Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Win7_Rechner hängt/Internet langsam/ständig Meldung: Plug-in (Shockwave Flash / oder Flash Player) hängt oder reagiert nicht (https://www.trojaner-board.de/160328-win7_rechner-haengt-internet-langsam-staendig-meldung-plug-shockwave-flash-flash-player-haengt-reagiert.html)

schrauber 13.11.2014 17:02
Mysteriös. Ich hab jetzt mit deinem 3 Rechner mit so Stress, ohne das Malware zu sehen wäre.

Bitte nochmal FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logfiles.

Ocir33 13.11.2014 18:20
so alle Browser waren zu
FSRT.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Rico (administrator) on RICO-PC on 13-11-2014 18:01:10
Running from C:\Users\Rico\Downloads
Loaded Profile: Rico (Available profiles: Rico & Onlinegaming_rico)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1702400 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2117632 2014-07-06] (Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [HornetMonitor] => C:\Program Files (x86)\Common Files\Hornet\MntrHrnt.exe [135168 2005-12-12] (Alcor Micro, Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-10-22] (Overwolf LTD)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22059616 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-11-16] (AMD)
Startup: C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x26B14F2E752CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {E50F5235-42F7-4645-A154-1273E9B07D79} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {5F33918C-4091-439E-B1F9-657D6F60E62F} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKCU - {612DD442-8392-467E-99AE-68F0376E1CA9} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKCU - {E50F5235-42F7-4645-A154-1273E9B07D79} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {E7359880-4F31-44D2-B6B6-D806AC158565} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - PROMT - {892E81F6-EC63-4d13-8422-835A7A05D6EB} - C:\Program Files (x86)\PRMT8\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.2

FireFox:
========
FF ProfilePath: C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2666592708-3794203733-3362275663-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Rico\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2666592708-3794203733-3362275663-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rico\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2666592708-3794203733-3362275663-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Video Downloader professional - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\ffext_basicvideoext@startpage24.xpi [2013-06-11]
FF Extension: PlusWinks - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: Session Manager - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-05-28]
FF Extension: ReloadEvery - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-06-21]
FF Extension: ImTranslator - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-06-01]
FF Extension: Adblock Plus - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-14]
FF Extension: Tab Mix Plus - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-05-28]
FF Extension: Greasemonkey - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-25]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-02]
CHR Extension: (Google Docs) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-02]
CHR Extension: (Google Drive) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-02]
CHR Extension: (Session Manager) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-11-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-26]
CHR Extension: (YouTube) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-02]
CHR Extension: (Google-Suche) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-02]
CHR Extension: (Gutscheincode Melder (von shopclever.de)) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\donengfgiigdigljcljplglplekpiomg [2014-10-06]
CHR Extension: (Session Buddy) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-11-09]
CHR Extension: (LoL Stream Browser) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-10-06]
CHR Extension: (Tabs Plus) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\edooipcjkkbjmnogkdcahgmhbniipefp [2014-11-09]
CHR Extension: (Google Tabellen) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-02]
CHR Extension: (Click&Clean) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-10-06]
CHR Extension: (Avast Online Security) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-20]
CHR Extension: (Office Apps) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbcdbdkiaadpbkggggekjcpmgjekkke [2014-10-06]
CHR Extension: (Google Wallet) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10]
CHR Extension: (Mein simyo) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkcaejbkdfalpejkkhpmofacbcnpinj [2014-10-06]
CHR Extension: (Google Mail) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-13] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-10-24] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-24] (Avast Software)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-05-27] (Macrovision Europe Ltd.) [File not signed]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 Lexware_Datenbank_Plus; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2011-06-29] (iAnywhere Solutions, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [997664 2014-10-22] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-06-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-05] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-06-24] (Emsisoft GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-24] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-10-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-24] ()
S3 cam; C:\Windows\System32\Drivers\BisonCam.sys [742312 2007-09-07] (Bison Electronics. Inc. )
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-09-30] (Emsisoft GmbH)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [47104 2007-01-08] (Windows (R) Codename Longhorn DDK provider)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-03] (Malwarebytes Corporation)
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [108624 2013-02-15] (Miray)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22568 2009-02-09] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [16936 2009-02-09] (Silicon Image, Inc.)
R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-24] (Avast Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-07-15] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 14:10 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 14:10 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 14:10 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 14:10 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 14:10 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:10 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 14:10 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 14:10 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:10 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:10 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 14:10 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 14:10 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 14:10 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 14:10 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 14:10 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:10 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 14:10 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 14:10 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 14:10 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:10 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 14:10 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 14:10 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 14:10 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 14:10 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 14:10 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 14:10 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:10 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 14:10 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 14:10 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 14:10 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 14:10 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 14:10 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 14:10 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 14:10 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 14:10 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 14:10 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 14:10 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:10 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 14:10 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 14:10 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:10 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 14:10 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 14:10 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 14:10 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 14:10 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 14:10 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 14:10 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 14:10 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 14:10 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 14:10 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 14:10 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 14:10 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 14:10 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 14:10 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 14:10 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 14:10 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 13:29 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 13:29 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 13:29 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 13:29 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 13:29 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 13:29 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 13:29 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 13:29 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 13:29 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 13:29 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 13:29 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 13:29 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:24 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:24 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 13:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 13:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 13:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 13:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 13:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 13:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 13:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-10 17:28 - 2014-11-10 17:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 16:16 - 2014-11-10 16:17 - 00000000 ___HD () C:\Windows\AxInstSV
2014-11-10 15:58 - 2014-11-13 17:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 15:58 - 2014-11-12 19:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-10 15:58 - 2014-11-12 19:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 15:58 - 2014-11-12 19:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-10 05:13 - 2014-11-10 05:13 - 00093040 _____ () C:\Users\Rico\Documents\cc_20141110_051256.reg
2014-11-09 13:13 - 2014-11-09 13:13 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-09 13:12 - 2014-11-09 13:12 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-09 13:12 - 2014-11-09 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-09 13:11 - 2014-11-09 13:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-09 13:10 - 2014-11-09 13:10 - 04974864 _____ (Piriform Ltd) C:\Users\Rico\Downloads\ccsetup419.exe
2014-11-09 11:24 - 2014-11-09 11:25 - 00000000 ____D () C:\Users\Rico\Desktop\Ortschaftsrat
2014-11-07 10:14 - 2014-11-07 10:14 - 00448512 _____ (OldTimer Tools) C:\Users\Rico\Downloads\TFC (1).exe
2014-11-07 10:13 - 2014-11-07 10:13 - 01156136 _____ (Ruiware) C:\Users\Rico\Downloads\wpsetup.exe
2014-11-07 10:04 - 2014-11-07 10:04 - 05194752 _____ (AVAST Software) C:\Users\Rico\Downloads\aswMBR.exe
2014-11-05 23:36 - 2014-11-13 18:02 - 00025916 _____ () C:\Users\Rico\Downloads\FRST.txt
2014-11-05 23:08 - 2014-11-05 23:13 - 00000036 _____ () C:\Users\Rico\Desktop\Fixlist.txt
2014-11-04 23:08 - 2014-11-04 23:08 - 00854448 _____ () C:\Users\Rico\Downloads\SecurityCheck.exe
2014-11-04 23:03 - 2014-11-04 23:04 - 02347384 _____ (ESET) C:\Users\Rico\Downloads\esetsmartinstaller_deu (1).exe
2014-11-04 08:15 - 2014-11-04 08:24 - 28989136 _____ () C:\Users\Rico\Downloads\Ultra.rar.part
2014-11-04 07:59 - 2014-11-04 07:59 - 00001008 _____ () C:\Users\Rico\Downloads\UltraEdit_v20.00.0.1037-ul366tmdt2k9.dlc
2014-11-04 07:46 - 2014-11-04 07:46 - 01706359 _____ (Thisisu) C:\Users\Rico\Downloads\JRT (1).exe
2014-11-03 23:04 - 2014-11-03 23:04 - 01998336 _____ () C:\Users\Rico\Downloads\AdwCleaner_4.002.exe
2014-11-03 22:59 - 2014-11-03 22:59 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (6).exe
2014-11-03 22:58 - 2014-11-03 22:59 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (5).exe
2014-11-03 22:58 - 2014-11-03 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (4).exe
2014-11-02 19:10 - 2014-11-02 19:10 - 00082786 _____ () C:\ComboFix.txt
2014-11-02 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-02 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-02 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-02 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-02 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-02 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-02 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-02 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-02 15:51 - 2014-11-02 15:51 - 00001146 _____ () C:\Users\Rico\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-11-02 15:48 - 2014-11-02 19:10 - 00000000 ____D () C:\Qoobox
2014-11-02 15:38 - 2014-11-02 15:44 - 05591672 ____R (Swearware) C:\Users\Rico\Downloads\ComboFix.exe
2014-11-02 15:15 - 2014-11-02 15:15 - 00003246 _____ () C:\Windows\System32\Tasks\Process Explorer-Rico-PC-Rico
2014-11-02 14:43 - 2014-11-02 14:43 - 00001204 _____ () C:\mbam.log
2014-11-02 12:52 - 2014-11-02 12:52 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (3).exe
2014-11-02 12:51 - 2014-11-02 12:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-02 12:51 - 2014-11-02 12:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (2).exe
2014-11-02 12:51 - 2014-11-02 12:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Rico\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-11-02 11:38 - 2014-11-02 11:38 - 00380416 _____ () C:\Users\Rico\Downloads\Gmer-19357.exe
2014-11-02 11:34 - 2014-11-02 11:35 - 00050477 _____ () C:\Users\Rico\Downloads\Defogger (2).exe
2014-11-02 11:09 - 2014-11-02 11:09 - 01188194 _____ () C:\Users\Rico\Downloads\ProcessExplorer.zip
2014-11-02 10:55 - 2014-11-02 10:56 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Rico\Downloads\tdsskiller.exe
2014-11-01 00:20 - 2014-11-01 00:20 - 00000197 _____ () C:\Windows\system32\2014-10-31-23-20-58.015-AvastVBoxSVC.exe-5204.log
2014-11-01 00:19 - 2014-11-01 00:19 - 00000197 _____ () C:\Windows\system32\2014-10-31-23-19-02.069-AvastVBoxSVC.exe-1232.log
2014-11-01 00:15 - 2014-11-01 00:15 - 00000197 _____ () C:\Windows\system32\2014-10-31-23-15-02.071-AvastVBoxSVC.exe-404.log
2014-10-31 15:54 - 2014-10-31 15:52 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-31 15:53 - 2014-10-31 15:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 15:53 - 2014-10-31 15:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-31 15:53 - 2014-10-31 15:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-31 15:52 - 2014-10-31 15:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 15:42 - 2014-10-31 15:42 - 00000197 _____ () C:\Windows\system32\2014-10-31-14-42-01.083-AvastVBoxSVC.exe-3656.log
2014-10-29 19:36 - 2014-10-29 19:36 - 00000197 _____ () C:\Windows\system32\2014-10-29-18-36-35.077-AvastVBoxSVC.exe-4080.log
2014-10-29 14:26 - 2014-10-29 14:26 - 00000012 _____ () C:\Users\Rico\Desktop\Travian WW PW.txt
2014-10-29 14:20 - 2014-10-29 14:20 - 00000197 _____ () C:\Windows\system32\2014-10-29-13-20-15.024-AvastVBoxSVC.exe-3080.log
2014-10-28 15:14 - 2014-10-28 15:14 - 00000197 _____ () C:\Windows\system32\2014-10-28-14-14-41.039-AvastVBoxSVC.exe-3696.log
2014-10-26 13:13 - 2014-10-26 13:13 - 00000197 _____ () C:\Windows\system32\2014-10-26-12-13-22.045-AvastVBoxSVC.exe-3928.log
2014-10-25 17:29 - 2014-10-25 17:29 - 00000197 _____ () C:\Windows\system32\2014-10-25-16-29-34.062-AvastVBoxSVC.exe-3268.log
2014-10-25 00:23 - 2014-10-25 00:23 - 00000247 _____ () C:\Windows\system32\2014-10-24-23-23-18.094-aswFe.exe-5012.log
2014-10-25 00:17 - 2014-10-25 00:23 - 00000247 _____ () C:\Windows\system32\2014-10-24-23-17-23.064-aswFe.exe-8700.log
2014-10-25 00:17 - 2014-10-25 00:17 - 00000197 _____ () C:\Windows\system32\2014-10-24-23-17-17.007-AvastVBoxSVC.exe-9676.log
2014-10-25 00:07 - 2014-10-25 00:07 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-10-25 00:07 - 2014-10-25 00:07 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-24 12:28 - 2014-10-24 12:28 - 00001990 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-10-24 12:28 - 2014-10-24 12:28 - 00001930 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-10-24 12:28 - 2014-10-24 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 12:02 - 2014-10-24 12:02 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 12:02 - 2014-10-24 12:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 12:01 - 2014-10-24 12:01 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-10-19 13:54 - 2014-10-19 13:54 - 01535343 _____ () C:\Users\Rico\Downloads\SamyGO-ChanEdit-win32-x86 (1).zip
2014-10-19 10:23 - 2014-10-19 10:26 - 01976320 _____ () C:\Users\Rico\Downloads\adwcleaner_4.000.exe
2014-10-18 17:13 - 2006-08-20 16:59 - 00016384 _____ () C:\Users\Rico\Downloads\DreamBoxEdit Export Bouquets_2.xls
2014-10-18 17:13 - 2006-08-20 16:57 - 00148992 _____ () C:\Users\Rico\Downloads\DreamBoxEdit Export Bouquets_1.xls
2014-10-18 17:12 - 2014-10-18 17:12 - 00031728 _____ () C:\Users\Rico\Downloads\bouquet_listen.zip
2014-10-18 17:08 - 2014-10-18 17:08 - 04469248 _____ () C:\Windows\SysWOW64\libmysql.dll
2014-10-18 17:03 - 2014-11-02 16:29 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-18 17:01 - 2014-10-18 17:01 - 05344984 _____ (Dll-Files.com ) C:\Users\Rico\Downloads\dffsetup-libmysql.exe
2014-10-18 16:59 - 2014-10-18 16:59 - 01911319 _____ () C:\Users\Rico\Downloads\SettingsMaker2.6 (2).zip
2014-10-18 16:53 - 2014-10-18 16:54 - 01910850 _____ () C:\Users\Rico\Downloads\SettingsMaker2.6 (1).zip
2014-10-18 16:46 - 2014-10-18 16:56 - 00045008 _____ () C:\Users\Rico\Downloads\SettingsMaker_2_6 (1).zip
2014-10-18 16:44 - 2014-10-18 16:45 - 00037530 _____ () C:\Users\Rico\Downloads\SettingsMaker_2_6.zip
2014-10-18 16:41 - 2014-10-18 16:41 - 01910372 _____ () C:\Users\Rico\Downloads\SettingsMaker2.6.zip
2014-10-18 16:02 - 2014-10-18 16:02 - 00000000 ____D () C:\Users\Rico\AppData\Local\by_ZebraDem
2014-10-18 15:57 - 2014-10-18 15:57 - 00183164 _____ () C:\Users\Rico\Downloads\picon erstellen faq (4).rar
2014-10-18 15:57 - 2014-10-18 15:57 - 00183164 _____ () C:\Users\Rico\Downloads\picon erstellen faq (3).rar
2014-10-18 15:57 - 2014-10-18 15:57 - 00183164 _____ () C:\Users\Rico\Downloads\picon erstellen faq (2).rar
2014-10-18 15:57 - 2014-10-18 15:57 - 00183164 _____ () C:\Users\Rico\Downloads\picon erstellen faq (1).rar
2014-10-18 15:56 - 2014-10-18 15:56 - 00000706 _____ () C:\Users\Rico\Downloads\create_picon_links.py.zip
2014-10-18 15:54 - 2014-10-18 15:54 - 00183164 _____ () C:\Users\Rico\Downloads\picon erstellen faq.rar
2014-10-18 15:00 - 2014-10-18 15:01 - 04413587 _____ () C:\Users\Rico\Downloads\dreamboxEDIT_setup_6.0.1.1.zip
2014-10-18 14:21 - 2014-10-18 14:21 - 00320605 _____ () C:\Users\Rico\Downloads\Senderliste.xlsx
2014-10-18 14:20 - 2014-10-18 14:20 - 00047104 _____ () C:\Users\Rico\Downloads\senderlist-horizon-mediabox-digicard-dch.xls
2014-10-18 14:11 - 2014-10-31 15:53 - 00000000 ____D () C:\Program Files (x86)\teXXas
2014-10-18 13:46 - 2014-10-18 13:46 - 02633568 _____ () C:\Users\Rico\Downloads\setup_texxas.exe
2014-10-15 16:23 - 2014-10-15 16:23 - 00790240 _____ (Shark Labs) C:\Users\Rico\Downloads\CFSetup360 (3).exe
2014-10-15 03:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 03:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 03:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 03:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 03:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 03:08 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 03:08 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 03:08 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 03:08 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 03:08 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 03:08 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 03:08 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 03:08 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 03:08 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 03:08 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 03:08 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 03:08 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 03:08 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 03:08 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 03:08 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 03:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 03:08 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 03:08 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 03:08 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 03:08 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 03:08 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 03:08 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 03:08 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 03:08 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 03:08 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 03:08 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 03:08 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 03:08 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 03:08 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 03:08 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 03:08 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 03:08 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 03:07 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 03:07 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 03:07 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 03:07 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 03:07 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 03:07 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 03:05 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 03:05 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 03:05 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 03:05 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 03:05 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 03:05 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 03:05 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 03:05 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 03:05 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 03:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 03:04 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 18:03 - 2013-05-25 09:13 - 00000000 ____D () C:\Users\Rico\AppData\Roaming\Skype
2014-11-13 18:01 - 2014-02-01 20:59 - 00000000 ____D () C:\FRST
2014-11-13 18:01 - 2014-02-01 20:13 - 02116096 _____ (Farbar) C:\Users\Rico\Downloads\FRST64.exe
2014-11-13 18:01 - 2014-01-10 20:35 - 00000000 ____D () C:\Users\Rico\Downloads\FRST-OlderVersion
2014-11-13 17:37 - 2013-04-01 11:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 17:26 - 2014-05-18 10:21 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001UA.job
2014-11-13 14:38 - 2013-03-29 13:49 - 01230805 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 11:26 - 2014-05-18 10:21 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001Core.job
2014-11-13 04:30 - 2009-07-14 05:45 - 00042256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 04:30 - 2009-07-14 05:45 - 00042256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 03:56 - 2010-11-21 07:50 - 00703214 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 03:56 - 2010-11-21 07:50 - 00150822 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 03:56 - 2009-07-14 06:13 - 01629372 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 03:52 - 2013-12-15 10:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-13 03:51 - 2014-10-09 08:06 - 00142672 _____ () C:\Users\Rico\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 03:50 - 2013-04-01 11:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 03:49 - 2014-10-09 08:01 - 00485888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 03:49 - 2014-10-09 08:01 - 00001848 _____ () C:\Windows\setupact.log
2014-11-13 03:49 - 2013-09-05 10:05 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-13 03:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 03:48 - 2013-05-26 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-13 03:46 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:27 - 2013-05-27 10:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:18 - 2013-07-25 15:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:09 - 2013-05-24 13:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 15:43 - 2013-11-02 13:12 - 00000000 ____D () C:\Users\Rico\AppData\Local\Overwolf
2014-11-11 15:42 - 2013-12-20 10:10 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-11-11 15:39 - 2014-10-09 08:01 - 00020406 _____ () C:\Windows\PFRO.log
2014-11-10 16:15 - 2014-07-19 13:29 - 00000000 ____D () C:\Users\Rico\AppData\Local\Adobe
2014-11-09 13:45 - 2013-05-25 11:38 - 00000000 ____D () C:\Users\Rico\AppData\Local\Downloaded Installations
2014-11-09 13:45 - 2013-05-25 09:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-09 13:42 - 2014-03-07 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMbot
2014-11-09 13:42 - 2013-07-30 16:59 - 00000000 ____D () C:\Program Files (x86)\TMbot
2014-11-09 13:18 - 2014-02-07 13:08 - 00000000 ____D () C:\Users\Rico\AppData\Local\CrashDumps
2014-11-04 09:15 - 2014-02-02 12:00 - 00055071 _____ () C:\Users\Rico\Downloads\Addition.txt
2014-11-04 08:09 - 2013-06-04 21:39 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-04 07:50 - 2014-01-29 13:22 - 00000000 ____D () C:\AdwCleaner
2014-11-04 07:49 - 2013-06-05 09:09 - 00000000 ____D () C:\Users\Rico\AppData\Roaming\NetSpeedMonitor
2014-11-03 23:01 - 2014-06-25 11:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 19:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-02 19:01 - 2014-06-25 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-02 18:57 - 2013-10-13 18:58 - 00000000 ____D () C:\Windows\erdnt
2014-11-02 12:53 - 2014-06-25 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-02 12:53 - 2013-05-27 17:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-02 12:38 - 2014-04-28 19:12 - 03097088 ___SH () C:\Users\Rico\Thumbs.db
2014-11-02 12:38 - 2013-11-25 18:36 - 00031232 ___SH () C:\Users\Rico\AppData\Thumbs.db
2014-11-02 12:31 - 2014-02-06 12:23 - 00000470 _____ () C:\Users\Rico\Downloads\defogger_disable.log
2014-11-01 00:13 - 2013-05-25 17:38 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-01 00:13 - 2013-05-25 17:38 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-31 15:59 - 2013-03-29 13:50 - 00000000 ____D () C:\Users\Rico
2014-10-31 15:54 - 2013-12-16 21:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 17:28 - 2014-06-03 15:19 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1383508106
2014-10-30 17:28 - 2013-11-03 20:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-29 19:43 - 2013-11-02 13:13 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-10-29 03:44 - 2013-04-01 11:15 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-25 02:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-24 12:02 - 2014-04-26 08:58 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 12:02 - 2013-12-28 10:23 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-10-24 12:02 - 2013-05-25 17:38 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-24 12:02 - 2013-05-25 17:38 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 12:02 - 2013-05-25 17:38 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-24 12:02 - 2013-05-25 17:38 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 12:01 - 2013-05-25 17:38 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-10-20 11:29 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-19 13:56 - 2013-07-08 21:53 - 00000000 ____D () C:\Users\Rico\Desktop\Bilder EOS
2014-10-18 22:32 - 2013-04-01 11:14 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 22:32 - 2013-04-01 11:14 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 15:01 - 2014-07-19 14:34 - 00001953 _____ () C:\Users\Rico\Desktop\dreamboxEDIT.lnk
2014-10-16 16:38 - 2013-05-25 09:12 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 16:32 - 2014-09-17 20:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 02:52 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 02:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 02:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 16:24 - 2014-01-26 14:09 - 00001905 _____ () C:\Users\Rico\Desktop\Clownfish.lnk
2014-10-15 16:24 - 2014-01-26 14:09 - 00000000 ____D () C:\Program Files (x86)\Clownfish

Some content of TEMP:
====================
C:\Users\Rico\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Rico\AppData\Local\Temp\sfareca00001.dll
C:\Users\Rico\AppData\Local\Temp\xuninst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-06 10:35

==================== End Of Log ============================
--- --- ---


ADDItion.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Rico at 2014-11-13 18:03:15
Running from C:\Users\Rico\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@promt Personal 8 German Giant (HKLM-x32\...\{949D3E05-3534-48A1-BFD2-1ECD4AD65D00}) (Version: 8.0.00030 - PROMT Ltd.)
1&1 EasyLogin (HKLM-x32\...\1&1 EasyLogin) (Version:  - )
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Avast Internet Security (HKLM-x32\...\avast) (Version: 10.0.2206 - AVAST Software)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CardRecovery version CardRecovery 6.10.1210 by zErO (HKLM-x32\...\CardRecovery_is1) (Version: CardRecovery 6.10.1210 by zErO - )
CAS Studio 9.8.2 (HKLM-x32\...\{529D5BB0-CE00-40C8-86E0-2546335CC0D4}) (Version: 9.8.2 - Duolabs)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 31.0.1.0 - 8pecxstudios)
diclovit's mod pack 9.3.2 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.3.2 - diclovit)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version:  - )
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version:  - )
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DYMO Label Software (HKLM-x32\...\DYMO Label Software) (Version:  - )
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.0.1751 - Sanford, L.P.)
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.0 - Emsisoft GmbH)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HDClone 4.2 Enterprise Edition (HKLM-x32\...\HDClone.Enterprise.4.2.4.1033-{7E3FDA3C-F605-4EF6-B069-1DEBB67FA96B}) (Version: 4.2 - Miray Software AG)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HydraVision (x32 Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
HyperTerminal Private Edition v7.0 (HKLM-x32\...\HTPE3) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
ITECIR Driver (HKLM-x32\...\{FCED9B62-34FF-4C15-8A23-F65221F7874D}) (Version: 1.00.000 - ITE)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KeePass Password Safe 2.27 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.27 - Dominik Reichl)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
L&H TTS3000 Español (HKLM-x32\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Français (HKLM-x32\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Lexware buchhalter 2013 (HKLM-x32\...\{6AB4E5CD-0062-48E8-96A3-E5B4486DFCB3}) (Version: 18.04.00.0021 - Haufe-Lexware GmbH Co.KG)
Lexware Datenbank plus 2012 (HKLM-x32\...\{448DA1AD-D1CA-4967-8EFA-9482F31E7BFD}) (Version: 12.00.00.0116 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{9F6BFB0F-6B1F-4D1A-A9DA-42F6794C9188}) (Version: 13.00.00.0027 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{6B54B1AE-EBCA-48BE-92AF-61D02118F093}) (Version: 14.00.00.0076 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2012 (HKLM-x32\...\{BE672587-331F-42F7-BC38-D59759311C75}) (Version: 12.01.00.0137 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2012 (x32 Version: 12.01.00.0137 - ) Hidden
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maxiboot Installer V1.5 (HKLM-x32\...\Maxiboot Installer_is1) (Version:  - ©  2011 Black_64)
MEDION GoPal Assistant (HKLM-x32\...\{59E410C0-A532-4496-B14B-B88B2F731A1B}) (Version: 6.2.7.12196 - MEDION)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLanViewer version 4.17.0 (HKLM-x32\...\{2D933C82-63E9-4640-A1EF-08E38F0CF4C2}_is1) (Version: 4.17.0 - S.K. Software)
Nero 11 (HKLM-x32\...\{FC18AB8F-9BA3-423B-91F2-622990F57978}) (Version: 11.2.01000 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NetObjects Fusion 12.0 (HKLM-x32\...\{95558D2D-69EC-485F-A0A6-D17FEC180CF3}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5041 - NetObjects) Hidden
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.81.34.0 - Overwolf Ltd.)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
POIbase 1.066 (HKLM-x32\...\POIbase_is1) (Version:  - POIbase)
Project IGI (HKLM-x32\...\Project IGI) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickSteuer 2012 (HKLM-x32\...\{39AF5C9F-9673-438F-BBF9-47690B989F7F}) (Version: 18.09.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Deluxe 2013 (HKLM-x32\...\{A733DC44-DC71-447D-AD6C-33B9AB537828}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG)
RealPlayer Basic (HKLM-x32\...\RealPlayer 6.0) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version:  - Samsung Electronics CO.,LTD)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SetEditHD100 (remove only) (HKLM-x32\...\SetEditHD100) (Version:  - )
SetIP (HKLM-x32\...\SetIP) (Version: 1.04.01.00 - Samsung Electronics Co., Ltd.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version:  - City Interactive)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{4EE2A4CB-47B0-4412-808C-D556E3940598}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Travian Crop Tool 2.0.5.76 (HKLM-x32\...\{1DECF77D-5822-4A51-978E-812EAF6B4F54}_is1) (Version: 2.0.5.76 - Legionar)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulead COOL 360 1.0 (HKLM-x32\...\{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}) (Version:  - )
Ulead Photo Explorer 8.0 SE Basic (HKLM-x32\...\{D271DAE0-8D68-4C97-8356-A126D48A1D8C}) (Version: 8.0 - Ulead Systems, Inc.)
Ulead VideoStudio 7 SE VCD (HKLM-x32\...\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}) (Version: 7.0 - Ulead Systems, Inc.)
Unity Web Player (HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
USB to Serial Bridge Controller (HKLM-x32\...\InstallShield_{B39C475A-77A7-446D-B423-8051E976D910}) (Version: 1.30.232.01 - Alcor Micro)
USB to Serial Bridge Controller (x32 Version: 1.30.232.01 - Alcor Micro) Hidden
USB2.0 1.3M WebCam (HKLM-x32\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.32.00.004b - Bisont Electrocnics. Inc.)
VCDS AIB 11.11 (HKLM-x32\...\VCDS AIB) (Version: AIB 11.11 - Auto-Intern GmbH)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Auto-Intern USB-Treiber (03/30/2010 2.06.02) (HKLM\...\42B17F23052FF114E91E57E2287CCEEDF216888D) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - Auto-Intern Virtueller COM-Port-Treiber (03/30/2010 2.06.02) (HKLM\...\5EFB68C2F0CD0DB3442B0733C6FAB545A71A88FF) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - ITE Tech.Inc. (itecir) HIDClass  (01/05/2007 5.0.0003.2) (HKLM\...\2ADF4484850200A062B66ED19240994480D85943) (Version: 01/05/2007 5.0.0003.2 - ITE Tech.Inc.)
Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
WSCC 2.2.1.7 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2666592708-3794203733-3362275663-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2666592708-3794203733-3362275663-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2666592708-3794203733-3362275663-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2666592708-3794203733-3362275663-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2666592708-3794203733-3362275663-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rico\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

16-10-2014 01:01:04 Windows Update
17-10-2014 01:00:21 Windows Update
18-10-2014 16:45:35 DLL-Files Fixer Sa, Okt 18, 14  18:45
24-10-2014 10:53:00 avast! antivirus system restore point
24-10-2014 11:17:02 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
31-10-2014 14:50:38 Installed Java 7 Update 71
02-11-2014 15:06:42 ComboFix created restore point
03-11-2014 22:02:39 Removed NetSpeedMonitor 2.5.4.0 x64
09-11-2014 12:29:30 Entfernt Architekt Pro
09-11-2014 12:38:33 Removed Futuremark SystemInfo
09-11-2014 12:39:32 Removed MEDION GoPal Assistant
09-11-2014 12:43:04 Entfernt UltraEdit
13-11-2014 02:01:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-02 19:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04868AE0-374C-4636-A8E8-F23A866CDC0C} - System32\Tasks\Process Explorer-Rico-PC-Rico => C:\USERS\RICO\APPDATA\LOCAL\TEMP\7ZOAF7D.TMP\PROCEXP.EXE <==== ATTENTION
Task: {0F4A6AA7-53C3-4A47-9660-26FEA7D057C7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-10-22] (Overwolf LTD)
Task: {1120B75B-EFF9-4D71-BCDC-9703689725B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {287A21D2-E245-46F2-829B-070551D4E84A} - System32\Tasks\{238020B7-8628-4DD3-9D4C-2FC644FDF08B} => C:\Users\Rico\Desktop\FRST64.exe
Task: {3330ACB4-454B-4CC7-A908-2AF9FEDEADCF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {37F3EA00-583F-41D4-9146-BE54D29A5F77} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001UA => C:\Users\Rico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-18] (Facebook Inc.)
Task: {4E3E5E74-26F6-4497-8E02-9FBCD8981D4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {51DD5898-374E-4AF6-A08B-711DF4AC0473} - \{3A02C3D3-2196-4AEC-BE19-AB2CFFF6A68D} No Task File <==== ATTENTION
Task: {590F3C32-5034-4129-9CF4-FBFD803A48BF} - \{27E704F5-BC7B-4ACF-A63F-267D2D985AA3} No Task File <==== ATTENTION
Task: {AF057A25-4F01-425E-AC49-56F9AB4873B6} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {B617ED64-88AB-4086-AAFD-D7DCF9277604} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B7A243BD-DF20-4FBC-B280-50E36E3FCA8D} - System32\Tasks\{6AC5917C-228C-4083-BA2D-332B3732D3BB} => C:\Users\Rico\Desktop\FRST64.exe
Task: {CAAD8825-1FDE-4C47-9117-167340A09C2A} - System32\Tasks\{A8394677-5AFE-4C5C-B836-5394967EC466} => C:\Users\Rico\Desktop\FRST64.exe
Task: {D8E03490-A9D3-4317-ADCA-B88979C6E20A} - \BrowserSafeguard No Task File <==== ATTENTION
Task: {EF008221-47FD-4A72-A705-FBFE76D41D7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-24] (AVAST Software)
Task: {F7E81B58-1A0E-489B-BD02-5339A08935AA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001Core => C:\Users\Rico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-18] (Facebook Inc.)
Task: {FA0B958A-DFFD-4AF4-9BF4-9576468408A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {FCDAA3A4-D7E8-4297-A425-254B01AD9B59} - System32\Tasks\Opera scheduled Autoupdate 1383508106 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001Core.job => C:\Users\Rico\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2666592708-3794203733-3362275663-1001UA.job => C:\Users\Rico\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-09-09 10:22 - 2008-09-09 10:22 - 00022016 _____ () C:\Windows\System32\sst1cl6.dll
2014-06-28 03:02 - 2013-06-06 07:24 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2011-01-10 13:49 - 2011-01-10 13:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2014-07-25 20:32 - 2014-07-25 20:32 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-24 11:30 - 2014-09-29 18:50 - 00775400 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2014-03-18 20:06 - 2014-03-18 12:03 - 02188800 _____ () C:\Program Files\AVAST Software\Avast\defs\14031801\algo.dll
2014-10-24 12:02 - 2014-10-24 12:02 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-11 19:50 - 2014-06-11 19:50 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 19:50 - 2014-06-11 19:50 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 19:50 - 2014-06-11 19:50 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TManager.lnk => C:\Windows\pss\TManager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Rico^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopNews.exe.lnk => C:\Windows\pss\DesktopNews.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Rico^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GoPalAssistant => C:\Program Files (x86)\MEDION GoPal Assistant\Assistant_Starter.exe /activesyncoff
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: Personal ID => C:\COOLSP~1\PERSON~1\PID.EXE
MSCONFIG\startupreg: RealTray => C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Ulead AutoDetector => C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2666592708-3794203733-3362275663-500 - Administrator - Disabled)
Arbeiten Steuern (S-1-5-21-2666592708-3794203733-3362275663-1092 - Limited - Enabled)
Gast (S-1-5-21-2666592708-3794203733-3362275663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2666592708-3794203733-3362275663-1002 - Limited - Enabled)
Onlinegaming_rico (S-1-5-21-2666592708-3794203733-3362275663-1091 - Limited - Enabled) => C:\Users\Onlinegaming_rico.Rico-PC
Rico (S-1-5-21-2666592708-3794203733-3362275663-1001 - Administrator - Enabled) => C:\Users\Rico

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 06:00:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 38.0.2125.111 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1294

Startzeit: 01cffeecb1f795ec

Endzeit: 299

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID:

Error: (11/13/2014 07:37:50 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=B7118E5972744D92BE3B17E23B57956A;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\47dfc307-03ac-432c-8a9c-5a20f01e9113.dmp

Error: (11/13/2014 03:49:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:10:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 33.1.0.5423 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2120

Startzeit: 01cffe98910711af

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (11/12/2014 05:49:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:49:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2014 03:48:48 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (11/11/2014 03:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2014 03:40:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2014 03:40:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/13/2014 04:43:25 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 04:43:25 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (11/13/2014 04:43:24 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 04:43:23 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 04:43:22 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 04:43:21 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 04:42:51 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/13/2014 03:49:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (11/11/2014 04:22:31 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (11/11/2014 04:22:31 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.


Microsoft Office Sessions:
=========================
Error: (11/13/2014 06:00:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe38.0.2125.111129401cffeecb1f795ec299C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (11/13/2014 07:37:50 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=B7118E5972744D92BE3B17E23B57956A;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\47dfc307-03ac-432c-8a9c-5a20f01e9113.dmp

Error: (11/13/2014 03:49:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/12/2014 09:10:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.0.5423212001cffe98910711af0C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Error: (11/12/2014 05:49:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rico\Downloads\esetsmartinstaller_enu.exe

Error: (11/12/2014 05:49:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rico\Downloads\esetsmartinstaller_enu.exe

Error: (11/11/2014 03:48:48 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (11/11/2014 03:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2014 03:40:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rico\Downloads\esetsmartinstaller_enu.exe

Error: (11/11/2014 03:40:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rico\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 18:49:41.034
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 18:49:40.978
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-23 14:12:40.225
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-23 14:12:40.161
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rico\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-23 14:12:40.003
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-23 14:12:39.939
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-22 16:56:09.330
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cbfx\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-22 16:56:09.270
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cbfx\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-14 23:02:59.379
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-14 23:02:59.318
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 4094.43 MB
Available physical RAM: 2884.93 MB
Total Pagefile: 10230.51 MB
Available Pagefile: 7617.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:43.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FEE78907)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A80DC1EB)

==================== End Of Log ============================

schrauber 14.11.2014 18:10
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Task: {04868AE0-374C-4636-A8E8-F23A866CDC0C} - System32\Tasks\Process Explorer-Rico-PC-Rico => C:\USERS\RICO\APPDATA\LOCAL\TEMP\7ZOAF7D.TMP\PROCEXP.EXE <==== ATTENTION

Task: {51DD5898-374E-4AF6-A08B-711DF4AC0473} - \{3A02C3D3-2196-4AEC-BE19-AB2CFFF6A68D} No Task File <==== ATTENTION

Task: {590F3C32-5034-4129-9CF4-FBFD803A48BF} - \{27E704F5-BC7B-4ACF-A63F-267D2D985AA3} No Task File <==== ATTENTION

Task: {AF057A25-4F01-425E-AC49-56F9AB4873B6} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION

Task: {D8E03490-A9D3-4317-ADCA-B88979C6E20A} - \BrowserSafeguard No Task File <==== ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Nächster Test wäre neues Profil in FF anlegen und testen, und ein Clean Boot und dann testen.

Wenn das alles nichts hilft muss ich passen.

Ocir33 14.11.2014 20:55
so das neue fixlog
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-11-2014 02
Ran by Rico at 2014-11-14 20:00:20 Run:2
Running from C:\Users\Rico\Desktop
Loaded Profile: Rico (Available profiles: Rico & Onlinegaming_rico)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Task: {04868AE0-374C-4636-A8E8-F23A866CDC0C} - System32\Tasks\Process Explorer-Rico-PC-Rico => C:\USERS\RICO\APPDATA\LOCAL\TEMP\7ZOAF7D.TMP\PROCEXP.EXE <==== ATTENTION

Task: {51DD5898-374E-4AF6-A08B-711DF4AC0473} - \{3A02C3D3-2196-4AEC-BE19-AB2CFFF6A68D} No Task File <==== ATTENTION

Task: {590F3C32-5034-4129-9CF4-FBFD803A48BF} - \{27E704F5-BC7B-4ACF-A63F-267D2D985AA3} No Task File <==== ATTENTION

Task: {AF057A25-4F01-425E-AC49-56F9AB4873B6} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION

Task: {D8E03490-A9D3-4317-ADCA-B88979C6E20A} - \BrowserSafeguard No Task File <==== ATTENTION
       
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04868AE0-374C-4636-A8E8-F23A866CDC0C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04868AE0-374C-4636-A8E8-F23A866CDC0C}" => Key deleted successfully.
C:\Windows\System32\Tasks\Process Explorer-Rico-PC-Rico => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Process Explorer-Rico-PC-Rico" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51DD5898-374E-4AF6-A08B-711DF4AC0473}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51DD5898-374E-4AF6-A08B-711DF4AC0473}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A02C3D3-2196-4AEC-BE19-AB2CFFF6A68D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{590F3C32-5034-4129-9CF4-FBFD803A48BF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{590F3C32-5034-4129-9CF4-FBFD803A48BF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{27E704F5-BC7B-4ACF-A63F-267D2D985AA3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF057A25-4F01-425E-AC49-56F9AB4873B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF057A25-4F01-425E-AC49-56F9AB4873B6}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8E03490-A9D3-4317-ADCA-B88979C6E20A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8E03490-A9D3-4317-ADCA-B88979C6E20A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard" => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

schrauber 15.11.2014 20:04
Noch Probleme? Wenn ja obige Schritte mit dem neuen Profil machen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:23 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131