Hallo Leute,

ich habe hier einen Rechner unserer Nachbarn, der komplett mit Maleware verseucht ist.
Leider waren meine Versuche alle erfolglos, da die Reihenfolge wohl nicht richtig war.
Virenscan mit ct Desinfect Ubuntu
Versuche mit
- Adaware
- eset

Ein paar wurden entfernt, sind aber nach einem Neustart wieder vorhanden!
Addition.txt

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014
Ran by WinUser at 2014-03-10 06:49:38
Running from C:\Users\WinUser\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
crimsolite (HKLM\...\crimsolite) (Version: 2014.02.13.012613 - crimsolite) <==== ATTENTION
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0814 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0814 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Feven Pro (HKLM-x32\...\Feven Pro) (Version: 1.34.2.13 - Feven) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
MediaPlayerEnhance (HKLM-x32\...\MediaPlayerEnhance) (Version: 1.34.2.13 - Feven) <==== ATTENTION
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
NewPlayer (HKLM-x32\...\NewPlayer) (Version: v2.1.1.0 - TUGUU SL) <==== ATTENTION
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\ca687a17-862c-4dd2-975f-e7eb5357b557) (Version:  - Re-markit Software) <==== ATTENTION
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

20-02-2014 21:44:09 Windows Update
02-03-2014 17:31:46 Geplanter Prüfpunkt
07-03-2014 20:33:17 Windows Modules Installer

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2B772E14-661E-412B-9856-4ADF31DB66AB} - \EPUpdater No Task File
Task: {2BE4E8E6-C4FE-48B4-9CF2-208C98EB12E5} - \Feven Pro-chromeinstaller No Task File
Task: {36457A9D-9B7D-44CC-8CAA-E302E05FA9B9} - \Feven Pro-enabler No Task File
Task: {36BA8A4F-0835-4334-B53A-8BBC33338B9A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {396E2700-D02D-417D-8720-BFF9D35D08DB} - \MediaPlayerEnhance-firefoxinstaller No Task File
Task: {3F66A1DD-F95F-40F0-BD09-FBD5AEBA45AC} - \Feven Pro-codedownloader No Task File
Task: {4DEACA03-F6FF-46B1-B064-15E1156ACFDF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {4E26514D-71E5-45B1-8791-5ED22A4EE83D} - \SpeedUpMyPC Maintenance No Task File
Task: {5CA5EC96-3115-4EE4-9483-5084C31A3F4B} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: {734EC3BA-8C50-4138-AC94-3A9C876C2F35} - \RegClean Pro_DEFAULT No Task File
Task: {88E73CFE-368C-4B4B-ADED-1B473EE23FF6} - \RegClean Pro_UPDATES No Task File
Task: {96980CC3-C88D-4390-A104-6583FC6568DF} - \MediaPlayerEnhance-updater No Task File
Task: {A5EB88BE-E1B1-411D-BD96-0FBF5F7CC683} - \RegClean Pro No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B384DC4C-E47F-4F7C-84FC-D171D621D0DE} - \Feven Pro-firefoxinstaller No Task File
Task: {C3BB2530-8E89-475A-AE35-E82E42B35490} - \MediaPlayerEnhance-enabler No Task File
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CDCE31DA-3543-4B34-8A91-EF946BB1BD72} - \Re-markit Update No Task File
Task: {D0AA2CC3-7025-41D2-A046-6879A4B6373F} - \Scheduled Update for Ask Toolbar No Task File
Task: {D86130E3-3DD0-4FCD-B451-790A89FBBF94} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe <==== ATTENTION
Task: {E53228D5-DCB9-48A4-ADD7-DDB4D80E0734} - \Feven Pro-updater No Task File
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECD3679E-C980-4946-B3F0-4581B22F69E1} - \MediaPlayerEnhance-chromeinstaller No Task File
Task: {F7901031-3AFD-4E9F-A169-8998229EEE70} - \MediaPlayerEnhance-codedownloader No Task File
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe

==================== Loaded Modules (whitelisted) =============

2012-08-14 07:15 - 2010-08-19 10:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-01-16 16:06 - 2014-01-16 16:06 - 00167936 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2013-11-20 11:34 - 2013-11-20 11:34 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-20 11:35 - 2013-11-20 11:35 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2014-02-13 02:28 - 2014-02-26 19:01 - 00111904 _____ () C:\Program Files (x86)\crimsolite\updatecrimsolite.exe
2014-03-07 20:45 - 2014-03-07 20:45 - 00111904 _____ () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
2014-03-07 19:09 - 2014-03-07 19:09 - 00111904 _____ () C:\Program Files (x86)\crimsolite\bin\utilcrimsolite.exe
2012-08-14 06:57 - 2012-08-03 17:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-17 12:05 - 2013-02-17 12:02 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-14 07:13 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-14 19:50 - 2014-02-14 19:50 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2012-08-14 07:45 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2014 03:01:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 09:47:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 2.5.0.244, Zeitstempel: 0x50220e70
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1140
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5

Error: (03/09/2014 09:45:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 09:45:14 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 09:34:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.


System errors:
=============
Error: (03/09/2014 09:04:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2014 09:18:17 AM) (Source: DCOM) (User: Adminpassword)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/08/2014 09:05:20 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:20 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: Adminpassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminpasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/07/2014 10:42:39 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212254851136848

Error: (03/07/2014 10:42:54 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎03.‎2014 um 22:21:33 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (03/10/2014 03:01:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/09/2014 09:47:21 PM) (Source: Application Error)(User: )
Description: devmonsrv.exe2.5.0.24450220e70unknown0.0.0.000000000c000000500000000114001cf3bd77c167206C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeunknown0282f576-a7cc-11e3-becb-84a6c8049803

Error: (03/09/2014 09:45:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\esetsmartinstaller_enu.exe

Error: (03/09/2014 09:45:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\esetsmartinstaller_enu.exe

Error: (03/09/2014 09:34:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\esetsmartinstaller_enu.exe

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./ROOT/default

Error: (03/07/2014 07:12:41 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription


==================== Memory info =========================== 

Percentage of memory in use: 62%
Total physical RAM: 3961.66 MB
Available physical RAM: 1480.17 MB
Total Pagefile: 7417.66 MB
Available Pagefile: 4644.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:870 GB) (Free:825.35 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.35 GB) NTFS
Drive e: (DrWebLiveCD) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
Drive f: (WININSTALL) (Removable) (Total:29.8 GB) (Free:21.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 2ABEBDCA)
Partition 1: (Active) - (Size=30 GB) - (Type=0B)

==================== End Of Log ============================
         

FRST Log

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014
Ran by WinUser (administrator) on Adminpasswort on 10-03-2014 06:49:08
Running from C:\Users\WinUser\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
() C:\Program Files (x86)\crimsolite\updatecrimsolite.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
() C:\Program Files (x86)\crimsolite\bin\utilcrimsolite.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] - "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1933496743-3218387689-3214425771-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
Startup: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {80BA3044-EABA-437D-A082-BBD942689FC5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO-x32: crimsolite - {1b059c94-7dfc-419a-8aa6-8e643bac7974} - C:\Program Files (x86)\crimsolite\crimsolitebho.dll (crimsolite)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\WinUser\AppData\Roaming\Mozilla\Firefox\Profiles\3apl6ya5.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: crimsolite - C:\Users\WinUser\AppData\Roaming\Mozilla\Firefox\Profiles\3apl6ya5.default\Extensions\{b525993a-167d-44eb-9f03-5966d1af451f}.xpi [2014-03-02]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [167936 2014-01-16] ()
R2 Update crimsolite; C:\Program Files (x86)\crimsolite\updatecrimsolite.exe [111904 2014-02-26] ()
R2 Update Mega Browse; C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe [111904 2014-03-07] ()
R2 Util crimsolite; C:\Program Files (x86)\crimsolite\bin\utilcrimsolite.exe [111904 2014-03-07] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46232 2013-12-17] (NetFilterSDK.com)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\system32\drivers\afd.sys 7C0E0EDF18D6CC565D7BFBB451709FA5
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9
C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\System32\drivers\AMPPAL.sys FB88245C1815EB1588DBC364A8D24522
C:\Windows\system32\DRIVERS\amppal.sys FB88245C1815EB1588DBC364A8D24522
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\system32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\system32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59
C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1
C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957
C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012
C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A
C:\Windows\system32\DRIVERS\btmaux.sys 0E39863E0568BAF18DA8A49F0C5D55EB
C:\Windows\system32\DRIVERS\btmhsf.sys 1134650C2F97611ACCDB02BC904AD35D
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys E708BFF0473EC6B271EA46B65B16CA56
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7
C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF
C:\Windows\System32\drivers\dxgkrnl.sys E6AF4DF1817953D73C519B17CF849756
C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1E
C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E
C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F
C:\Windows\System32\drivers\HDAudBus.sys 7D87B5B6C7188D553E11B59DC7F0B111
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143
C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 0FE66A51D81A25AACEAAE4C26308121D
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\iBtFltCoex.sys 43E864824FCEBEE7119E1572B2703EB9
C:\Windows\system32\DRIVERS\igdkmd64.sys 11A31FC2481BFE69B0507ED8C80215F4
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\drivers\intelaud.sys FD2032D2EAE8D7F3381EBA5FA3E7FEEA
C:\Windows\system32\drivers\RTKVHD64.sys F1A3ECE3809AF333810ED0A872200226
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys 69C8BF0BC2B0EA10F130F4D3104DC2EF
C:\Windows\System32\drivers\iwdbus.sys C59B9CE2855E667809F9E63C20FC44A5
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys DFA480F6DED551464F3A5B959F437800
C:\Windows\System32\Drivers\ksecpkg.sys 127FB0AAD232BAAD2C9BBACD374F4FC5
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB
C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD
C:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46F
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 93179D48066918323628CB016D8C94DC
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C7DD2E5759FFCCD2C7341C1B90F2B26
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\System32\drivers\netfilter64.sys 5FBDC88F22270FE741152A2FBD39B160
C:\Windows\system32\DRIVERS\NETwew00.sys A92DECBD3D9624F298A49A2B25EDE3B0
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 76929F4A69E425911A63B407E26C2589
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF
C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\System32\Drivers\RtsUStor.sys 0E32A8922DCFD28EA00AAEC07CB3F331
C:\Windows\system32\DRIVERS\Rt630x64.sys 7D9DA8EC6784A9EE213C676709D46BE6
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041
C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 60224D0D18F8DD1BC5B91F03BACED168
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 4A2972573225A2DE4DEC0AD68529DF0F
C:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys 56218A571ECF8D55E0CDFF8DF2546CF1
C:\Windows\System32\DRIVERS\srvnet.sys 14FC338B80CFF7E04215133B568D15C4
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\system32\DRIVERS\SynTP.sys 157DFCD1E83E964A5074742AE2DFA0C1
C:\Windows\System32\drivers\tcpip.sys DD4249F03598043DED6FA540EB14898A
C:\Windows\system32\DRIVERS\tcpip.sys DD4249F03598043DED6FA540EB14898A
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190
C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usb3Hub.sys 30F02F642C2D141CAABD412B48A29D76
C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92
C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595
C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1
C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB
C:\Windows\System32\drivers\UsbHub3.sys E5F7328B1D29BCE791862CD3C0DD382A
C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB
C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B
C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B
C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C
C:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FF
C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\System32\drivers\WdBoot.sys FD47DF026B32969B8A68721A0243E8EE
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\drivers\WdFilter.sys 5F425D842DD6ADE9F95A51A0616AFAD7
C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5D
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\drivers\XHCIPort.sys 6FDEE5E0741A3FFA5E5772C6C94E3F64

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-10 06:49 - 2014-03-10 06:49 - 00033195 _____ () C:\Users\WinUser\Downloads\FRST.txt
2014-03-10 06:48 - 2014-03-10 06:48 - 02157056 _____ (Farbar) C:\Users\WinUser\Downloads\FRST64.exe
2014-03-10 06:48 - 2014-03-10 06:48 - 00000000 ____D () C:\Users\WinUser\Downloads\FRST-OlderVersion
2014-03-09 21:45 - 2014-03-09 21:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-09 21:44 - 2014-03-09 21:44 - 00001192 _____ () C:\Users\WinUser\Desktop\JRT.txt
2014-03-09 21:07 - 2014-03-09 21:08 - 00024755 _____ () C:\Users\WinUser\Downloads\Addition.txt
2014-03-07 22:01 - 2014-03-07 22:01 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-07 21:59 - 2014-03-07 21:59 - 00000000 ____D () C:\ProgramData\Real
2014-03-07 21:59 - 2014-03-05 16:53 - 01122960 _____ (AnyProtect.com) C:\Users\WinUser\AppData\Local\AnyProtectScannerSetup.exe
2014-03-07 20:02 - 2014-01-19 08:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-07 19:23 - 2014-03-09 21:08 - 00037618 _____ () C:\Users\WinUser\Downloads\Shortcut.txt
2014-02-23 14:02 - 2014-03-08 09:15 - 00001171 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-23 14:02 - 2014-02-23 14:03 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Mozilla
2014-02-23 14:02 - 2014-02-23 14:03 - 00000000 ____D () C:\Users\WinUser\AppData\Local\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 15:29 - 2014-02-22 15:29 - 00000000 ____D () C:\Windows\ERUNT
2014-02-22 15:08 - 2014-03-08 09:15 - 00001128 _____ () C:\Users\Public\Desktop\Windows 8 Info.lnk
2014-02-22 15:08 - 2014-03-08 09:15 - 00001096 _____ () C:\Users\WinUser\Desktop\Internet Explorer.lnk
2014-02-22 15:08 - 2014-03-08 09:15 - 00001019 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-22 15:03 - 2014-03-10 06:49 - 00000000 ____D () C:\FRST
2014-02-21 18:52 - 2014-03-10 00:58 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-02-20 22:45 - 2014-02-17 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 22:45 - 2014-02-17 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 19:49 - 2014-02-22 15:38 - 00000000 ____D () C:\Users\Sonja
2014-02-17 19:39 - 2014-02-17 19:40 - 00000463 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-02-17 14:17 - 2014-02-17 19:34 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\vlc
2014-02-17 14:16 - 2014-02-17 19:36 - 00000000 ____D () C:\Program Files (x86)\crimsolite
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files (x86)\HiDefMedia
2014-02-17 14:14 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 14:35 - 2014-03-09 21:20 - 00001115 _____ () C:\Users\WinUser\Desktop\Continue VuuPC Installation.lnk
2014-02-16 14:26 - 2014-03-09 21:36 - 00000294 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-02-16 14:26 - 2014-02-16 14:26 - 00002510 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-02-16 14:25 - 2014-03-09 21:36 - 00000392 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-02-16 14:25 - 2014-02-16 14:25 - 00002980 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-02-14 18:33 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 18:33 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 17:34 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-13 17:33 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 17:33 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 17:33 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 17:33 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-13 17:33 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 17:33 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 17:33 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 17:33 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 17:33 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 17:33 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 17:33 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 17:33 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 17:33 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-13 17:33 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 17:33 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 17:33 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 17:33 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 17:33 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-13 17:33 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-13 17:32 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 17:32 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 17:32 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 17:32 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-10 06:49 - 2014-03-10 06:49 - 00033195 _____ () C:\Users\WinUser\Downloads\FRST.txt
2014-03-10 06:49 - 2014-02-22 15:03 - 00000000 ____D () C:\FRST
2014-03-10 06:48 - 2014-03-10 06:48 - 02157056 _____ (Farbar) C:\Users\WinUser\Downloads\FRST64.exe
2014-03-10 06:48 - 2014-03-10 06:48 - 00000000 ____D () C:\Users\WinUser\Downloads\FRST-OlderVersion
2014-03-10 06:46 - 2012-12-16 15:29 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Skype
2014-03-10 05:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-10 00:58 - 2014-02-21 18:52 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-03-10 00:39 - 2012-11-27 20:58 - 01905006 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 22:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-09 21:51 - 2012-11-27 21:05 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1933496743-3218387689-3214425771-1001
2014-03-09 21:45 - 2014-03-09 21:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-09 21:44 - 2014-03-09 21:44 - 00001192 _____ () C:\Users\WinUser\Desktop\JRT.txt
2014-03-09 21:38 - 2012-11-27 21:02 - 00000000 ____D () C:\Users\WinUser\Documents\Youcam
2014-03-09 21:36 - 2014-02-16 14:26 - 00000294 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-09 21:36 - 2014-02-16 14:25 - 00000392 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-03-09 21:35 - 2012-08-14 13:01 - 00020274 _____ () C:\Windows\PFRO.log
2014-03-09 21:35 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 21:34 - 2012-08-14 04:50 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-03-09 21:34 - 2012-08-14 04:50 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-03-09 21:34 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 21:33 - 2012-07-26 08:21 - 00033750 _____ () C:\Windows\setupact.log
2014-03-09 21:20 - 2014-02-16 14:35 - 00001115 _____ () C:\Users\WinUser\Desktop\Continue VuuPC Installation.lnk
2014-03-09 21:08 - 2014-03-09 21:07 - 00024755 _____ () C:\Users\WinUser\Downloads\Addition.txt
2014-03-09 21:08 - 2014-03-07 19:23 - 00037618 _____ () C:\Users\WinUser\Downloads\Shortcut.txt
2014-03-08 09:15 - 2014-02-23 14:02 - 00001171 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001128 _____ () C:\Users\Public\Desktop\Windows 8 Info.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001096 _____ () C:\Users\WinUser\Desktop\Internet Explorer.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001019 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-07 22:01 - 2014-03-07 22:01 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-07 21:59 - 2014-03-07 21:59 - 00000000 ____D () C:\ProgramData\Real
2014-03-07 20:00 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-07 19:12 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-05 16:53 - 2014-03-07 21:59 - 01122960 _____ (AnyProtect.com) C:\Users\WinUser\AppData\Local\AnyProtectScannerSetup.exe
2014-03-05 16:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-23 14:03 - 2014-02-23 14:02 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Mozilla
2014-02-23 14:03 - 2014-02-23 14:02 - 00000000 ____D () C:\Users\WinUser\AppData\Local\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 14:02 - 2014-02-17 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 15:38 - 2014-02-20 19:49 - 00000000 ____D () C:\Users\Sonja
2014-02-22 15:29 - 2014-02-22 15:29 - 00000000 ____D () C:\Windows\ERUNT
2014-02-22 15:06 - 2012-11-27 21:00 - 00000000 ___RD () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 19:52 - 2012-11-27 21:00 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-17 23:03 - 2014-02-20 22:45 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2014-02-20 22:45 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 19:40 - 2014-02-17 19:39 - 00000463 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-02-17 19:36 - 2014-02-17 14:16 - 00000000 ____D () C:\Program Files (x86)\crimsolite
2014-02-17 19:34 - 2014-02-17 14:17 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\vlc
2014-02-17 18:54 - 2013-08-18 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:51 - 2012-12-12 20:30 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files (x86)\HiDefMedia
2014-02-16 15:50 - 2012-11-27 21:02 - 00000000 ____D () C:\Users\WinUser\AppData\Local\CyberLink
2014-02-16 14:26 - 2014-02-16 14:26 - 00002510 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-02-16 14:25 - 2014-02-16 14:25 - 00002980 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-02-14 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\WinUser\AppData\Local\Temp\avgnt.exe
C:\Users\WinUser\AppData\Local\Temp\lowproc.exe
C:\Users\WinUser\AppData\Local\Temp\rnsetup0.exe
C:\Users\WinUser\AppData\Local\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Start-Manager f�r Firmware
--------------------------
Bezeichner              {fwbootmgr}
displayorder            {17ad7371-f742-11e1-be85-806e6f6e6963}
                        {8af0b990-e60f-11e1-b59a-f2123cd3279d}
                        {8af0b991-e60f-11e1-b59a-f2123cd3279d}
                        {bootmgr}
                        {99daa814-ed34-11e1-a7a5-9390da8491f2}
timeout                 1

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {8af0b995-e60f-11e1-b59a-f2123cd3279d}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {17ad7371-f742-11e1-be85-806e6f6e6963}
device                  partition=\Device\HarddiskVolume2
description             UEFI: ST1000LM024 HN-M101MBB

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {8af0b990-e60f-11e1-b59a-f2123cd3279d}
description             UEFI: IP4 Realtek PCIe GBE Family Controller

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {8af0b991-e60f-11e1-b59a-f2123cd3279d}
description             UEFI: IP6 Realtek PCIe GBE Family Controller

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {99daa814-ed34-11e1-a7a5-9390da8491f2}
description             UEFI: Built-in EFI Shell 

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 8
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {c887c9ea-f742-11e1-be86-84a6c8049803}
integrityservices       Enable
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {8af0b995-e60f-11e1-b59a-f2123cd3279d}
nx                      OptIn
bootmenupolicy          Standard

Windows-Startladeprogramm
-------------------------
Bezeichner              {8d7f0cc6-879e-47f6-a767-0ed8fd3b0659}
device                  ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
path                    \windows\system32\winload.efi
description             MEDION Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {c887c9ea-f742-11e1-be86-84a6c8049803}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\Winre.wim,{c887c9eb-f742-11e1-be86-84a6c8049803}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\Winre.wim,{c887c9eb-f742-11e1-be86-84a6c8049803}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {8af0b995-e60f-11e1-b59a-f2123cd3279d}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {c887c9ea-f742-11e1-be86-84a6c8049803}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {572bcd56-ffa7-11d9-aae0-0007e994107d}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume6
ramdisksdipath          \boot\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {c887c9eb-f742-11e1-be86-84a6c8049803}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\boot.sdi



LastRegBack: 2014-03-09 21:28

==================== End Of Log ============================
         

Vielen Dank für eure Unterstützung

Grüße

ArminMuc

Hi,

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.


Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hallo Schrauber,

ich habe nun alle Tools durchlaufen lassen und ein Programm (SavingsBull) hält sich hartnäckig.
Es lässt sich nicht löschen und wird auch nicht in den Deinstallern (ist hidden) angezeigt.
Da es nicht angezeigt wird, kann es nicht zum Löschen ausgewählt werden.
Ich habe es mit dem RevoUninstaller und mit der Windows eigenen Deinstallation versucht - vergeblich.

Eine Idee, wie ich "SavingsBull" nun loswerden kann?

Anbei die Log's verschiedener Tools

FRST - Addition

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014
Ran by WinUser at 2014-03-12 20:28:18
Running from C:\Users\WinUser\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0814 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0814 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

20-02-2014 21:44:09 Windows Update
02-03-2014 17:31:46 Geplanter Prüfpunkt
07-03-2014 20:33:17 Windows Modules Installer
10-03-2014 18:34:08 Revo Uninstaller's restore point - Re-markit

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2B772E14-661E-412B-9856-4ADF31DB66AB} - \EPUpdater No Task File
Task: {2BE4E8E6-C4FE-48B4-9CF2-208C98EB12E5} - \Feven Pro-chromeinstaller No Task File
Task: {36457A9D-9B7D-44CC-8CAA-E302E05FA9B9} - \Feven Pro-enabler No Task File
Task: {36BA8A4F-0835-4334-B53A-8BBC33338B9A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {396E2700-D02D-417D-8720-BFF9D35D08DB} - \MediaPlayerEnhance-firefoxinstaller No Task File
Task: {3F66A1DD-F95F-40F0-BD09-FBD5AEBA45AC} - \Feven Pro-codedownloader No Task File
Task: {4DEACA03-F6FF-46B1-B064-15E1156ACFDF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {4E26514D-71E5-45B1-8791-5ED22A4EE83D} - \SpeedUpMyPC Maintenance No Task File
Task: {5CA5EC96-3115-4EE4-9483-5084C31A3F4B} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: {734EC3BA-8C50-4138-AC94-3A9C876C2F35} - \RegClean Pro_DEFAULT No Task File
Task: {88E73CFE-368C-4B4B-ADED-1B473EE23FF6} - \RegClean Pro_UPDATES No Task File
Task: {96980CC3-C88D-4390-A104-6583FC6568DF} - \MediaPlayerEnhance-updater No Task File
Task: {A5EB88BE-E1B1-411D-BD96-0FBF5F7CC683} - \RegClean Pro No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B384DC4C-E47F-4F7C-84FC-D171D621D0DE} - \Feven Pro-firefoxinstaller No Task File
Task: {C3BB2530-8E89-475A-AE35-E82E42B35490} - \MediaPlayerEnhance-enabler No Task File
Task: {C63F9ACB-AFBE-46E7-93EC-C508600299C4} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CDCE31DA-3543-4B34-8A91-EF946BB1BD72} - \Re-markit Update No Task File
Task: {D0AA2CC3-7025-41D2-A046-6879A4B6373F} - \Scheduled Update for Ask Toolbar No Task File
Task: {E53228D5-DCB9-48A4-ADD7-DDB4D80E0734} - \Feven Pro-updater No Task File
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECD3679E-C980-4946-B3F0-4581B22F69E1} - \MediaPlayerEnhance-chromeinstaller No Task File
Task: {F7901031-3AFD-4E9F-A169-8998229EEE70} - \MediaPlayerEnhance-codedownloader No Task File
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe

==================== Loaded Modules (whitelisted) =============

2012-08-14 07:15 - 2010-08-19 10:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-08-14 06:57 - 2012-08-03 17:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-17 12:05 - 2013-02-17 12:02 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-14 07:13 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-14 19:50 - 2014-02-14 19:50 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-14 07:45 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 03:04:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/12/2014 03:01:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 11:50:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 11:50:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 07:35:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 07:35:24 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 07:35:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/11/2014 07:35:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/10/2014 09:16:08 PM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 638

Startzeit: 01cf3c9b1ef2c15f

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Berichts-ID: 9ed4eabf-a890-11e3-becb-84a6c8049803

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/10/2014 08:56:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (03/10/2014 09:52:10 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMService erreicht.

Error: (03/10/2014 08:51:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update crimsolite" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/10/2014 08:51:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util crimsolite" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2014 09:04:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2014 09:18:17 AM) (Source: DCOM) (User: AdminPassword)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/08/2014 09:05:20 AM) (Source: DCOM) (User: AdminPassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminPasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:20 AM) (Source: DCOM) (User: AdminPassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminPasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: AdminPassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminPasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: AdminPassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminPasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/08/2014 09:05:19 AM) (Source: DCOM) (User: AdminPassword)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AdminPasswordWinUserS-1-5-21-1933496743-3218387689-3214425771-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (03/12/2014 03:04:28 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/12/2014 03:01:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/11/2014 11:50:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/11/2014 11:50:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/11/2014 07:35:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/11/2014 07:35:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/11/2014 07:35:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/11/2014 07:35:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe

Error: (03/10/2014 09:16:08 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.163801cf3c9b1ef2c15f60000C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe9ed4eabf-a890-11e3-becb-84a6c8049803

Error: (03/10/2014 08:56:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestF:\Maleware\esetsmartinstaller_enu.exe


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 3961.66 MB
Available physical RAM: 2534.47 MB
Total Pagefile: 7417.66 MB
Available Pagefile: 5843.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:870 GB) (Free:824.06 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.35 GB) NTFS
Drive f: (WININSTALL) (Removable) (Total:29.8 GB) (Free:21.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 2ABEBDCA)
Partition 1: (Active) - (Size=30 GB) - (Type=0B)

==================== End Of Log ============================
         

FRST

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014
Ran by WinUser (administrator) on AdminPassword on 12-03-2014 20:27:38
Running from C:\Users\WinUser\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] - "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1933496743-3218387689-3214425771-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
Startup: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {80BA3044-EABA-437D-A082-BBD942689FC5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\WinUser\AppData\Roaming\Mozilla\Firefox\Profiles\3apl6ya5.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\system32\drivers\afd.sys 7C0E0EDF18D6CC565D7BFBB451709FA5
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9
C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\System32\drivers\AMPPAL.sys FB88245C1815EB1588DBC364A8D24522
C:\Windows\system32\DRIVERS\amppal.sys FB88245C1815EB1588DBC364A8D24522
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\system32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\system32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59
C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1
C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957
C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012
C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A
C:\Windows\system32\DRIVERS\btmaux.sys 0E39863E0568BAF18DA8A49F0C5D55EB
C:\Windows\system32\DRIVERS\btmhsf.sys 1134650C2F97611ACCDB02BC904AD35D
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys E708BFF0473EC6B271EA46B65B16CA56
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7
C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF
C:\Windows\System32\drivers\dxgkrnl.sys E6AF4DF1817953D73C519B17CF849756
C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1E
C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E
C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F
C:\Windows\System32\drivers\HDAudBus.sys 7D87B5B6C7188D553E11B59DC7F0B111
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143
C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 0FE66A51D81A25AACEAAE4C26308121D
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\iBtFltCoex.sys 43E864824FCEBEE7119E1572B2703EB9
C:\Windows\system32\DRIVERS\igdkmd64.sys 11A31FC2481BFE69B0507ED8C80215F4
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\drivers\intelaud.sys FD2032D2EAE8D7F3381EBA5FA3E7FEEA
C:\Windows\system32\drivers\RTKVHD64.sys F1A3ECE3809AF333810ED0A872200226
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys 69C8BF0BC2B0EA10F130F4D3104DC2EF
C:\Windows\System32\drivers\iwdbus.sys C59B9CE2855E667809F9E63C20FC44A5
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys DFA480F6DED551464F3A5B959F437800
C:\Windows\System32\Drivers\ksecpkg.sys 127FB0AAD232BAAD2C9BBACD374F4FC5
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB
C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD
C:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46F
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 93179D48066918323628CB016D8C94DC
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C7DD2E5759FFCCD2C7341C1B90F2B26
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\system32\DRIVERS\NETwew00.sys A92DECBD3D9624F298A49A2B25EDE3B0
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 76929F4A69E425911A63B407E26C2589
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF
C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\System32\Drivers\RtsUStor.sys 0E32A8922DCFD28EA00AAEC07CB3F331
C:\Windows\system32\DRIVERS\Rt630x64.sys 7D9DA8EC6784A9EE213C676709D46BE6
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041
C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 60224D0D18F8DD1BC5B91F03BACED168
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 4A2972573225A2DE4DEC0AD68529DF0F
C:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys 56218A571ECF8D55E0CDFF8DF2546CF1
C:\Windows\System32\DRIVERS\srvnet.sys 14FC338B80CFF7E04215133B568D15C4
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\system32\DRIVERS\SynTP.sys 157DFCD1E83E964A5074742AE2DFA0C1
C:\Windows\System32\drivers\tcpip.sys DD4249F03598043DED6FA540EB14898A
C:\Windows\system32\DRIVERS\tcpip.sys DD4249F03598043DED6FA540EB14898A
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190
C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usb3Hub.sys 30F02F642C2D141CAABD412B48A29D76
C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92
C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595
C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1
C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB
C:\Windows\System32\drivers\UsbHub3.sys E5F7328B1D29BCE791862CD3C0DD382A
C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB
C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B
C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B
C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C
C:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FF
C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\System32\drivers\WdBoot.sys 07D19A55CD27B330534D2DDEA60D5FC6
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\drivers\WdFilter.sys CEBD9CDAADA11FAECCA82E4C06BCDD8E
C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5D
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\drivers\XHCIPort.sys 6FDEE5E0741A3FFA5E5772C6C94E3F64

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-12 20:27 - 2014-03-12 20:27 - 00032608 _____ () C:\Users\WinUser\Downloads\FRST.txt
2014-03-12 20:25 - 2014-03-12 20:26 - 00000742 _____ () C:\Users\WinUser\Desktop\JRT.txt
2014-03-12 20:10 - 2014-03-04 23:52 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:10 - 2014-03-04 23:52 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 01:18 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 01:18 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 01:18 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 01:17 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 01:17 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 01:17 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 01:17 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 01:17 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 01:17 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 01:17 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 01:17 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 01:17 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 01:17 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 01:17 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 01:17 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 01:17 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 01:17 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 01:17 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 01:17 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-12 01:16 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 01:16 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 01:16 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 01:16 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-12 01:15 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 01:15 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 23:39 - 2014-03-11 23:39 - 00030772 _____ () C:\Users\WinUser\Downloads\Addition.txt
2014-03-11 06:24 - 2014-03-12 20:06 - 00000000 ____D () C:\AdwCleaner
2014-03-10 20:58 - 2014-03-10 20:58 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Malwarebytes
2014-03-10 20:57 - 2014-03-10 20:57 - 00001145 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-10 20:57 - 2014-03-10 20:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-10 20:57 - 2014-03-10 20:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-10 20:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-10 19:33 - 2014-03-10 19:33 - 00001300 _____ () C:\Users\WinUser\Desktop\Revo Uninstaller.lnk
2014-03-10 19:33 - 2014-03-10 19:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-10 06:48 - 2014-03-10 06:48 - 02157056 _____ (Farbar) C:\Users\WinUser\Downloads\FRST64.exe
2014-03-10 06:48 - 2014-03-10 06:48 - 00000000 ____D () C:\Users\WinUser\Downloads\FRST-OlderVersion
2014-03-09 21:45 - 2014-03-09 21:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-07 22:01 - 2014-03-11 09:27 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-07 21:59 - 2014-03-07 21:59 - 00000000 ____D () C:\ProgramData\Real
2014-03-07 21:59 - 2014-03-05 16:53 - 01122960 _____ (AnyProtect.com) C:\Users\WinUser\AppData\Local\AnyProtectScannerSetup.exe
2014-03-07 20:02 - 2014-01-19 08:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-07 19:23 - 2014-03-11 23:39 - 00038686 _____ () C:\Users\WinUser\Downloads\Shortcut.txt
2014-02-23 14:02 - 2014-03-08 09:15 - 00001171 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-23 14:02 - 2014-02-23 14:03 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Mozilla
2014-02-23 14:02 - 2014-02-23 14:03 - 00000000 ____D () C:\Users\WinUser\AppData\Local\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 15:29 - 2014-02-22 15:29 - 00000000 ____D () C:\Windows\ERUNT
2014-02-22 15:08 - 2014-03-08 09:15 - 00001128 _____ () C:\Users\Public\Desktop\Windows 8 Info.lnk
2014-02-22 15:08 - 2014-03-08 09:15 - 00001096 _____ () C:\Users\WinUser\Desktop\Internet Explorer.lnk
2014-02-22 15:08 - 2014-03-08 09:15 - 00001019 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-22 15:03 - 2014-03-12 20:27 - 00000000 ____D () C:\FRST
2014-02-20 19:49 - 2014-02-22 15:38 - 00000000 ____D () C:\Users\Sonja
2014-02-17 19:39 - 2014-02-17 19:40 - 00000463 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-02-17 14:17 - 2014-02-17 19:34 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\vlc
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files (x86)\HiDefMedia
2014-02-17 14:14 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 14:35 - 2014-03-09 21:20 - 00001115 _____ () C:\Users\WinUser\Desktop\Continue VuuPC Installation.lnk
2014-02-16 14:26 - 2014-03-12 20:11 - 00000294 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-02-16 14:26 - 2014-02-16 14:26 - 00002510 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-02-14 18:33 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 18:33 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 17:34 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-13 17:33 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 17:33 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 17:33 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 17:33 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 17:33 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-13 17:33 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-13 17:32 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 17:32 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 17:32 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 17:32 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-12 20:27 - 2014-03-12 20:27 - 00032608 _____ () C:\Users\WinUser\Downloads\FRST.txt
2014-03-12 20:27 - 2014-02-22 15:03 - 00000000 ____D () C:\FRST
2014-03-12 20:26 - 2014-03-12 20:25 - 00000742 _____ () C:\Users\WinUser\Desktop\JRT.txt
2014-03-12 20:22 - 2012-11-27 20:58 - 01771520 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 20:13 - 2012-12-16 15:29 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Skype
2014-03-12 20:12 - 2012-11-27 21:02 - 00000000 ____D () C:\Users\WinUser\Documents\Youcam
2014-03-12 20:11 - 2014-02-16 14:26 - 00000294 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-12 20:11 - 2012-11-27 21:00 - 00000000 ___RD () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-12 20:11 - 2012-11-27 21:00 - 00000000 ___RD () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-12 20:08 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-12 20:06 - 2014-03-11 06:24 - 00000000 ____D () C:\AdwCleaner
2014-03-12 20:06 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-12 20:06 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 20:06 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 20:06 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 20:06 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 19:59 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-12 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-11 23:39 - 2014-03-11 23:39 - 00030772 _____ () C:\Users\WinUser\Downloads\Addition.txt
2014-03-11 23:39 - 2014-03-07 19:23 - 00038686 _____ () C:\Users\WinUser\Downloads\Shortcut.txt
2014-03-11 09:27 - 2014-03-07 22:01 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-10 23:23 - 2012-08-14 13:01 - 00049524 _____ () C:\Windows\PFRO.log
2014-03-10 20:58 - 2014-03-10 20:58 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Malwarebytes
2014-03-10 20:57 - 2014-03-10 20:57 - 00001145 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-10 20:57 - 2014-03-10 20:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-10 20:57 - 2014-03-10 20:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-10 19:33 - 2014-03-10 19:33 - 00001300 _____ () C:\Users\WinUser\Desktop\Revo Uninstaller.lnk
2014-03-10 19:33 - 2014-03-10 19:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-10 06:48 - 2014-03-10 06:48 - 02157056 _____ (Farbar) C:\Users\WinUser\Downloads\FRST64.exe
2014-03-10 06:48 - 2014-03-10 06:48 - 00000000 ____D () C:\Users\WinUser\Downloads\FRST-OlderVersion
2014-03-09 21:51 - 2012-11-27 21:05 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1933496743-3218387689-3214425771-1001
2014-03-09 21:45 - 2014-03-09 21:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-09 21:34 - 2012-08-14 04:50 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-03-09 21:34 - 2012-08-14 04:50 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-03-09 21:34 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 21:33 - 2012-07-26 08:21 - 00033750 _____ () C:\Windows\setupact.log
2014-03-09 21:20 - 2014-02-16 14:35 - 00001115 _____ () C:\Users\WinUser\Desktop\Continue VuuPC Installation.lnk
2014-03-08 09:15 - 2014-02-23 14:02 - 00001171 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001128 _____ () C:\Users\Public\Desktop\Windows 8 Info.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001096 _____ () C:\Users\WinUser\Desktop\Internet Explorer.lnk
2014-03-08 09:15 - 2014-02-22 15:08 - 00001019 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-07 21:59 - 2014-03-07 21:59 - 00000000 ____D () C:\ProgramData\Real
2014-03-07 20:00 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-07 19:12 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-05 16:53 - 2014-03-07 21:59 - 01122960 _____ (AnyProtect.com) C:\Users\WinUser\AppData\Local\AnyProtectScannerSetup.exe
2014-03-05 16:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-04 23:52 - 2014-03-12 20:10 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:52 - 2014-03-12 20:10 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-23 14:03 - 2014-02-23 14:02 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\Mozilla
2014-02-23 14:03 - 2014-02-23 14:02 - 00000000 ____D () C:\Users\WinUser\AppData\Local\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-23 14:02 - 2014-02-23 14:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 14:02 - 2014-02-17 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-23 09:13 - 2014-03-12 01:17 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-12 01:17 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 09:13 - 2014-03-12 01:17 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-23 09:13 - 2014-03-12 01:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-23 09:13 - 2014-03-12 01:17 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 09:12 - 2014-03-12 01:17 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-12 01:17 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 09:12 - 2014-03-12 01:17 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 09:11 - 2014-03-12 01:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 07:54 - 2014-03-12 01:17 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-12 01:17 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 07:54 - 2014-03-12 01:17 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 07:53 - 2014-03-12 01:17 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 07:35 - 2014-03-12 01:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-12 01:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 05:06 - 2014-03-12 01:17 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-22 15:38 - 2014-02-20 19:49 - 00000000 ____D () C:\Users\Sonja
2014-02-22 15:29 - 2014-02-22 15:29 - 00000000 ____D () C:\Windows\ERUNT
2014-02-20 19:52 - 2012-11-27 21:00 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-17 19:40 - 2014-02-17 19:39 - 00000463 _____ () C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-02-17 19:34 - 2014-02-17 14:17 - 00000000 ____D () C:\Users\WinUser\AppData\Roaming\vlc
2014-02-17 18:54 - 2013-08-18 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:51 - 2012-12-12 20:30 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 14:15 - 2014-02-17 14:15 - 00000000 ____D () C:\Program Files (x86)\HiDefMedia
2014-02-16 15:50 - 2012-11-27 21:02 - 00000000 ____D () C:\Users\WinUser\AppData\Local\CyberLink
2014-02-16 14:26 - 2014-02-16 14:26 - 00002510 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-02-14 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\WinUser\AppData\Local\Temp\avgnt.exe
C:\Users\WinUser\AppData\Local\Temp\lowproc.exe
C:\Users\WinUser\AppData\Local\Temp\Quarantine.exe
C:\Users\WinUser\AppData\Local\Temp\rnsetup0.exe
C:\Users\WinUser\AppData\Local\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Start-Manager f�r Firmware
--------------------------
Bezeichner              {fwbootmgr}
displayorder            {17ad7371-f742-11e1-be85-806e6f6e6963}
                        {8af0b990-e60f-11e1-b59a-f2123cd3279d}
                        {8af0b991-e60f-11e1-b59a-f2123cd3279d}
                        {bootmgr}
                        {99daa814-ed34-11e1-a7a5-9390da8491f2}
timeout                 1

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {8af0b995-e60f-11e1-b59a-f2123cd3279d}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {17ad7371-f742-11e1-be85-806e6f6e6963}
device                  partition=\Device\HarddiskVolume2
description             UEFI: ST1000LM024 HN-M101MBB

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {8af0b990-e60f-11e1-b59a-f2123cd3279d}
description             UEFI: IP4 Realtek PCIe GBE Family Controller

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {8af0b991-e60f-11e1-b59a-f2123cd3279d}
description             UEFI: IP6 Realtek PCIe GBE Family Controller

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {99daa814-ed34-11e1-a7a5-9390da8491f2}
description             UEFI: Built-in EFI Shell 

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 8
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {c887c9ea-f742-11e1-be86-84a6c8049803}
integrityservices       Enable
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {8af0b995-e60f-11e1-b59a-f2123cd3279d}
nx                      OptIn
bootmenupolicy          Standard

Windows-Startladeprogramm
-------------------------
Bezeichner              {8d7f0cc6-879e-47f6-a767-0ed8fd3b0659}
device                  ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
path                    \windows\system32\winload.efi
description             MEDION Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {c887c9ea-f742-11e1-be86-84a6c8049803}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\Winre.wim,{c887c9eb-f742-11e1-be86-84a6c8049803}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\Winre.wim,{c887c9eb-f742-11e1-be86-84a6c8049803}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {8af0b995-e60f-11e1-b59a-f2123cd3279d}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {c887c9ea-f742-11e1-be86-84a6c8049803}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {572bcd56-ffa7-11d9-aae0-0007e994107d}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume6
ramdisksdipath          \boot\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {c887c9eb-f742-11e1-be86-84a6c8049803}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\c887c9ea-f742-11e1-be86-84a6c8049803\boot.sdi



LastRegBack: 2014-03-09 21:28

==================== End Of Log ============================
         

--- --- ---

--- --- ---



Eine Idee?
Wer kann mir helfen? Oder bleibt nur eine Neuinstallation?

Viele Grüße


ArminMuc

FRST - Shortcut

Code: Alles auswählenAufklappen

ATTFilter

Users shortcut scan result (x64) Version: 09-03-2014
Ran by WinUser at 2014-03-12 20:28:54
Running from C:\Users\WinUser\Downloads
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk -> C:\Windows\BrowserChoice\html\default.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype für den Desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel(R) WiDi\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\HomeCinema.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\PowerDirector\PowerDirector.lnk -> C:\Program Files\CyberLink\PowerDirector\PDR9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink YouCam 5\CyberLink YouCam 5.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink PowerDVD Copy 1.5\CyberLink PowerDVD Copy 1.5.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD Copy\PowerDVDCopy.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink PowerDVD 10\PowerDVD 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink Power2Go 8\CyberLink Power2Go 8.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink Power2Go 8\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink Power2Go 8\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink Power2Go 8\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink MediaEspresso 6.5\CyberLink MediaEspresso 6.5.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink LabelPrint 2.5\CyberLink LabelPrint 2.5.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\Documentation.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\HiDef Media Player.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\hidefmedia.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\HidefMedia Website.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\HidefMedia Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\Release Notes.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover\PowerRecover.lnk -> C:\Program Files\CyberLink\PowerRecover\PowerRecover.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3\PhotoDirector 3.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus Hilfe.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\avwin.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus starten.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira im Internet.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Readme anzeigen.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\microsoft shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Medion\DE-S Services\ALDI Foto\ALDI Süd Fotosoftware installieren.lnk -> C:\ProgramData\Medion\Foto-Software\DE-S\ALDI Bestellsoftware Setup.exe ()
Shortcut: C:\ProgramData\Medion\DE-N Services\Medion Services\MEDIONmail.lnk -> C:\Windows\System32\oobe\info\Medion Offlineseite\Herzlich willkommen bei MEDIONmail.htm ()
Shortcut: C:\ProgramData\Medion\DE-N Services\ALDI Foto\ALDI Nord Fotosoftware installieren.lnk -> C:\ProgramData\Medion\Foto-Software\DE-N\ALDI NORD Bestellsoftware Setup.exe ()
Shortcut: C:\Users\Default\Desktop\ALDI Foto.lnk -> C:\ProgramData\Medion\DE-S Services\ALDI Foto ()
Shortcut: C:\Users\Default\Desktop\Medion Services.lnk -> C:\ProgramData\Medion\DE-S Services\Medion Services ()
Shortcut: C:\Users\Default\Desktop\MEDIONmediathek.lnk -> C:\Program Files (x86)\Mediathek\Medion Mediathek.exe ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\Links\Desktop.lnk -> C:\Users\WinUser\Desktop ()
Shortcut: C:\Users\WinUser\Links\Downloads.lnk -> C:\Users\WinUser\Downloads ()
Shortcut: C:\Users\WinUser\Desktop\Continue VuuPC Installation.lnk -> C:\Users\WinUser\AppData\Local\Temp\ICReinstall_nsmAF92.tmp (No File)
Shortcut: C:\Users\WinUser\Desktop\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\Desktop\Medion Services.lnk -> C:\ProgramData\Medion\DE-S Services\Medion Services ()
Shortcut: C:\Users\WinUser\Desktop\MEDIONmediathek.lnk -> C:\Program Files (x86)\Mediathek\Medion Mediathek.exe ()
Shortcut: C:\Users\WinUser\Desktop\OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\Desktop\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Base.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Calc.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Draw.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Impress.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Math.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Writer.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\SendTo\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HomeCinema.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoDirector 3.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe (CyberLink Corp.)
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Avira Control Center.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Medion\DE-S Services\Medion Services\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/de
ShortcutWithArgument: C:\ProgramData\Medion\DE-S Services\ALDI Foto\ALDI Süd Foto Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldifotos.de/sued/
ShortcutWithArgument: C:\ProgramData\Medion\DE-N Services\Medion Services\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/de
ShortcutWithArgument: C:\ProgramData\Medion\DE-N Services\ALDI Foto\ALDI Nord Foto Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldifotos.de/nord
ShortcutWithArgument: C:\Users\Default\Desktop\ALDI Süd Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www2.aldi-blumenservice.de/
ShortcutWithArgument: C:\Users\Default\Desktop\ALDI Süd Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-sued.de/de/html/service/aldi_reisen.htm
ShortcutWithArgument: C:\Users\Default\Desktop\ALDI Süd Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-sued.de
ShortcutWithArgument: C:\Users\Default\Desktop\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLaunch.lnk -> C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe (Lenovo) -> /pin:warn /hide:no
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion MediaPack 3\Medion MediaPack.lnk -> C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe (Ashampoo) -> -f
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Advanced Statistics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Diagnostics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema\CyberLink YouCam 5\CyberLink YouCam Mirror.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) -> /m
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\HiDef Media Player skinned.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\hidefmedia.exe () -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia\Reset HiDef Media Player preferences and cache files.lnk -> C:\Program Files (x86)\HiDefMedia\HiDefMedia\hidefmedia.exe () -> --reset-config --reset-plugins-cache HiDefMedia://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Medion\DE-S Services\Medion Services\MEDIONservice.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionservice.de
ShortcutWithArgument: C:\ProgramData\Medion\DE-N Services\Medion Services\MEDIONservice.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionservice.de
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\WinUser\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QuickLaunch.lnk -> C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe (Lenovo) -> /pin:warn /hide:no
ShortcutWithArgument: C:\Users\WinUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\WinUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\Users\Default\Favorites\ALDI Süd Blumen Service.url -> hxxp://www2.aldi-blumenservice.de/
InternetURL: C:\Users\Default\Favorites\ALDI Süd Foto Service.url -> hxxp://www.aldifotos.de/sued/
InternetURL: C:\Users\Default\Favorites\ALDI Süd Reisen.url -> hxxp://www.aldi-sued.de/de/html/service/aldi_reisen.htm
InternetURL: C:\Users\Default\Favorites\ALDI Süd Startseite.url -> hxxp://www.aldi-sued.de/
InternetURL: C:\Users\Default\Favorites\ALDI Talk.url -> hxxp://www.alditalk.de/
InternetURL: C:\Users\Default\Favorites\eBay.url -> hxxp://www.ebay.de/?mpt=1173498776949
InternetURL: C:\Users\Default\Favorites\MEDION Serviceportal.url -> hxxp://www.medionservice.de/
InternetURL: C:\Users\Default\Favorites\MEDIONhome.url -> hxxp://www.medion.com/de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDION GoPal.url -> hxxp://www.mediongopal.de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDION TV.url -> hxxp://tv.medion.com/player-reiter.php?xmlHtml=main
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONfabrikverkauf.url -> hxxp://www.medion.com/de/fabrikverkauf/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONgames.url -> hxxp://www.mediongames.de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONhome.url -> hxxp://www.medion.com/de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONload.url -> hxxp://www.medionload.de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONmobile.url -> hxxp://www.alditalk.de/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONmusic.url -> hxxp://www.medionmusic.com/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONservice.url -> hxxp://www.medion.com/de/service/start/
InternetURL: C:\Users\Default\Favorites\MEDIONwelten\MEDIONshop.url -> hxxp://www.medion.com/de/electronics
InternetURL: C:\Users\WinUser\Favorites\amazon.de Günstige Preise für Elektronik & Foto, Filme, Musik, Bücher, Games, Spielzeug & mehr.url -> hxxp://www.amazon.de/
InternetURL: C:\Users\WinUser\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\WinUser\Favorites\eBay.url -> hxxp://www.ebay.de/?mpt=1173498776949
InternetURL: C:\Users\WinUser\Favorites\GMX - E-Mail, FreeMail, De-Mail, Themen- & Shopping-Portal - kostenlos.url -> hxxp://www.gmx.net/
InternetURL: C:\Users\WinUser\Favorites\Kostenlose Internetanrufe mit Skype. Telefone online billig anrufen.url -> hxxp://www.skype.com/intl/de/home/
InternetURL: C:\Users\WinUser\Favorites\lokalisten community freunde, chat, online games & partyfotos.url -> hxxp://www.lokalisten.de/
InternetURL: C:\Users\WinUser\Favorites\MEDION Serviceportal.url -> hxxp://www.medionservice.de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONhome.url -> hxxp://www.medion.com/de/
InternetURL: C:\Users\WinUser\Favorites\Snack Bar - Hotelbilder Hotel Baia Lara - Lara - Türkische Riviera - Türkei.url -> hxxp://www.holidaycheck.de/hotel-Urlaubsbilder_Hotel+Baia+Lara-ch_ub-hid_203532.html?mediaOrder=4&action=detail&detailPage=32#detailView
InternetURL: C:\Users\WinUser\Favorites\Stadtsparkasse München - BLZ 701 500 00 - BIC SSKMDEMM.url -> hxxp://www.sskm.de/sskmwww/sskmwww_prod/sskmwww/index.jsp
InternetURL: C:\Users\WinUser\Favorites\Tchibo Onlineshop  ab 80€ versandkostenfrei online bestellen.url -> hxxp://www.tchibo.de/
InternetURL: C:\Users\WinUser\Favorites\TSV 1860 München - Home.url -> hxxp://www.tsv1860.de/
InternetURL: C:\Users\WinUser\Favorites\Willkommen bei Facebook - anmelden, registrieren oder mehr erfahren.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDION GoPal.url -> hxxp://www.mediongopal.de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDION TV.url -> hxxp://tv.medion.com/player-reiter.php?xmlHtml=main
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONfabrikverkauf.url -> hxxp://www.medion.com/de/fabrikverkauf/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONgames.url -> hxxp://www.mediongames.de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONhome.url -> hxxp://www.medion.com/de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONload.url -> hxxp://www.medionload.de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONmobile.url -> hxxp://www.alditalk.de/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONmusic.url -> hxxp://www.medionmusic.com/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONservice.url -> hxxp://www.medion.com/de/service/start/
InternetURL: C:\Users\WinUser\Favorites\MEDIONwelten\MEDIONshop.url -> hxxp://www.medion.com/de/electronics

==================== End of log =============================
         

JRT

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by WinUser on 12.03.2014 at 20:21:35,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.03.2014 at 20:25:40,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Ich hab dir neben Revo 3 Tools oben gepostet. Bitte abarbeiten und Logfiles posten.