| anderle2507 | 17.08.2014 11:19 |
Hallo,
hier die beiden Logfiles:
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Carmen (administrator) on CARMEN-PC on 17-08-2014 12:11:22
Running from C:\Users\Carmen\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Carmen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) D:\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2784552 2011-05-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Spotify] => C:\Users\Carmen\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-08-13] (Spotify Ltd)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Spotify Web Helper] => C:\Users\Carmen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-08-13] (Spotify Ltd)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [DataMgr] => C:\Users\Carmen\AppData\Roaming\DataMgr\datamgr.exe [168264 2012-10-16] (HTTO Group, Ltd.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Protector] => wscript.exe "C:\Users\Carmen\AppData\Roaming\SDIV 2.0\Prot\prot.vbs" check
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [TU] => C:\Users\Carmen\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe [133536 2012-10-16] ()
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {ae2690bd-68e5-11e1-9b16-806e6f6e6963} - E:\AUTORUN.EXE
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232896 2014-08-06] (Client Connect LTD)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [226920 2011-06-05] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187328 2014-08-06] (Client Connect LTD)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [193128 2011-06-05] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14289
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392659883&from=tugs&uid=HitachiXHTS547550A9E384_J1120021C9RLNBC9RLNBX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392659883&from=tugs&uid=HitachiXHTS547550A9E384_J1120021C9RLNBC9RLNBX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324328&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP25316818-2833-42BE-86A4-81B69F4C91DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3324328&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP25316818-2833-42BE-86A4-81B69F4C91DD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392659883&from=tugs&uid=HitachiXHTS547550A9E384_J1120021C9RLNBC9RLNBX&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
BHO: Feven Pro -> {11111111-1111-1111-1111-110511161178} -> C:\Program Files (x86)\Feven Pro\Feven Pro-bho64.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files (x86)\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKCU\...\Firefox\Extensions: [{00894511-B737-5398-6E7A-13EBFFF11FE9}] - C:\Program Files (x86)\Re-markit\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\161.xpi [2014-05-12]
Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3324328&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP25316818-2833-42BE-86A4-81B69F4C91DD&SSPV=
CHR StartupUrls: "hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21", "hxxp://www.google.de/"
CHR DefaultSearchKeyword: fbdownloader search
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - D:\Mozilla Plugins\npitunes.dll ()
CHR Extension: (YouTube) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-03]
CHR Extension: (Google-Suche) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-16]
CHR Extension: (Feven Pro) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb [2014-02-17]
CHR Extension: (Value apps) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2014-03-06]
CHR Extension: (media enhance) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-18]
CHR Extension: (Re-markit) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkboeomohomdkbhncbmggohoapedbldl [2014-05-12]
CHR Extension: (Google Wallet) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-03]
CHR Extension: (Extutil) - C:\Users\Carmen\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-03-06]
CHR Extension: (Managera) - C:\Users\Carmen\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-03-06]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2982336 2014-08-06] (Client Connect LTD)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe [142848 2014-05-12] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
S2 70e6ca8c; "C:\windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-01] (Avira Operations GmbH & Co. KG)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-08-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
R3 SPPD; \??\C:\windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 12:11 - 2014-08-17 12:13 - 00021620 _____ () C:\Users\Carmen\Desktop\FRST.txt
2014-08-17 12:11 - 2014-08-17 12:11 - 00000000 ____D () C:\FRST
2014-08-17 12:09 - 2014-08-17 12:10 - 02101760 _____ (Farbar) C:\Users\Carmen\Desktop\FRST64.exe
2014-08-16 13:24 - 2014-08-16 13:24 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 13:14 - 2014-08-16 13:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 18:35 - 2014-08-13 18:35 - 00000000 __SHD () C:\Users\Carmen\AppData\Local\EmieUserList
2014-08-13 18:35 - 2014-08-13 18:35 - 00000000 __SHD () C:\Users\Carmen\AppData\Local\EmieSiteList
2014-08-11 00:37 - 2014-08-12 02:54 - 00000000 ____D () C:\Users\Carmen\Documents\Harry Potter II
2014-08-11 00:35 - 2014-08-11 00:35 - 00002243 _____ () C:\Users\Public\Desktop\Harry Potter und die Kammer des Schreckens.lnk
2014-08-11 00:35 - 2014-08-11 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-08-09 21:04 - 2014-08-09 21:04 - 00001391 _____ () C:\Users\Andrea\Desktop\Lumix.lnk
2014-08-09 21:02 - 2014-08-09 21:02 - 00000000 ____D () C:\Program Files\Panasonic
2014-08-06 19:58 - 2014-08-06 19:58 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Panasonic
2014-08-03 22:01 - 2014-08-03 22:01 - 00000000 ____D () C:\ProgramData\Panasonic
2014-08-03 21:57 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-03 21:57 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-03 21:56 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-08-03 21:56 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-08-03 21:56 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-03 21:56 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-08-03 21:56 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-08-03 21:56 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-08-03 21:56 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-08-03 21:56 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-08-03 21:55 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-03 21:55 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-03 21:55 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-03 21:55 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-03 21:55 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-03 21:55 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-03 21:55 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-03 21:55 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-03 21:55 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-03 21:55 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-03 21:55 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-03 21:55 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-03 21:55 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-03 21:55 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-03 21:55 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-03 21:55 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-03 21:55 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-03 21:55 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-03 21:55 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-03 21:55 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-03 21:55 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-03 21:55 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-03 21:55 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-03 21:55 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-03 21:55 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-03 21:55 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-03 21:55 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-03 21:55 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-03 21:55 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-03 21:55 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-03 21:55 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-03 21:55 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-03 21:55 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-03 21:55 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-03 21:55 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-03 21:55 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-03 21:55 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-03 21:55 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-03 21:55 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-03 21:55 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-03 21:55 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-03 21:55 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-03 21:55 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-03 21:55 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-03 21:55 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-03 21:55 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-03 21:55 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-03 21:55 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-03 21:55 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-03 21:55 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-03 21:55 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-03 21:55 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-03 21:55 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-03 21:55 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-03 21:55 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-03 21:55 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-03 21:52 - 2014-08-03 21:52 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Panasonic
2014-08-03 21:51 - 2014-08-03 21:51 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\InstallShield
2014-08-03 21:51 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-08-03 21:51 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-08-03 21:51 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-08-03 21:51 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK2.dll
2014-08-03 21:51 - 2007-06-22 00:10 - 00000097 _____ () C:\windows\SysWOW64\PICSDK.ini
2014-08-03 21:51 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EpPicPrt.dll
2014-08-03 21:51 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EPPicMgr.dll
2014-08-03 21:51 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICEntry.dll
2014-08-03 21:51 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK.dll
2014-08-03 21:51 - 2005-06-01 00:20 - 00111932 _____ () C:\windows\SysWOW64\EPPICPrinterDB.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00031053 _____ () C:\windows\SysWOW64\EPPICPattern131.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00027417 _____ () C:\windows\SysWOW64\EPPICPattern121.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00026154 _____ () C:\windows\SysWOW64\EPPICPattern1.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00024903 _____ () C:\windows\SysWOW64\EPPICPattern3.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00021390 _____ () C:\windows\SysWOW64\EPPICPattern5.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00020148 _____ () C:\windows\SysWOW64\EPPICPattern2.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00013732 _____ () C:\windows\SysWOW64\EPPICLocal_EN.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00011811 _____ () C:\windows\SysWOW64\EPPICPattern4.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00006442 _____ () C:\windows\SysWOW64\EPPICLocal_IT.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006347 _____ () C:\windows\SysWOW64\EPPICLocal_PT.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006347 _____ () C:\windows\SysWOW64\EPPICLocal_BP.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006335 _____ () C:\windows\SysWOW64\EPPICLocal_GE.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006195 _____ () C:\windows\SysWOW64\EPPICLocal_FR.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006195 _____ () C:\windows\SysWOW64\EPPICLocal_CF.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006122 _____ () C:\windows\SysWOW64\EPPICLocal_DU.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00006103 _____ () C:\windows\SysWOW64\EPPICLocal_ES.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00005817 _____ () C:\windows\SysWOW64\EPPICLocal_KO.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00005436 _____ () C:\windows\SysWOW64\EPPICLocal_SC.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00004943 _____ () C:\windows\SysWOW64\EPPICPattern6.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00002889 _____ () C:\windows\SysWOW64\EPPICLocal_RU.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00002426 _____ () C:\windows\SysWOW64\EPPICLocal_TC.cfg
2014-08-03 21:51 - 2004-03-03 06:10 - 00001146 _____ () C:\windows\SysWOW64\EPPICPresetData_DU.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001139 _____ () C:\windows\SysWOW64\EPPICPresetData_PT.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001139 _____ () C:\windows\SysWOW64\EPPICPresetData_BP.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001136 _____ () C:\windows\SysWOW64\EPPICPresetData_ES.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001129 _____ () C:\windows\SysWOW64\EPPICPresetData_FR.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001129 _____ () C:\windows\SysWOW64\EPPICPresetData_CF.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001120 _____ () C:\windows\SysWOW64\EPPICPresetData_IT.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001107 _____ () C:\windows\SysWOW64\EPPICPresetData_GE.dat
2014-08-03 21:51 - 2004-03-03 06:10 - 00001104 _____ () C:\windows\SysWOW64\EPPICPresetData_EN.dat
2014-08-03 21:47 - 2011-10-04 16:29 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdralw2k.sys
2014-08-03 21:47 - 2011-10-04 16:29 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdr4_xp.sys
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 12:13 - 2014-08-17 12:11 - 00021620 _____ () C:\Users\Carmen\Desktop\FRST.txt
2014-08-17 12:12 - 2012-03-09 00:10 - 01214227 _____ () C:\windows\WindowsUpdate.log
2014-08-17 12:11 - 2014-08-17 12:11 - 00000000 ____D () C:\FRST
2014-08-17 12:11 - 2012-11-03 12:26 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 12:10 - 2014-08-17 12:09 - 02101760 _____ (Farbar) C:\Users\Carmen\Desktop\FRST64.exe
2014-08-17 12:10 - 2009-07-14 06:45 - 00020992 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 12:10 - 2009-07-14 06:45 - 00020992 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 12:01 - 2014-02-17 19:58 - 00000388 _____ () C:\windows\Tasks\Re-markit Update.job
2014-08-17 12:01 - 2012-11-03 12:26 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 12:00 - 2014-03-06 20:35 - 00001556 _____ () C:\windows\Tasks\media enhance-updater.job
2014-08-17 12:00 - 2014-03-06 20:34 - 00002334 _____ () C:\windows\Tasks\media enhance-firefoxinstaller.job
2014-08-17 12:00 - 2014-03-06 20:34 - 00001510 _____ () C:\windows\Tasks\media enhance-codedownloader.job
2014-08-17 12:00 - 2014-03-06 20:34 - 00001410 _____ () C:\windows\Tasks\media enhance-enabler.job
2014-08-17 12:00 - 2014-03-06 20:33 - 00003102 _____ () C:\windows\Tasks\media enhance-chromeinstaller.job
2014-08-17 12:00 - 2014-02-17 20:21 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 12:00 - 2014-02-17 19:59 - 00001498 _____ () C:\windows\Tasks\Feven Pro-updater.job
2014-08-17 12:00 - 2014-02-17 19:59 - 00001352 _____ () C:\windows\Tasks\Feven Pro-enabler.job
2014-08-17 12:00 - 2014-02-17 19:58 - 00003086 _____ () C:\windows\Tasks\Feven Pro-chromeinstaller.job
2014-08-17 12:00 - 2014-02-17 19:58 - 00002254 _____ () C:\windows\Tasks\Feven Pro-firefoxinstaller.job
2014-08-17 12:00 - 2014-02-17 19:58 - 00001454 _____ () C:\windows\Tasks\Feven Pro-codedownloader.job
2014-08-17 12:00 - 2014-02-17 19:58 - 00000378 _____ () C:\windows\Tasks\Re-markit_wd.job
2014-08-16 13:24 - 2014-08-16 13:24 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 13:24 - 2014-08-16 13:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-16 13:24 - 2012-10-23 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-16 13:24 - 2012-10-23 17:18 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-16 13:19 - 2012-10-29 21:58 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Spotify
2014-08-16 13:17 - 2012-10-23 17:18 - 00000000 ____D () C:\ProgramData\Avira
2014-08-16 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-16 13:09 - 2009-07-14 06:51 - 00101066 _____ () C:\windows\setupact.log
2014-08-13 20:27 - 2014-01-13 19:16 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Mozilla Firefox
2014-08-13 20:19 - 2010-11-21 05:47 - 00495520 _____ () C:\windows\PFRO.log
2014-08-13 18:37 - 2014-03-06 20:33 - 00000000 ____D () C:\Program Files (x86)\media enhance
2014-08-13 18:35 - 2014-08-13 18:35 - 00000000 __SHD () C:\Users\Carmen\AppData\Local\EmieUserList
2014-08-13 18:35 - 2014-08-13 18:35 - 00000000 __SHD () C:\Users\Carmen\AppData\Local\EmieSiteList
2014-08-13 18:32 - 2012-10-23 18:10 - 00000000 ____D () C:\Users\Carmen\Documents\Youcam
2014-08-12 02:54 - 2014-08-11 00:37 - 00000000 ____D () C:\Users\Carmen\Documents\Harry Potter II
2014-08-11 20:34 - 2014-03-06 20:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-11 20:29 - 2012-10-29 21:59 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Spotify
2014-08-11 00:37 - 2013-01-12 16:15 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 00:35 - 2014-08-11 00:35 - 00002243 _____ () C:\Users\Public\Desktop\Harry Potter und die Kammer des Schreckens.lnk
2014-08-11 00:35 - 2014-08-11 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-11 00:32 - 2014-08-11 00:32 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-08-11 00:32 - 2012-03-08 07:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-10 17:58 - 2012-10-31 18:05 - 00000000 ____D () C:\ProgramData\tmp
2014-08-10 17:38 - 2014-06-29 20:21 - 00123004 _____ () C:\Users\Andrea\Desktop\Teeabend Paris.mcf~
2014-08-10 17:38 - 2014-06-29 20:21 - 00123004 _____ () C:\Users\Andrea\Desktop\Teeabend Paris.mcf
2014-08-10 16:44 - 2013-05-14 21:25 - 00000000 ____D () C:\Users\Carmen\AppData\Local\CrashDumps
2014-08-09 21:04 - 2014-08-09 21:04 - 00001391 _____ () C:\Users\Andrea\Desktop\Lumix.lnk
2014-08-09 21:02 - 2014-08-09 21:02 - 00000000 ____D () C:\Program Files\Panasonic
2014-08-09 20:38 - 2012-03-08 23:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-08-09 20:38 - 2012-03-08 23:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-08-09 20:38 - 2009-07-14 07:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-09 20:35 - 2013-05-09 12:47 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-08-09 20:35 - 2013-03-30 18:43 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-08-06 20:23 - 2013-03-17 22:05 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-06 20:23 - 2013-03-17 22:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-06 20:23 - 2009-07-14 06:45 - 00331352 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-06 20:21 - 2014-05-12 20:35 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-06 20:21 - 2012-03-08 23:19 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-06 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-06 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
2014-08-06 20:08 - 2013-03-17 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 19:58 - 2014-08-06 19:58 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Panasonic
2014-08-06 19:58 - 2012-11-01 19:50 - 00075864 _____ () C:\Users\Andrea\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-03 22:01 - 2014-08-03 22:01 - 00000000 ____D () C:\ProgramData\Panasonic
2014-08-03 21:52 - 2014-08-03 21:52 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Panasonic
2014-08-03 21:52 - 2012-10-23 17:08 - 00075864 _____ () C:\Users\Carmen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-03 21:51 - 2014-08-03 21:51 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\InstallShield
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-03 21:43 - 2014-08-03 21:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-08-03 21:43 - 2012-03-08 08:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-23 23:33 - 2014-06-29 20:21 - 00000000 ____D () C:\Users\Andrea\Desktop\Teeabend Paris_mcf-Dateien
2014-07-23 22:03 - 2012-10-31 18:08 - 00000000 ____D () C:\Users\Andrea\AppData\Local\CrashDumps
2014-07-23 21:58 - 2009-07-14 07:08 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-23 10:52 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\avgnt.exe
C:\Users\Andrea\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Andrea\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Andrea\AppData\Local\Temp\SPSetup.exe
C:\Users\Carmen\AppData\Local\Temp\AskSLib.dll
C:\Users\Carmen\AppData\Local\Temp\avgnt.exe
C:\Users\Carmen\AppData\Local\Temp\BackupSetup.exe
C:\Users\Carmen\AppData\Local\Temp\dlLogic.exe
C:\Users\Carmen\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Carmen\AppData\Local\Temp\nseA2AD.exe
C:\Users\Carmen\AppData\Local\Temp\nsjEF9F.exe
C:\Users\Carmen\AppData\Local\Temp\nsjFE40.exe
C:\Users\Carmen\AppData\Local\Temp\nsz93ED.exe
C:\Users\Carmen\AppData\Local\Temp\SPSetup.exe
C:\Users\Carmen\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Carmen\AppData\Local\Temp\_isF872.exe
C:\Users\Carmen\AppData\Local\Temp\_ReMarkit_up.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 20:18
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Carmen at 2014-08-17 12:14:33
Running from C:\Users\Carmen\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3 64-bit (HKLM\...\{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}) (Version: 3.0.2 - Adobe)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
awesomehp Browser newtab extension (HKLM-x32\...\awesomehp Browser newtab extension) (Version: - awesomehp) <==== ATTENTION
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1130a - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3306 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5016 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.5016 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.39.23 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.36 - Samsung)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.4.20130909 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Feven Pro (HKLM-x32\...\Feven Pro) (Version: 1.34.2.13 - Feven) <==== ATTENTION
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lara Croft Tomb Raider: The Angel Of Darkness (HKLM-x32\...\InstallShield_{93656878-FF8B-4935-99BB-F3F260037C57}) (Version: 0.00.0039 - Eidos Interactive)
Lara Croft Tomb Raider: The Angel Of Darkness (x32 Version: 0.00.0039 - Eidos Interactive) Hidden
media enhance (HKLM-x32\...\media enhance) (Version: 1.34.3.2 - feven) <==== ATTENTION
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Display Control Panel (Version: 6.14.12.6883 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.42.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.23 (Version: 1.0.23 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.0.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\0CBE6C26-3AF7-4A9D-98E5-B8354D25C83E) (Version: - Re-markit-software) <==== ATTENTION
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.192 - Client Connect LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.2 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
UFB Code Setup (HKLM-x32\...\UFB Code SetupV2.6) (Version: V2.6 - Macro Technology Ltd.)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
ValueApps (HKCU\...\ValueApps) (Version: 1.4.0.3 - Conduit) <==== ATTENTION
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-06-2014 09:47:21 Geplanter Prüfpunkt
22-06-2014 09:48:16 Windows Update
28-06-2014 17:25:44 Windows Update
29-06-2014 20:06:07 Windows Update
03-08-2014 19:35:28 Installiert PHOTOfunSTUDIO 9.1 PE
03-08-2014 19:56:35 Installiert LUMIX Map Tool
06-08-2014 18:00:46 Windows Update
09-08-2014 18:42:15 Windows Update
09-08-2014 18:51:26 Entfernt
10-08-2014 22:31:43 Installiert Electronic Arts Product Registration
16-08-2014 11:14:57 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04093AFB-3701-42EB-89DA-7FDDF5450112} - System32\Tasks\media enhance-firefoxinstaller => C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe <==== ATTENTION
Task: {076ED729-5DF1-4F1C-AEE2-B3F794662570} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {25E4F9FD-389A-4BC1-875F-A3B6A2FA847F} - System32\Tasks\Feven Pro-updater => C:\Program Files (x86)\Feven Pro\Feven Pro-updater.exe <==== ATTENTION
Task: {28621362-B9D4-47C0-A193-C2847D2F3A74} - System32\Tasks\Feven Pro-codedownloader => C:\Program Files (x86)\Feven Pro\Feven Pro-codedownloader.exe <==== ATTENTION
Task: {2E6BE7F2-C949-49E6-A212-D8157A63971D} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {35046F0C-E5F7-4821-8B34-607E48CBABE8} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {451ADBA4-53E0-468E-BE26-80D7B68BC0F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03] (Google Inc.)
Task: {4865E71C-F15D-43D0-9930-8319F106EFFB} - System32\Tasks\Feven Pro-chromeinstaller => C:\Program Files (x86)\Feven Pro\Feven Pro-chromeinstaller.exe <==== ATTENTION
Task: {53B80CE5-03C7-4FE8-A1E0-EA5A3BA9E79A} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {5485E35B-8143-43C2-874F-8F9BE76BC439} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: {63C6FD6B-CBC2-49B6-9BF0-0B31659BD956} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-01-17] (Samsung)
Task: {74F6C05E-D4C0-4833-BB4F-BC91EC62F045} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {76F864A7-51C4-4AB2-A516-9C4B60B18783} - System32\Tasks\Feven Pro-firefoxinstaller => C:\Program Files (x86)\Feven Pro\Feven Pro-firefoxinstaller.exe <==== ATTENTION
Task: {7A7F4F8F-91A4-4DAA-A077-69529EC64CE0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-17] (Adobe Systems Incorporated)
Task: {83F6E9F5-ED2F-4D3C-9F55-0D615CF54E4F} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {A9E0C444-59BE-4BAF-BE8E-8F6844AC9133} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B011A759-6BCB-496E-8386-05374541B88D} - System32\Tasks\media enhance-updater => C:\Program Files (x86)\media enhance\media enhance-updater.exe <==== ATTENTION
Task: {B077A058-D36B-4C74-8929-BE40D7927E20} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe [2014-05-12] () <==== ATTENTION
Task: {B1E4AC3F-7C95-4733-A76D-FFF30EC8AE11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03] (Google Inc.)
Task: {BBD090E8-527F-476B-B50B-47475A65CD20} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-07-30] (SAMSUNG Electronics)
Task: {C5419F52-74BC-473E-AABA-46B616F582F9} - System32\Tasks\media enhance-codedownloader => C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe <==== ATTENTION
Task: {CEEC263B-3C88-460B-96C9-E901738A2C64} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe [2014-05-12] () <==== ATTENTION
Task: {D65C9AD3-27BB-4B23-BAE7-697FD4657221} - System32\Tasks\media enhance-chromeinstaller => C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe <==== ATTENTION
Task: {D89140BA-A5B1-4FDD-9584-8BE768DCA10C} - System32\Tasks\Feven Pro-enabler => C:\Program Files (x86)\Feven Pro\Feven Pro-enabler.exe <==== ATTENTION
Task: {DFBABA03-A4D5-4929-9B8B-6304767D003D} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {E20D151B-6CD9-47FA-82D3-6EB7472A56BD} - System32\Tasks\media enhance-enabler => C:\Program Files (x86)\media enhance\media enhance-enabler.exe <==== ATTENTION
Task: {F02744B9-B972-450E-B54F-4BC8DBB06B8A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {F07E8F09-E4D6-4E6B-B643-E6ADD739BD70} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\CreateChoiceProcessTask.job => C:\Windows\System32\browserchoice.exe
Task: C:\windows\Tasks\Feven Pro-chromeinstaller.job => C:\Program Files (x86)\Feven Pro\Feven Pro-chromeinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Feven Pro-codedownloader.job => C:\Program Files (x86)\Feven Pro\Feven Pro-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Feven Pro-enabler.job => C:\Program Files (x86)\Feven Pro\Feven Pro-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Feven Pro-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro\Feven Pro-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Feven Pro-updater.job => C:\Program Files (x86)\Feven Pro\Feven Pro-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\media enhance-chromeinstaller.job => C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\media enhance-codedownloader.job => C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\media enhance-enabler.job => C:\Program Files (x86)\media enhance\media enhance-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\media enhance-firefoxinstaller.job => C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\media enhance-updater.job => C:\Program Files (x86)\media enhance\media enhance-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe <==== ATTENTION
Task: C:\windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-03-08 08:45 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-27 05:25 - 2012-02-13 08:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2014-05-12 18:34 - 2014-05-12 18:34 - 00077312 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
2011-07-21 07:51 - 2010-12-16 11:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-05-12 18:34 - 2014-05-12 18:34 - 00142848 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-27 05:25 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2012-03-08 07:51 - 2012-01-16 09:50 - 00755280 _____ () C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
2014-08-16 13:17 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\Carmen\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-07-27 05:25 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-03-08 07:50 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-05-12 18:34 - 2014-05-12 18:34 - 00133120 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-16 16:01 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/16/2014 01:11:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 08:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 07:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 06:37:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7c0
Startzeit: 01cfb7147efb4422
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Berichts-ID: 1997ebed-2308-11e4-b619-e8039ae8d66a
Error: (08/13/2014 06:25:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 08:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 01:29:43 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/11/2014 00:19:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/10/2014 04:44:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SynTPEnh.exe, Version: 15.3.7.0, Zeitstempel: 0x4dcc7ec2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000008a00000013
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0xSynTPEnh.exe0
Pfad der fehlerhaften Anwendung: SynTPEnh.exe1
Pfad des fehlerhaften Moduls: SynTPEnh.exe2
Berichtskennung: SynTPEnh.exe3
Error: (08/09/2014 08:48:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/16/2014 01:10:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/16/2014 01:10:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Error: (08/13/2014 08:21:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/13/2014 08:19:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Error: (08/13/2014 07:15:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/13/2014 07:15:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Error: (08/13/2014 06:31:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (08/13/2014 06:25:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/13/2014 06:25:24 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.39
registriert werden. Der Computer mit IP-Adresse 192.168.1.9 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (08/13/2014 06:24:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Microsoft Office Sessions:
=========================
Error: (08/16/2014 01:11:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 08:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 07:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 06:37:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SoftwareUpdate.exe2.1.3.1277c001cfb7147efb44220C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe1997ebed-2308-11e4-b619-e8039ae8d66a
Error: (08/13/2014 06:25:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 08:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 01:29:43 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Carmen\Downloads\SoftonicDownloader_fuer_photoscape.exe
Error: (08/11/2014 00:19:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/10/2014 04:44:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe15.3.7.04dcc7ec2unknown0.0.0.000000000c00000050000008a0000001384401cfb4022c261b00C:\Program Files\Synaptics\SynTP\SynTPEnh.exeunknownd0d90810-209c-11e4-8bb9-e8039ae8d66a
Error: (08/09/2014 08:48:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 70%
Total physical RAM: 4009.55 MB
Available physical RAM: 1202.07 MB
Total Pagefile: 8017.27 MB
Available Pagefile: 4739.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:177 GB) (Free:50.64 GB) NTFS
Drive d: () (Fixed) (Total:265.39 GB) (Free:257.57 GB) NTFS
Drive e: (HPCOS) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3882832C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.3 GB) - (Type=27)
==================== End Of Log ============================
Schonmal danke |
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 