hey,
danke für deine Antwort!
Hier sind die Logs:
[CODE]FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2014
Ran by Michi (administrator) on MICHI-PC on 22-11-2014 12:40:55
Running from C:\Users\Michi\Desktop
Loaded Profile: Michi (Available profiles: Michi)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
() C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Authentec) C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Flux Software LLC) C:\Users\Michi\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
(AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6263120 2013-10-21] (Sentelic Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor)
HKLM\...\Run: [KeepSafe] => C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe [38728 2011-10-21] (Authentec)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281312 2014-05-19] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2104832 2013-01-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [f.lux] => C:\Users\Michi\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Run: [BihxiCaklu] => regsvr32.exe "C:\ProgramData\BihxiCaklu\BihxiCaklu.dat"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\MountPoints2: {7aeba5f1-64f4-11e4-bf04-0090f5eddb44} - "E:\autorun.exe"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\MountPoints2: {9f95fd4a-4d79-11e3-be85-b4b676c26a40} - "E:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Michi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\Michi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {BC6D10E6-AE59-4cef-83DB-FD4C9BC7B7F2} => C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvns.dll (Authentec)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {93BB455E-3D52-4fba-9733-E5103B30FC12} => C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvns.dll (Authentec)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-203259023-386501227-1076918401-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://startpage.com/
HKU\S-1-5-21-203259023-386501227-1076918401-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-203259023-386501227-1076918401-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEC5E0EA38CCECE01
HKU\S-1-5-21-203259023-386501227-1076918401-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: No Name -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default
FF SearchEngineOrder.1: Google
FF Homepage: ecosia.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-203259023-386501227-1076918401-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-203259023-386501227-1076918401-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\searchplugins\trovi-search.xml
FF Extension: Avira Browser Safety - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\abs@avira.com [2014-06-11]
FF Extension: WOT - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-10]
FF Extension: Reddit Enhancement Suite - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-11-14]
FF Extension: Download Status Bar - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-01-30]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-10-08]
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-04-02]
FF Extension: Greasemonkey - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-03-17]
FF Extension: Adblock Edge - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\mi55ozh8.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-10-23]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-11-10]
Chrome:
=======
CHR Profile: C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-11]
CHR Extension: (YouTube) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-11]
CHR Extension: (Google-Suche) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-11]
CHR Extension: (AdBlock) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-16]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-11-12]
CHR Extension: (Google Wallet) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-11]
CHR Extension: (Google Mail) - C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-11]
CHR HKLM-x32\...\Chrome\Extension: [bkdegagmpemadclljncealhmmkojfoam] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com.crx []
CHR HKLM-x32\...\Chrome\Extension: [oelloajafbopojkjmieelljfkcmdpdhf] - C:\Program Files\AuthenTec TrueSuite\x86\tschrome.crx [2012-08-13]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-10-28] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-10-28] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
R2 FPLService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2125160 2012-08-24] (AuthenTec, Inc)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [187848 2014-06-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-28] ()
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [47104 2013-05-29] () [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27872 2014-05-19] (Samsung Electronics Co., Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-02-11] (Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
S2 HPSLPSVC; C:\Users\Michi\AppData\Local\Temp\7zS62EA\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [25264 2012-12-23] (Insyde Corporation)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [155472 2013-10-21] (Sentelic Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-02-25] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [265952 2014-05-19] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2014-05-19] (Samsung Electronics Co., Ltd.)
R1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 getbus; \??\C:\Users\Michi\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 12:40 - 2014-11-22 12:41 - 00027026 _____ () C:\Users\Michi\Desktop\FRST.txt
2014-11-22 12:40 - 2014-11-22 12:40 - 02118144 _____ (Farbar) C:\Users\Michi\Desktop\FRST64.exe
2014-11-22 12:40 - 2014-11-22 12:40 - 00000000 ____D () C:\FRST
2014-11-22 11:49 - 2014-11-22 11:49 - 00000000 ____D () C:\Users\Michi\Desktop\Avira
2014-11-21 23:44 - 2014-11-21 23:44 - 00002980 _____ () C:\Users\Michi\Documents\MICHI-PC_Michi_2014_11_21.csv
2014-11-20 17:22 - 2014-11-20 17:22 - 00004833 _____ () C:\Users\Michi\Documents\MICHI-PC_Michi_2014_11_20.csv
2014-11-20 17:08 - 2014-11-20 17:08 - 10676051 _____ () C:\Users\Michi\Downloads\formelx_1_0.zip
2014-11-19 22:46 - 2014-11-19 22:46 - 00004532 _____ () C:\Users\Michi\Documents\MICHI-PC_Michi_2014_11_19.csv
2014-11-19 22:46 - 2014-11-19 22:46 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2014-11-19 20:50 - 2014-11-19 21:43 - 00000000 ____D () C:\ProgramData\BihxiCaklu
2014-11-16 18:57 - 2014-11-16 18:57 - 00001549 _____ () C:\Users\Michi\Desktop\CINEMA 4D.lnk
2014-11-16 18:56 - 2014-11-16 18:56 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\MAXON
2014-11-16 18:56 - 2014-11-16 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12
2014-11-16 18:53 - 2014-11-16 18:56 - 00000000 ____D () C:\Program Files (x86)\Cinema 4D R12
2014-11-15 17:21 - 2014-10-22 04:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2014-11-15 17:21 - 2014-10-22 04:33 - 00581016 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-11-15 17:21 - 2014-10-22 04:33 - 00462760 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-11-15 17:21 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-11-15 17:21 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 17:21 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-11-15 17:21 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-11-15 17:20 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 17:20 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-14 19:02 - 2014-07-15 23:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-11-14 18:57 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-14 18:57 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-14 18:54 - 2014-10-11 08:44 - 19764736 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-14 18:54 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-14 18:54 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-11-14 18:54 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-11-14 18:54 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-11-14 18:54 - 2014-09-26 07:30 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-11-14 18:54 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-11-14 18:54 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-11-14 18:54 - 2014-09-18 00:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2014-11-14 18:54 - 2014-09-18 00:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2014-11-14 18:54 - 2014-09-18 00:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2014-11-14 18:54 - 2014-09-18 00:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2014-11-14 18:54 - 2014-09-17 23:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2014-11-14 18:54 - 2014-09-17 23:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2014-11-14 18:54 - 2014-09-17 23:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2014-11-14 18:54 - 2014-09-17 23:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2014-11-13 18:02 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 18:02 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 18:02 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 18:02 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 18:02 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 18:02 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 18:02 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-11-13 18:02 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 18:02 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 18:02 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 18:02 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 18:02 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 18:02 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-11-13 18:02 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 18:02 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 18:02 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 18:02 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 18:02 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 18:02 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 18:02 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 18:02 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 18:02 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 18:02 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 18:02 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 18:02 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 18:02 - 2014-09-06 01:46 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 18:02 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-11-13 18:02 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-11-13 18:02 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 18:02 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-11-13 18:02 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 18:02 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-11-13 18:02 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2014-11-13 18:02 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 18:02 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 18:02 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 18:02 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-11-13 18:02 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2014-11-13 18:02 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-11-13 18:01 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 18:01 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 18:01 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 18:01 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 18:01 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 18:01 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 18:01 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 18:01 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 18:01 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 18:01 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 18:00 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 18:00 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 18:00 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-13 18:00 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-13 18:00 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 18:00 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 18:00 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 18:00 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 18:00 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 18:00 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 18:00 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 18:00 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 18:00 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 18:00 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 18:00 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 18:00 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 18:00 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 18:00 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-11 16:35 - 2014-11-11 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-10 18:32 - 2014-11-10 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 16:31 - 2014-11-09 16:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-09 15:43 - 2014-11-16 19:02 - 00000000 ___RD () C:\Users\Michi\Desktop\Batch Stuff
2014-11-07 17:45 - 2014-11-07 17:45 - 00000000 ____D () C:\Users\Michi\AppData\Local\fabi.me
2014-11-06 22:14 - 2014-11-22 11:27 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\.minecraft
2014-11-06 22:10 - 2014-11-06 22:10 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\java
2014-11-06 18:40 - 2014-11-06 18:43 - 00000026 _____ () C:\Users\Michi\AppData\Local\isoworkshop.ini
2014-11-06 18:33 - 2014-11-06 18:33 - 00000000 ____D () C:\ProgramData\ATI
2014-11-06 18:32 - 2014-11-06 18:32 - 00062044 _____ () C:\Windows\SysWOW64\CCCInstall_201411061832378733.log
2014-11-06 18:32 - 2014-11-06 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-06 18:32 - 2014-11-06 18:32 - 00000000 ____D () C:\Program Files\ATI
2014-11-06 18:32 - 2014-11-06 18:32 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-06 18:31 - 2014-11-06 18:32 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-06 18:29 - 2014-11-06 18:29 - 00054772 _____ () C:\Windows\SysWOW64\CCCInstall_201411061829301408.log
2014-11-06 18:04 - 2014-11-06 18:04 - 00001279 _____ () C:\Users\Michi\Desktop\Landwirtschafts Simulator 15 .lnk
2014-11-06 18:04 - 2014-11-06 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2014-11-06 18:00 - 2014-11-06 19:07 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2014-11-06 17:59 - 2014-11-06 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-11-06 17:59 - 2014-11-06 17:59 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-11-06 17:56 - 2014-11-06 17:56 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-04 18:15 - 2014-11-15 20:04 - 00001088 _____ () C:\Users\Michi\pixinsight-license
2014-11-04 18:14 - 2014-11-04 18:22 - 00000000 ____D () C:\Program Files\PixInsight
2014-11-04 18:14 - 2014-11-04 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PixInsight Platform
2014-11-02 22:40 - 2014-11-02 22:40 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-10-28 19:52 - 2014-10-28 19:52 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepSkyStacker
2014-10-28 19:52 - 2014-10-28 19:52 - 00000000 ____D () C:\Program Files (x86)\DeepSkyStacker
2014-10-28 12:05 - 2014-11-06 18:24 - 00000000 ____D () C:\Program Files (x86)\FITS Liberator
2014-10-28 00:23 - 2014-10-28 00:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 00:23 - 2014-10-28 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-28 00:23 - 2014-10-28 00:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 23:52 - 2014-10-27 23:52 - 00003120 _____ () C:\Windows\SysWOW64\syswgIip.ocx
2014-10-27 23:52 - 2014-10-27 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProDigital Software
2014-10-25 18:03 - 2014-10-25 18:03 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-10-25 18:03 - 2014-10-25 18:03 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-10-24 20:55 - 2014-10-24 20:55 - 00000000 ____D () C:\Users\Michi\LuminanceHDR
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 12:37 - 2013-11-06 19:37 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Skype
2014-11-22 12:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-22 11:52 - 2013-10-22 15:44 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\ClassicShell
2014-11-22 11:26 - 2013-11-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-22 11:22 - 2014-07-17 17:04 - 01482133 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 11:14 - 2013-12-09 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-22 11:10 - 2014-08-17 18:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-22 11:03 - 2014-08-17 19:33 - 00000000 ____D () C:\Users\Michi\AppData\Local\Adobe
2014-11-22 11:02 - 2014-08-17 18:35 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-21 23:20 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-20 16:30 - 2013-10-22 15:50 - 00000000 ___RD () C:\Users\Michi\Desktop\Michi
2014-11-19 22:46 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-11-19 22:46 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-19 22:29 - 2013-12-08 17:44 - 00000000 ____D () C:\Users\Michi\Documents\Outlook-Dateien
2014-11-19 21:48 - 2012-07-26 11:27 - 01903944 _____ () C:\Windows\system32\perfh007.dat
2014-11-19 21:48 - 2012-07-26 11:27 - 00499256 _____ () C:\Windows\system32\perfc007.dat
2014-11-19 21:48 - 2012-07-26 08:28 - 00005430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 21:43 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-19 21:43 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-19 18:45 - 2014-08-20 10:27 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\vlc
2014-11-16 19:15 - 2013-10-21 19:26 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-203259023-386501227-1076918401-1001
2014-11-16 19:00 - 2014-09-26 15:55 - 00000000 ____D () C:\Games
2014-11-16 17:03 - 2014-08-17 18:35 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 17:03 - 2014-08-17 18:35 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 11:45 - 2014-07-20 19:31 - 05113624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 11:45 - 2014-06-15 12:17 - 00000425 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-15 11:45 - 2013-10-16 21:19 - 00000000 ____D () C:\Intel
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-14 19:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-14 19:13 - 2013-10-28 21:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 19:00 - 2013-10-24 18:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 17:51 - 2014-01-02 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 21:17 - 2013-12-09 18:13 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 18:56 - 2014-06-17 16:46 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Notepad++
2014-11-11 16:38 - 2014-08-17 18:35 - 00000000 ____D () C:\Users\Michi\AppData\Local\Google
2014-11-11 16:35 - 2014-08-17 18:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 15:51 - 2014-06-11 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-10 15:51 - 2014-06-11 16:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-10 15:51 - 2013-10-21 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-07 18:06 - 2013-10-21 19:56 - 00000000 ____D () C:\Users\Michi\AppData\Local\FSP
2014-11-06 18:36 - 2014-07-20 17:42 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Raptr
2014-11-06 18:32 - 2014-07-30 09:51 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-11-06 18:32 - 2013-10-21 19:45 - 00000000 ____D () C:\ProgramData\AMD
2014-11-06 18:31 - 2014-01-03 18:47 - 00000000 ____D () C:\AMD
2014-11-06 18:13 - 2013-10-23 19:08 - 00000000 ____D () C:\Users\Michi\Documents\My Games
2014-11-04 18:15 - 2013-10-21 19:20 - 00000000 ____D () C:\Users\Michi
2014-11-04 18:14 - 2014-09-17 19:54 - 00000000 ____D () C:\Users\Michi\AppData\Roaming\Pleiades
2014-11-03 15:54 - 2014-10-18 22:10 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-03 15:54 - 2014-10-18 22:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-02 18:53 - 2013-10-28 21:32 - 00000000 ____D () C:\Users\Michi\AppData\Local\Microsoft Help
2014-10-31 23:26 - 2013-10-24 18:14 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-30 13:09 - 2013-10-21 22:40 - 00007611 _____ () C:\Users\Michi\AppData\Local\Resmon.ResmonCfg
2014-10-30 01:53 - 2012-07-26 09:14 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:53 - 2012-07-26 09:14 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-28 00:23 - 2013-12-09 18:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-27 23:52 - 2014-09-24 14:32 - 00000000 ____D () C:\Users\Michi\AppData\Local\ProDigital
2014-10-27 23:52 - 2014-09-24 14:32 - 00000000 ____D () C:\ProgramData\ProDigitalSoftware
2014-10-27 23:52 - 2014-09-24 14:32 - 00000000 ____D () C:\Program Files\ProDigital Software
2014-10-27 23:52 - 2014-09-24 14:32 - 00000000 ____D () C:\Program Files (x86)\ProDigital Software
2014-10-26 21:10 - 2013-11-07 17:53 - 00000000 ____D () C:\ProgramData\Origin
2014-10-25 17:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-10-24 21:22 - 2014-01-08 13:41 - 00000000 ____D () C:\Users\Michi\AppData\Local\HP
Some content of TEMP:
====================
C:\Users\Michi\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-14 15:25
==================== End Of Log ============================
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2014
Ran by Michi at 2014-11-22 12:41:17
Running from C:\Users\Michi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airplane Mode Hid Installer (HKLM-x32\...\InstallShield_{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 2.0.0.3 - )
Airplane Mode Hid Installer (x32 Version: 2.0.0.3 - ) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
AuthenTec Fingerprint Driver (Version: 1.6.1.0342 - AuthenTec) Hidden
AuthenTec TrueSuite (HKLM\...\{9A4D399F-F790-4326-A9E4-64DF25E0EBE1}) (Version: 5.2.500.16 - AuthenTec, Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Botanicula (HKLM-x32\...\Steam App 207690) (Version: - Amanita Design)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
DeepSkyStacker (HKLM-x32\...\{350E3960-DE20-4FE6-9E6B-26B464AD27FD}) (Version: 3.2.0 - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
f.lux (HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\Flux) (Version: - )
Finger Printer (HKLM-x32\...\InstallShield_{793C03D1-884D-4C11-A7F6-07F3FDF10066}) (Version: 2.01.0000 - )
Finger Printer (x32 Version: 2.01.0000 - ) Hidden
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 9.4.3.7 - Sentelic)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
FUEL (HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\{F51FF206-2273-4B3E-A90A-4752AE288C12}) (Version: 1.00.0000 - Codemasters)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hotkey 8.0124 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 8.0124 - NoteBook)
Hotkey 8.0124 (x32 Version: 8.0124 - NoteBook) Hidden
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.2.0.0 - Insyde Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{31819788-e939-40f7-91f1-4fbf305ed0d7}) (Version: 4.0.6.17 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 4.0.6.17 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1287 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Machinarium (HKLM-x32\...\Steam App 40700) (Version: - Amanita Design)
McPixel (HKLM-x32\...\Steam App 220860) (Version: - Sos)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-e224f151-6dc6-4e19-96f3-c729cd613bc2) (Version: - Epic Games, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
Paragon Backup & Recovery™ 2013 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Photomatix Pro Version 5.0.4 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.4 - HDRsoft Ltd)
PixInsight Core for Windows (HKLM-x32\...\PCL64) (Version: - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Eugen Systems)
RAPID Mode (Version: 1.0.1.68 - Samsung Electronics Co., Ltd.) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27036 - Realtek Semiconductor Corp.)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shelter (HKLM-x32\...\Steam App 244710) (Version: - Might and Delight)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.01 - Creative Technology Limited)
StarSpikes Pro 3 (HKLM\...\{FA363938-8C28-4267-AD49-F9079BD62BA0}) (Version: 3.1.1.0 - ProDigital Software)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.13.0 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.0 - Stellarium team)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - Mike Bithell)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version: - RedLynx, in collaboration with Ubisoft Shanghai, Ubisoft Kiev)
Unity Web Player (HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - Insyde (AirplaneModeHid) HIDClass (12/22/2012 1.2.0.0) (HKLM\...\F7113EB21220F70774B94DB60BA4FE35AE3C8503) (Version: 12/22/2012 1.2.0.0 - Insyde)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-203259023-386501227-1076918401-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
17-11-2014 18:33:42 Geplanter Prüfpunkt
20-11-2014 16:08:48 Formel X wird installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21228D52-2E76-4F31-8C3C-0DF4884B0930} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {305D658C-3530-4420-8EC3-A63360344730} - System32\Tasks\AdobeAAMUpdater-1.0-Michi-PC-Michi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {57AAF9F2-C182-494D-A1AC-4B9C28C4263A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.)
Task: {74634ECF-1479-4C2D-8101-3010BCA9692A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {75B185D5-E5B9-40F6-BD60-EF6C47DDFB64} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7B7B1F60-0F11-423B-92A7-1E4DBEC9B00F} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {C0F375EE-C660-4FC2-8ABE-BCB8ED5B3580} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)
Task: {CF41C119-40DA-496B-899D-4CBF1205E4D7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-31] (Microsoft Corporation)
Task: {E585629A-9493-4E07-B84C-3C8D4F8D5C7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-17] (Google Inc.)
Task: {E9BA0DDC-A447-402D-91FE-5E89ABC2C27A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-19 19:58 - 2014-06-28 09:52 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-05-29 17:51 - 2013-05-29 17:51 - 00047104 _____ () C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-10-21 20:08 - 2013-10-21 20:08 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-24 03:38 - 2012-08-24 03:38 - 04069224 _____ () C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
2013-10-28 17:24 - 2013-01-25 11:08 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2013-10-28 17:24 - 2013-01-25 11:06 - 00328704 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-06-26 15:49 - 2013-06-26 15:49 - 04815360 _____ () C:\Program Files (x86)\Hotkey\Hotkey.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-08-24 03:37 - 2012-08-24 03:37 - 01136488 _____ () C:\Program Files\AuthenTec TrueSuite\DataManager.dll
2012-08-24 03:38 - 2012-08-24 03:38 - 00087400 _____ () C:\Program Files\AuthenTec TrueSuite\ssutil.dll
2013-10-21 20:03 - 2013-02-16 07:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-08-24 03:38 - 2012-08-24 03:38 - 00905064 _____ () C:\Program Files\AuthenTec TrueSuite\x86\DataManager.dll
2014-11-10 18:32 - 2014-11-10 18:32 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-22 12:38 - 2014-11-22 12:38 - 00037888 _____ () C:\Users\Michi\AppData\Local\Temp\WDEB3BA.tmp\ombrowser.lng
2013-11-26 16:40 - 2013-11-26 16:40 - 00333824 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\StartupFolder: => "Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "HP Officejet Pro 8600 (NET)"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "BihxiCaklu"
HKU\S-1-5-21-203259023-386501227-1076918401-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
========================= Accounts: ==========================
Administrator (S-1-5-21-203259023-386501227-1076918401-500 - Administrator - Disabled)
Gast (S-1-5-21-203259023-386501227-1076918401-501 - Limited - Disabled)
Michi (S-1-5-21-203259023-386501227-1076918401-1001 - Administrator - Enabled) => C:\Users\Michi
==================== Faulty Device Manager Devices =============
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/21/2014 11:00:15 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/">.
Error: (11/20/2014 05:09:41 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/">.
Error: (11/20/2014 05:09:37 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/">.
Error: (11/19/2014 10:45:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/">.
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/19/2014 06:47:51 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/">.
Error: (11/19/2014 03:34:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/19/2014 03:34:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (11/19/2014 09:45:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (11/19/2014 07:37:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/19/2014 07:37:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/17/2014 07:54:45 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (11/17/2014 05:00:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (11/17/2014 04:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/17/2014 04:58:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147749126
Error: (11/16/2014 09:47:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 16.11.2014 um 21:43:24 unerwartet heruntergefahren.
Error: (11/16/2014 06:54:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/15/2014 08:00:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (11/21/2014 11:00:15 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/
Error: (11/20/2014 05:09:41 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/
Error: (11/20/2014 05:09:37 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/
Error: (11/19/2014 10:45:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000
Error: (11/19/2014 09:48:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000
Error: (11/19/2014 06:47:51 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-203259023-386501227-1076918401-1001}/
Error: (11/19/2014 03:34:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe
Error: (11/19/2014 03:34:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8111.97 MB
Available physical RAM: 4581.43 MB
Total Pagefile: 9327.97 MB
Available Pagefile: 5502.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:54.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F84E124F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
