 07:59 - 2014-05-28 11:14 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-21 07:59 - 2014-05-28 10:54 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-21 07:57 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-21 07:57 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-21 07:57 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 21:47 - 2014-07-28 19:53 - 00000000 ____D () C:\FRST
2014-07-31 21:47 - 2014-07-28 19:30 - 00000000 ____D () C:\Users\MainUser\Downloads\daten
2014-07-31 21:38 - 2011-04-13 04:33 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 21:18 - 2013-05-26 08:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 21:01 - 2013-10-31 19:39 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\Skype
2014-07-31 20:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-07-31 19:38 - 2011-04-13 04:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 19:23 - 2011-08-24 15:30 - 01489701 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 14:37 - 2014-07-30 13:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 14:13 - 2009-07-14 06:45 - 00015504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 14:13 - 2009-07-14 06:45 - 00015504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 14:11 - 2011-02-19 06:24 - 00721562 _____ () C:\Windows\system32\perfh007.dat
2014-07-31 14:11 - 2011-02-19 06:24 - 00158306 _____ () C:\Windows\system32\perfc007.dat
2014-07-31 14:11 - 2009-07-14 07:13 - 01680252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-31 14:09 - 2014-03-22 21:39 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C5B9D04-03E2-4A05-9A63-04E6294BF2B4}
2014-07-31 14:08 - 2009-07-14 06:51 - 00179748 _____ () C:\Windows\setupact.log
2014-07-31 14:01 - 2011-08-24 15:52 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-07-31 14:00 - 2012-02-07 21:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-31 14:00 - 2011-08-24 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-31 14:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-30 15:27 - 2014-07-30 15:27 - 00013228 _____ () C:\Users\MainUser\Desktop\JRT.txt
2014-07-30 14:24 - 2014-07-30 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-07-30 13:56 - 2011-04-13 03:39 - 00818662 _____ () C:\Windows\PFRO.log
2014-07-30 13:55 - 2014-07-30 13:42 - 00000000 ____D () C:\AdwCleaner
2014-07-30 13:34 - 2011-08-24 15:50 - 00001387 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-30 13:22 - 2014-07-30 13:22 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-30 13:22 - 2014-07-30 13:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-29 14:37 - 2014-07-29 14:37 - 00024077 _____ () C:\ComboFix.txt
2014-07-29 14:37 - 2014-07-29 14:24 - 00000000 ____D () C:\Qoobox
2014-07-29 14:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-29 14:35 - 2014-07-29 14:24 - 00000000 ____D () C:\Windows\erdnt
2014-07-29 14:35 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-28 19:31 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-28 19:26 - 2014-07-28 19:26 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-28 19:26 - 2014-07-28 19:26 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-28 19:26 - 2014-07-28 19:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-28 19:26 - 2014-07-28 19:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-28 19:26 - 2014-07-28 19:26 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\Users\MainUser\AppData\Roaming\AVAST Software
2014-07-28 19:26 - 2014-07-28 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-28 19:25 - 2014-07-28 18:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-28 18:52 - 2012-02-07 17:44 - 00000000 ____D () C:\ProgramData\Norton
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:44 - 2014-07-28 18:44 - 91906368 _____ (AVAST Software) C:\Users\MainUser\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-28 18:25 - 2014-07-28 18:25 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-07-28 18:25 - 2014-07-28 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1 Dashboard
2014-07-28 18:25 - 2012-02-07 18:10 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard
2014-07-24 09:21 - 2014-01-19 21:03 - 00000000 ____D () C:\Users\MainUser\Documents\Outlook-Dateien
2014-07-23 10:52 - 2012-07-23 07:25 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-23 08:15 - 2014-01-16 21:26 - 00000000 ____D () C:\Users\MainUser\Desktop\Monatliche Zahlungen+Versicherungen
2014-07-23 07:35 - 2009-07-14 06:45 - 00345056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-23 07:33 - 2014-05-06 22:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-23 07:33 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-23 07:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-23 07:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-21 20:59 - 2012-01-16 17:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-21 20:58 - 2013-07-23 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-21 20:56 - 2012-01-16 18:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-21 09:13 - 2014-07-21 09:12 - 00000000 ____D () C:\Users\MainUser\Desktop\BewerbungMF-Cleantechnik
2014-07-21 07:57 - 2013-11-23 20:08 - 00000000 ____D () C:\Users\MainUser\Desktop\Lebenslauf Walter Alt und Neu
2014-07-10 22:18 - 2013-05-26 08:16 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 22:18 - 2013-05-26 08:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 22:18 - 2013-05-26 08:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 08:54 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-06 11:14 - 2013-03-13 15:28 - 00000000 ____D () C:\Users\MainUser\Desktop\Passwörter

Some content of TEMP:
====================
C:\Users\MainUser\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-06-05 19:15

==================== End Of Log ============================
--- --- ---


Danke.

Bin ich dann fertig, oder kommt da noch ein Check.
Wie kann ich am Besten die Programme wieder entfernen.

Ich sollte den PC morgen wieder weitergeben.
Vielen Dank

schrauber 01.08.2014 17:53
Java, Adobe und Firefox updaten.

Backup auf D löschen.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:24 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131