Im Browser sehe ich doppelt unterstrichene Wörter die ein Link sind

K.laus · 16.12.2014, 17:53

habe auf meinem PC mit Firefox als Browser auf Internetseiten doppelt unterstrichene Wörter die mit Werbung verlinkt sind. Wenn ich auf einen neuen Tab über eine Seite gehe macht Firefox mir diese Seite nicht gleich auf sondern zeigt mir eine Werbung. In der Adressliste ist aber der Link der richtigen Seite. Habe auf eigene Faust (bin aber ziemlich unwissend) Adw Cleaner, Malewarebytes und Eset Online durchlaufen lassen. Da gabs immer Fund. Jetzt scheint alles sauber zu sein, dennoch ist das Problem immer noch da.

Bitte um Hilfe

LG

schrauber · 16.12.2014, 18:40

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

K.laus · 16.12.2014, 20:35

Hi,

anbei die zwei Logdateien

hier die frst.txt:
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by user (administrator) on WINDOWS-REP6GI3 on 16-12-2014 20:28:20
Running from C:\Users\user\Downloads
Loaded Profile: user (Available profiles: user)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\mysms\mysms.exe
(HexaD) C:\Program Files\Duplicati\Duplicati.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [E72B1338A84FAC5B92E5F250E30E2E866E45CA98._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [mysms] => C:\Program Files (x86)\mysms\mysms.exe [709632 2014-07-31] ()
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\MountPoints2: L - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\MountPoints2: {423f67f2-d027-11e3-a194-bc5ff4d11bda} - L:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{A40D1F18-2EA2-4299-8410-43112E1E28B5}: [NameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/pac/ch.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\search_engine.xml
FF Extension: LastPass - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\support@lastpass.com [2014-12-15]
FF Extension: W-Foxxer - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{e1bab803-e6d4-4b10-ba4f-3a477d22209a} [2014-12-10]
FF Extension: Cliqz Beta - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\cliqz@cliqz.com.xpi [2014-11-03]
FF Extension: FireGestures - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\firegestures@xuldev.org.xpi [2014-01-31]
FF Extension: Premiumize.me - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-02-14]
FF Extension: Flagfox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-05-02]
FF Extension: AniWeather - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-04-25]
FF Extension: Adblock Edge - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-01-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]
FF HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\extensions\cliqz@cliqz.com
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-12]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR HKLM\...\Chrome\Extension: [Äÿ] - No Path
CHR HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Chrome\Extension: [Äÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [Äÿ] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1045608 2011-07-13] (Realtek Semiconductor Corporation                           )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-16] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 20:28 - 2014-12-16 20:28 - 00019228 _____ () C:\Users\user\Downloads\FRST.txt
2014-12-16 20:28 - 2014-12-16 20:28 - 00000000 ____D () C:\FRST
2014-12-16 20:27 - 2014-12-16 20:27 - 02119168 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-12-16 17:37 - 2014-12-16 17:38 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu(1).exe
2014-12-16 16:37 - 2014-12-16 16:37 - 00852490 _____ () C:\Users\user\Downloads\SecurityCheck.exe
2014-12-16 16:31 - 2014-12-16 16:31 - 00000836 _____ () C:\Users\user\Desktop\JRT.txt
2014-12-16 16:28 - 2014-12-16 16:28 - 01707646 _____ (Thisisu) C:\Users\user\Downloads\JRT64.exe
2014-12-16 16:28 - 2014-12-16 16:28 - 00000000 ____D () C:\Windows\ERUNT
2014-12-16 15:42 - 2014-12-16 15:42 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-12-16 15:42 - 2014-12-16 15:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-16 14:20 - 2014-12-16 17:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 14:20 - 2014-12-16 14:20 - 00001153 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-16 14:19 - 2014-12-16 14:19 - 01177424 _____ () C:\Users\user\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-16 14:02 - 2014-12-16 14:02 - 02166272 _____ () C:\Users\user\Downloads\adwcleaner_4.105(1).exe
2014-12-16 13:44 - 2014-12-16 17:30 - 00000000 ____D () C:\AdwCleaner
2014-12-16 13:44 - 2014-12-16 13:44 - 02166272 _____ () C:\Users\user\Downloads\adwcleaner_4.105.exe
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-13 09:45 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-12-13 00:36 - 2014-12-13 00:36 - 00045222 _____ () C:\Users\user\Documents\Belegeformular_2014_neu2.xlsx
2014-12-13 00:35 - 2014-12-13 00:35 - 00045234 _____ () C:\Users\user\Documents\Belegformular-Abrechnung-Blanko.xlsx
2014-12-12 16:46 - 2014-12-12 16:46 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 16:38 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 16:38 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 06:29 - 2014-12-12 06:29 - 00022528 _____ () C:\Users\user\AppData\Local\dsisetup29311182.exe
2014-12-12 05:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 05:56 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:56 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 05:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 05:56 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 05:56 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 05:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 05:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 05:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 05:56 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 05:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 05:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 05:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 05:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 05:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 05:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 05:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 05:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 05:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 05:52 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:47 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 05:47 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 05:46 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:45 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 05:45 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 21:29 - 2014-12-12 06:29 - 00000002 _____ () C:\Users\user\AppData\Local\DSI.DAT
2014-12-10 07:29 - 2014-12-14 11:29 - 00000133 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-12-10 06:38 - 2014-12-10 06:38 - 00001421 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00001352 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00000000 ____D () C:\Windows\de
2014-12-10 06:37 - 2014-12-10 06:37 - 00000092 _____ () C:\Users\user\Desktop\Radio-Liechtenstein-Hard-Rock.pls
2014-12-10 06:37 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-10 06:36 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-10 06:36 - 2014-12-10 06:36 - 00000195 _____ () C:\Windows\DirectX.log
2014-12-10 06:36 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-10 06:35 - 2014-12-10 06:38 - 00000000 ____D () C:\Users\user\AppData\Local\Windows Live
2014-12-10 06:34 - 2014-12-10 06:35 - 01245384 _____ (Microsoft Corporation) C:\Users\user\Downloads\wlsetup-web.exe
2014-12-10 06:30 - 2014-12-10 06:30 - 00000170 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ___HD () C:\Users\user\AppData\Roaming\GoldenGate
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-10 06:29 - 2014-12-10 06:29 - 07357440 _____ () C:\Users\user\Downloads\WindowsMovieMakerSetup [1].exe
2014-12-10 06:29 - 2014-12-10 06:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\WebTest
2014-12-09 12:27 - 2014-12-10 13:32 - 00000000 ____D () C:\Users\user\Desktop\Urs@BV
2014-12-09 10:33 - 2014-12-09 10:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 19:57 - 2014-12-01 18:20 - 00000097 _____ () C:\Users\user\Downloads\password.txt
2014-12-03 18:40 - 2014-12-03 18:40 - 00015549 _____ () C:\Users\user\Downloads\Sperrung Ihres Amazon-Kontos.html
2014-12-02 20:27 - 2014-12-02 20:29 - 00028672 _____ () C:\Users\user\Desktop\TO DO Liste 02122014..xls
2014-12-02 14:39 - 2014-12-02 14:39 - 00000000 __SHD () C:\Users\user\AppData\Local\EmieBrowserModeList
2014-11-28 11:16 - 2014-11-28 11:16 - 10613248 _____ () C:\Users\user\Downloads\Ralink_3x7x_5x7x_76xx_20140423_WNC v1.0.1.zip
2014-11-27 18:06 - 2014-11-27 18:06 - 08868657 _____ () C:\Users\user\Downloads\ALL_INST_1.12.0022_DASH_20110922_B1.zip
2014-11-27 17:50 - 2014-11-27 17:50 - 06160923 _____ () C:\Users\user\Downloads\Install_Win7_7089_09222014.zip
2014-11-25 15:50 - 2014-12-10 06:20 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-11-25 13:46 - 2014-12-12 14:39 - 00000000 __RHD () C:\MSOCache
2014-11-25 13:40 - 2014-12-16 02:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\SoftGrid Client
2014-11-25 13:40 - 2014-11-25 13:40 - 00000000 ____D () C:\Users\user\AppData\Local\SoftGrid Client
2014-11-25 13:39 - 2014-11-26 00:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-25 13:38 - 2014-11-25 13:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\TP
2014-11-25 13:38 - 2014-11-25 13:38 - 01632144 _____ (Microsoft Corporation) C:\Users\user\Downloads\setupconsumerc2rolw.exe
2014-11-19 06:18 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:18 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:18 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:18 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 19:57 - 2014-02-22 14:22 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-16 19:54 - 2014-05-22 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-16 19:39 - 2014-06-20 14:17 - 00000000 ____D () C:\Users\user\AppData\Local\LogMeIn Hamachi
2014-12-16 17:38 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 17:38 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 17:36 - 2013-01-28 08:48 - 00702476 _____ () C:\Windows\system32\perfh007.dat
2014-12-16 17:36 - 2013-01-28 08:48 - 00150616 _____ () C:\Windows\system32\perfc007.dat
2014-12-16 17:36 - 2009-07-14 06:13 - 01624322 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 17:34 - 2014-01-29 01:20 - 01787355 _____ () C:\Windows\WindowsUpdate.log
2014-12-16 17:32 - 2014-05-22 12:25 - 00000000 ___RD () C:\Users\user\Dropbox
2014-12-16 17:32 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-12-16 17:32 - 2014-02-22 14:22 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-16 17:31 - 2014-11-13 07:50 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-16 17:31 - 2014-01-29 01:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-16 17:31 - 2010-11-21 04:47 - 00152610 _____ () C:\Windows\PFRO.log
2014-12-16 17:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 17:31 - 2009-07-14 05:51 - 00104716 _____ () C:\Windows\setupact.log
2014-12-16 16:29 - 2014-02-14 14:09 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-12-16 14:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-14 12:56 - 2014-10-16 17:32 - 00000000 ____D () C:\Users\user\AppData\Local\PDF24
2014-12-12 20:01 - 2014-11-14 20:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\Duplicati
2014-12-12 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 16:46 - 2014-04-30 23:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 16:41 - 2013-10-01 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 16:39 - 2013-10-01 14:22 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 16:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-12 14:39 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\Thunderbird
2014-12-12 14:39 - 2014-01-31 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 14:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-12 08:24 - 2014-02-21 12:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-12-12 06:21 - 2014-05-22 12:25 - 00001029 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-12-12 06:21 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 10:54 - 2014-05-22 12:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 10:54 - 2014-01-31 17:10 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 10:54 - 2014-01-31 17:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-07 20:01 - 2014-07-12 14:42 - 00000000 ____D () C:\Users\user\AppData\Roaming\MediaMonkey
2014-12-04 07:04 - 2014-01-28 16:34 - 00066360 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-27 17:17 - 2014-01-31 16:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-26 00:15 - 2013-10-01 13:32 - 01654684 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-25 18:01 - 2014-02-14 13:57 - 00000000 ____D () C:\Users\user\Desktop\Monatlich zu tun
2014-11-25 13:39 - 2014-07-23 07:51 - 00001361 _____ () C:\Users\user\Desktop\TO DO Liste 10092014..xls - Verknüpfung.lnk
2014-11-25 11:16 - 2014-09-03 14:34 - 00001311 _____ () C:\Users\user\Desktop\Teamsitzungspunkte.lnk
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 10:28 - 2014-09-26 18:20 - 00025090 _____ () C:\Users\user\Desktop\Sonntag Ersatzdienst Nex.T.odt
2014-11-22 11:13 - 2014-01-31 16:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-19 12:39 - 2014-03-29 08:44 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeaj3ea.dll
C:\Users\user\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\user\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\user\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\user\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll
C:\Users\user\AppData\Local\Temp\sqlite3.exe
C:\Users\user\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:03

==================== End Of Log ============================

--- --- ---

--- --- ---

hier die adition.txt:FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by user at 2014-12-16 20:28:40
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Client (HKLM-x32\...\{BAB4AAD2-93A4-11D4-A165-00508B67A692}) (Version: 5.50.000 - BMD Systemhaus GesmbH)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Duplicati (x64) (HKLM\...\{77BA8977-0BA6-4A83-A741-1DFAD23A6B23}) (Version: 1.3.4 - HexaD)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{405EF630-AF8C-4A69-9CAF-6D5B8C1C005B}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.7137.5001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
mysms Version 2.1.1 (HKLM-x32\...\{48F31003-B5A3-4E17-917A-5DDFF60B9FA2}_is1) (Version: 2.1.1 - Up to Eleven Digital Solutions GmbH)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0182 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Syncios Version 4.1.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.5 - Anvsoft, Inc.)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker Packages (HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Windows Movie Maker Packages) (Version:  - ) <==== ATTENTION
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
WinGeno (HKLM-x32\...\WinGeno_is1) (Version: 1.1.2.2 - Ingo H. de Boer)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1329205785-3825446788-1598842765-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

10-12-2014 22:57:45 Windows Update
12-12-2014 15:38:18 Windows Update
14-12-2014 10:40:06 Revo Uninstaller's restore point - Cliqz
14-12-2014 11:55:46 Revo Uninstaller's restore point - PDF24 Creator 6.8.0
14-12-2014 11:58:20 Revo Uninstaller's restore point - WSE_Vosteran
16-12-2014 12:20:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {40F73AD7-BD7E-4ADE-99E6-B164B1E84C47} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {5169BAA2-745B-44A5-944B-29E8981624CD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {60B623CA-5E20-454E-A36B-05BCB48DC714} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {65B28041-DAA4-45EC-A064-E5796CDEC854} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {81B56EB4-F528-45A1-AA71-8CE31FAF7226} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B3C89E74-F4D1-4287-AF1E-AF6DEC55FA87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {DE04F31C-27FC-4D3D-A991-B88C75252B75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-14 23:42 - 2013-03-14 23:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 23:42 - 2013-03-14 23:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-28 13:02 - 2014-07-31 14:59 - 00709632 _____ () C:\Program Files (x86)\mysms\mysms.exe
2012-05-21 20:41 - 2012-05-21 20:41 - 00131072 _____ () C:\Program Files\Duplicati\LightDatamodel.dll
2012-05-21 20:41 - 2012-05-21 20:41 - 00931840 _____ () C:\Program Files\Duplicati\SQLite\win64\System.Data.SQLite.dll
2013-01-31 15:12 - 2013-01-31 15:12 - 00446464 _____ () C:\Program Files\Duplicati\de-DE\Duplicati.resources.dll
2014-11-02 22:42 - 2014-10-31 16:53 - 00747520 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-08-06 17:16 - 2014-08-06 17:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-16 12:28 - 2014-12-16 12:28 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121600\algo.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-28 13:02 - 2014-03-07 19:56 - 00117262 _____ () C:\Program Files (x86)\mysms\libgcc_s_dw2-1.dll
2014-08-28 13:02 - 2014-03-07 19:56 - 00970766 _____ () C:\Program Files (x86)\mysms\libstdc++-6.dll
2014-08-28 13:02 - 2014-01-15 09:36 - 03347428 _____ () C:\Program Files (x86)\mysms\icuin52.dll
2014-08-28 13:02 - 2014-01-15 09:36 - 01992280 _____ () C:\Program Files (x86)\mysms\icuuc52.dll
2014-08-28 13:02 - 2014-01-15 09:36 - 23544786 _____ () C:\Program Files (x86)\mysms\icudt52.dll
2014-08-28 13:02 - 2014-06-19 12:08 - 01276416 _____ () C:\Program Files (x86)\mysms\platforms\qwindows.dll
2014-08-28 13:02 - 2014-06-19 12:05 - 00031232 _____ () C:\Program Files (x86)\mysms\imageformats\qgif.dll
2014-08-28 13:02 - 2014-06-19 12:06 - 00242176 _____ () C:\Program Files (x86)\mysms\imageformats\qjpeg.dll
2014-08-28 13:02 - 2014-06-19 13:03 - 00076800 _____ () C:\Program Files (x86)\mysms\audio\qtaudio_windows.dll
2014-08-06 17:16 - 2014-08-06 17:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-16 17:31 - 2014-12-16 17:31 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeaj3ea.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-11-02 22:42 - 2014-10-31 15:20 - 00386560 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-11-02 22:42 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-11-02 22:42 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-11-02 22:42 - 2014-04-29 17:11 - 00067072 _____ () C:\Program Files (x86)\Syncios\zlib1.dll
2014-11-02 22:42 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-01-31 16:31 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-01-31 16:31 - 2011-07-07 01:46 - 00704000 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\P2PLib.dll
2014-01-29 01:21 - 2013-03-12 22:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-09 10:33 - 2014-12-09 10:33 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-15 11:41 - 2014-12-15 11:41 - 01020928 _____ () C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-12-10 10:54 - 2014-12-10 10:54 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:059105CB27A024DB

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1329205785-3825446788-1598842765-500 - Administrator - Disabled)
Gast (S-1-5-21-1329205785-3825446788-1598842765-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1329205785-3825446788-1598842765-1004 - Limited - Enabled)
user (S-1-5-21-1329205785-3825446788-1598842765-1000 - Administrator - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2014 05:38:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/16/2014 05:38:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/16/2014 05:31:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2014 05:12:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/16/2014 04:40:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2014 04:32:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/16/2014 05:31:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (12/16/2014 05:30:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Smart Connect Technology Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (12/16/2014 05:30:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/16/2014 05:30:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (12/16/2014 05:38:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_deu(1).exe

Error: (12/16/2014 05:38:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_deu(1).exe

Error: (12/16/2014 05:31:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2014 05:12:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_deu.exe

Error: (12/16/2014 04:40:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2014 04:32:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 32%
Total physical RAM: 7845.28 MB
Available physical RAM: 5294.39 MB
Total Pagefile: 15688.73 MB
Available Pagefile: 13043.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.57 GB) (Free:9.11 GB) NTFS
Drive d: (Back Ups) (Fixed) (Total:400.07 GB) (Free:399.47 GB) NTFS
Drive e: (Aktuelles) (Fixed) (Total:400 GB) (Free:373.49 GB) NTFS
Drive f: (Archiv) (Fixed) (Total:131.32 GB) (Free:131.06 GB) NTFS
Drive l: (Elements) (Fixed) (Total:1862.98 GB) (Free:1795.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 086D20D9)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: EB8AA792)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 17.12.2014, 20:01

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Windows Movie Maker Packages
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

K.laus · 18.12.2014, 17:51

Hi,

hab das jetzt gemacht...

eine Frage:bist du ein Teammitglied das Combofix anordnet ??

habs auf jeden Fall gemacht. Combofix hat, soweit ich das richtig mitbekommen habe automatisch nach der instalation begonnen zu arbeiten. Da sProgramm hat mich aufmerksam gemacht das ich Avira und Avast abdrehe. Das habe ich gemacht und weiter geklikt. Am Ende ist das Programm meiner Ansicht nach hängen geblieben es kam ein Text: erstellt eine .txt Datei dann hat er nchts mehr gemacht. ICh habe das Programm beendet und neugestartet. Dann kam die obengenannte Fehlermeldung. Nochmal neugestartet. Dann keine Verbindung mehr zum Internet (haben ein Netzwerk mit Wlan). Das hab ich jetzt wieder hinbekommen. Leider sind die unterstrichenen Dinger noch immer

Die .txt Datei liegt unter C:/combofix/combofix.txt ist das die die du brauchst? wenn ja, dann hier:

ComboFix 14-12-14.01 - user 18.12.2014 11:23:55.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7845.5172 [GMT 1:00]
ausgeführt von:: C:\Users\user\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

ADS - Windows: deleted 24 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))

C:\Users\user\AppData\Local\dsisetup29311182.exe
C:\Users\user\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
L:\autorun.inf

((((((((((((((((((((((( Dateien erstellt von 2014-11-18 bis 2014-12-18 ))))))))))))))))))))))))))))))

2014-12-18 10:27:37 . 2014-12-18 10:27:37 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-12-18 10:09:25 . 2014-12-18 10:09:26 -------- d-----w- C:\Users\user\AppData\Roaming\Cliqz
2014-12-17 15:36:04 . 2014-12-17 15:36:04 -------- d-----w- C:\Users\user\AppData\Roaming\Avira
2014-12-17 15:35:57 . 2014-12-17 15:35:10 43064 ----a-w- C:\Windows\system32\drivers\avnetflt.sys
2014-12-17 15:33:56 . 2014-11-24 09:23:23 28600 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
2014-12-17 15:33:56 . 2014-11-24 09:23:22 131608 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2014-12-17 15:33:56 . 2014-11-24 09:23:21 119272 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2014-12-17 15:32:45 . 2014-12-17 15:33:55 -------- d-----w- C:\ProgramData\Avira
2014-12-17 15:32:45 . 2014-12-17 15:33:55 -------- d-----w- C:\Program Files (x86)\Avira
2014-12-17 15:32:33 . 2014-12-17 15:32:34 -------- d-----w- C:\ProgramData\Package Cache
2014-12-16 19:28:07 . 2014-12-16 19:28:54 -------- d-----w- C:\FRST
2014-12-16 15:28:34 . 2014-12-16 15:28:34 -------- d-----w- C:\Windows\ERUNT
2014-12-16 14:42:40 . 2014-12-16 14:42:40 -------- d-----w- C:\Program Files (x86)\ESET
2014-12-16 13:20:52 . 2014-12-16 16:32:08 129752 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-12-16 13:20:38 . 2014-12-16 13:20:40 -------- d-----w- C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-16 13:20:38 . 2014-12-16 13:20:38 -------- d-----w- C:\ProgramData\Malwarebytes
2014-12-16 13:20:38 . 2014-11-21 05:14:22 63704 ----a-w- C:\Windows\system32\drivers\mwac.sys
2014-12-16 13:20:38 . 2014-11-21 05:14:12 93400 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2014-12-16 13:20:38 . 2014-11-21 05:14:08 25816 ----a-w- C:\Windows\system32\drivers\mbam.sys
2014-12-16 12:44:34 . 2014-12-16 16:30:53 -------- d-----w- C:\AdwCleaner
2014-12-16 12:20:36 . 2014-12-02 10:26:57 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96EFD3BA-0CBD-4EE0-975E-7B472465CAE3}\mpengine.dll
2014-12-16 07:07:41 . 2014-12-16 07:07:41 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-12-13 08:45:59 . 2009-03-18 16:35:42 33856 ---ha-w- C:\Windows\system32\hamachi.sys
2014-12-12 15:46:18 . 2014-12-12 15:46:18 -------- d-----w- C:\Windows\system32\appraiser
2014-12-12 15:38:33 . 2014-10-18 01:33:13 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-12 15:38:32 . 2014-10-18 02:05:21 4121600 ----a-w- C:\Windows\system32\mf.dll
2014-12-12 04:55:59 . 2014-11-22 03:13:15 25059840 ----a-w- C:\Windows\system32\mshtml.dll
2014-12-12 04:55:59 . 2014-11-22 03:00:50 10949120 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2014-12-12 04:55:59 . 2014-11-22 02:08:07 1016832 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-12-12 04:53:27 . 2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\system32\aitstatic.exe
2014-12-12 04:53:26 . 2014-12-04 02:50:55 413184 ----a-w- C:\Windows\system32\generaltel.dll
2014-12-12 04:53:26 . 2014-12-04 02:50:45 741376 ----a-w- C:\Windows\system32\invagent.dll
2014-12-12 04:53:26 . 2014-12-04 02:50:40 396800 ----a-w- C:\Windows\system32\devinv.dll
2014-12-12 04:53:26 . 2014-12-04 02:50:37 227328 ----a-w- C:\Windows\system32\aepdu.dll
2014-12-12 04:53:26 . 2014-12-04 02:50:37 192000 ----a-w- C:\Windows\system32\aepic.dll
2014-12-12 04:53:26 . 2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\system32\aeinv.dll
2014-12-12 04:52:26 . 2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\system32\WindowsCodecs.dll
2014-12-12 04:52:25 . 2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-12-12 04:52:14 . 2014-11-11 01:46:26 119296 ----a-w- C:\Windows\system32\drivers\tdx.sys
2014-12-12 04:47:14 . 2014-10-30 02:03:43 165888 ----a-w- C:\Windows\system32\charmap.exe
2014-12-12 04:47:14 . 2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-12-12 04:46:59 . 2014-10-03 02:12:23 310272 ----a-w- C:\Windows\system32\WsmWmiPl.dll
2014-12-12 04:46:59 . 2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\system32\WsmSvc.dll
2014-12-12 04:46:59 . 2014-10-03 02:12:22 346624 ----a-w- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 04:46:59 . 2014-10-03 02:12:22 181248 ----a-w- C:\Windows\system32\WsmAuto.dll
2014-12-12 04:46:59 . 2014-10-03 02:11:49 266240 ----a-w- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 04:46:59 . 2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-12-12 04:46:59 . 2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-12-12 04:46:59 . 2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-12-12 04:46:59 . 2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-12-12 04:46:59 . 2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-12-12 04:45:56 . 2014-11-08 03:16:08 2048 ----a-w- C:\Windows\system32\tzres.dll
2014-12-12 04:45:56 . 2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-12-10 05:38:15 . 2014-12-10 05:38:15 -------- d-----w- C:\Windows\de
2014-12-10 05:37:23 . 2014-12-10 05:37:23 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-10 05:35:32 . 2014-12-10 05:38:37 -------- d-----w- C:\Users\user\AppData\Local\Windows Live
2014-12-10 05:35:11 . 2014-12-10 05:35:11 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2014-12-10 05:30:17 . 2014-12-10 05:30:21 -------- d--h--w- C:\Users\user\AppData\Roaming\GoldenGate
2014-12-10 05:30:14 . 2014-12-10 05:30:14 -------- d-----w- C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-10 05:29:10 . 2014-12-10 05:29:10 -------- d-----w- C:\Users\user\AppData\Roaming\WebTest
2014-12-02 13:39:06 . 2014-12-02 13:39:06 -------- d-sh--w- C:\Users\user\AppData\Local\EmieBrowserModeList
2014-11-25 14:50:22 . 2014-12-10 05:20:33 -------- d-----w- C:\ProgramData\VirtualizedApplications
2014-11-25 12:46:32 . 2014-12-12 13:39:23 -------- d-----r- C:\MSOCache
2014-11-25 12:40:12 . 2014-12-17 16:29:36 -------- d-----w- C:\Users\user\AppData\Roaming\SoftGrid Client
2014-11-25 12:40:12 . 2014-11-25 12:40:13 -------- d-----w- C:\Users\user\AppData\Local\SoftGrid Client
2014-11-25 12:39:26 . 2014-11-25 23:15:23 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-25 12:39:26 . 2014-11-25 12:39:26 -------- d-----w- C:\Windows\PCHEALTH
2014-11-25 12:39:26 . 2014-11-25 12:39:26 -------- d-----w- C:\Program Files\Microsoft Office
2014-11-25 12:38:51 . 2014-11-25 12:39:51 -------- d-----w- C:\Users\user\AppData\Roaming\TP
2014-11-19 05:18:08 . 2014-11-11 03:08:52 241152 ----a-w- C:\Windows\system32\pku2u.dll
2014-11-19 05:18:08 . 2014-11-11 03:08:48 728064 ----a-w- C:\Windows\system32\kerberos.dll
2014-11-19 05:18:08 . 2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 05:18:08 . 2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
.

(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-12-18 10:28:10 . 2014-11-13 06:50:53 94656 ----a-w- C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-18 10:28:10 . 2014-01-29 00:25:17 34752 ----a-w- C:\Windows\system32\drivers\WPRO_41_2001.sys
2014-12-12 15:39:02 . 2013-10-01 13:22:53 112710672 ----a-w- C:\Windows\system32\MRT.exe
2014-12-10 09:54:07 . 2014-01-31 16:10:05 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 09:54:07 . 2014-01-31 16:10:05 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-10 05:37:10 . 2012-07-17 13:37:10 23256 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-24 13:04:56 . 2010-11-21 03:27:21 275080 ------w- C:\Windows\system32\MpSigStub.exe
2014-11-22 10:13:08 . 2014-01-31 15:54:55 1041168 ----a-w- C:\Windows\system32\drivers\aswsnx.sys
2014-10-25 01:57:59 . 2014-11-12 13:18:49 77824 ----a-w- C:\Windows\system32\packager.dll
2014-10-25 01:32:37 . 2014-11-12 13:18:49 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 . 2014-11-12 13:18:13 861696 ----a-w- C:\Windows\system32\oleaut32.dll
2014-10-18 01:33:18 . 2014-11-12 13:18:13 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 . 2014-11-12 13:19:35 155064 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13:06 . 2014-11-12 13:19:35 683520 ----a-w- C:\Windows\system32\termsrv.dll
2014-10-14 02:13:00 . 2014-11-12 13:18:48 3241984 ----a-w- C:\Windows\system32\msi.dll
2014-10-14 02:12:57 . 2014-11-12 13:19:35 1460736 ----a-w- C:\Windows\system32\lsasrv.dll
2014-10-14 02:09:31 . 2014-11-12 13:19:34 146432 ----a-w- C:\Windows\system32\msaudite.dll
2014-10-14 02:07:31 . 2014-11-12 13:19:35 681984 ----a-w- C:\Windows\system32\adtschema.dll
2014-10-14 01:50:47 . 2014-11-12 13:19:34 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 . 2014-11-12 13:18:48 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 . 2014-11-12 13:19:34 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 . 2014-11-12 13:19:34 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 . 2014-11-12 13:19:35 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 . 2014-11-12 13:18:49 3198976 ----a-w- C:\Windows\system32\win32k.sys
2014-10-03 02:12:00 . 2014-11-12 13:18:53 500224 ----a-w- C:\Windows\system32\AUDIOKSE.dll
2014-10-03 02:11:54 . 2014-11-12 13:18:52 284672 ----a-w- C:\Windows\system32\EncDump.dll
2014-10-03 02:11:51 . 2014-11-12 13:18:52 680960 ----a-w- C:\Windows\system32\audiosrv.dll
2014-10-03 02:11:51 . 2014-11-12 13:18:52 440832 ----a-w- C:\Windows\system32\AudioEng.dll
2014-10-03 02:11:51 . 2014-11-12 13:18:52 296448 ----a-w- C:\Windows\system32\AudioSes.dll
2014-10-03 01:44:42 . 2014-11-12 13:18:53 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 . 2014-11-12 13:18:52 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 . 2014-11-12 13:18:52 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-09-25 02:08:38 . 2014-10-01 04:54:01 371712 ----a-w- C:\Windows\system32\qdvd.dll
2014-09-25 01:40:50 . 2014-10-01 04:54:01 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E72B1338A84FAC5B92E5F250E30E2E866E45CA98._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-12-06 01:50:53 856904]
"mysms"="C:\Program Files (x86)\mysms\mysms.exe" [2014-07-31 13:59:18 709632]
"GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-12-06 01:50:53 856904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-03-12 21:20:16 134616]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-11 03:11:06 292848]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2014-08-06 16:16:43 4085896]
"CloneCDTray"="C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 22:20:49 57344]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 10:29:36 256896]
"Syncios device service"="C:\Program Files (x86)\Syncios\SynciosDeviceService.exe" [2014-10-31 15:53:38 747520]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 04:42:34 157480]
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 16:01:28 3838800]
"Avira Systray"="C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 13:13:32 126200]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-11-24 09:23:21 702768]

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Duplicati.lnk - C:\Program Files\Duplicati\Duplicati.exe [2013-1-31 1456640]
iSCTsysTray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-3-14 248296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

danke erstmal für die hle (und weiterhilfe)

lg

Klaus

schrauber · 18.12.2014, 21:31

Zitat:

eine Frage:bist du ein Teammitglied das Combofix anordnet ??

Ja. In diesem Bereich des Forums können nur Mitglieder des Teams antworten.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

K.laus · 19.12.2014, 23:16

Hi Schrauber,

in der Zwischenzeit war ein Kollege am Rechner, der über meine Konversation mit Dir nichts wußte, und hat HijackThis drüberlaufen lassen und die seiner Meinung nach relevanten Einträge gefixt. Seither erscheinen dieses doppelt unterstrichenen Worte nicht mehr, trotzdem habe ich nun alle von Dir angeforderten Tests laufen lassen, sicher ist sicher. Hier die Ergebnisse.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 19.12.2014
Suchlauf-Zeit: 16:03:30
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.19.05
Rootkit Datenbank: v2014.12.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: user

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 327299
Verstrichene Zeit: 4 Min, 43 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v4.105 - Bericht erstellt am 19/12/2014 um 17:34:00
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-16.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : user - WINDOWS-REP6GI3
# Gestartet von : C:\Users\user\Downloads\adwcleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 de)

[q60ukz7x.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aniweather.timeShifted", 1117465);

-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [6672 octets] - [16/12/2014 13:44:58]
AdwCleaner[R1].txt - [1873 octets] - [16/12/2014 14:02:24]
AdwCleaner[R2].txt - [1249 octets] - [16/12/2014 17:30:05]
AdwCleaner[R3].txt - [1700 octets] - [19/12/2014 16:32:45]
AdwCleaner[S0].txt - [5870 octets] - [16/12/2014 13:49:42]
AdwCleaner[S1].txt - [1979 octets] - [16/12/2014 14:03:10]
AdwCleaner[S2].txt - [1274 octets] - [16/12/2014 17:30:52]
AdwCleaner[S3].txt - [1576 octets] - [19/12/2014 17:34:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1636 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by user on 19.12.2014 at 17:42:36,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.12.2014 at 17:45:46,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by user (administrator) on WINDOWS-REP6GI3 on 19-12-2014 23:03:14
Running from C:\Users\user\Downloads
Loaded Profile: user (Available profiles: user)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\mysms\mysms.exe
(HexaD) C:\Program Files\Duplicati\Duplicati.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-19] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [E72B1338A84FAC5B92E5F250E30E2E866E45CA98._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [mysms] => C:\Program Files (x86)\mysms\mysms.exe [709632 2014-07-31] ()
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/pac/ch.pac"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\search_engine.xml
FF Extension: Avira Browser Safety - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\abs@avira.com [2014-12-17]
FF Extension: FireGestures - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\firegestures@xuldev.org.xpi [2014-01-31]
FF Extension: Premiumize.me - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-02-14]
FF Extension: Flagfox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-05-02]
FF Extension: AniWeather - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-04-25]
FF Extension: Adblock Edge - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-01-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]
FF HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\extensions\cliqz@cliqz.com
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-12]
CHR Extension: (Avira Browserschutz) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-18]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [Äÿ] - No Path
CHR HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Chrome\Extension: [Äÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-19]
CHR HKLM-x32\...\Chrome\Extension: [Äÿ] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-19] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1045608 2011-07-13] (Realtek Semiconductor Corporation                           )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 23:03 - 2014-12-19 23:03 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-12-19 17:47 - 2014-12-19 17:47 - 00000624 _____ () C:\Users\user\Desktop\JRT-1.txt
2014-12-19 17:40 - 2014-12-19 17:40 - 00001724 _____ () C:\Users\user\Desktop\AdwCleaner[S3].txt
2014-12-19 17:26 - 2014-12-19 17:26 - 01707646 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-12-19 16:00 - 2014-12-19 17:34 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-19 15:37 - 2014-12-19 15:37 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-19 15:37 - 2014-12-19 15:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-19 15:37 - 2014-12-19 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-19 15:29 - 2014-12-19 15:29 - 00000000 ____D () C:\Users\user\Downloads\backups
2014-12-19 14:50 - 2014-12-19 14:50 - 00003142 _____ () C:\Windows\System32\Tasks\{65E7B8FD-719B-4AEF-84DD-56986318DDDB}
2014-12-19 14:44 - 2014-12-19 14:51 - 00012029 _____ () C:\Users\user\Downloads\hijackthis.log
2014-12-19 14:36 - 2014-12-19 14:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\user\Downloads\HiJackThis204.exe
2014-12-18 18:59 - 2014-12-18 18:57 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-18 18:57 - 2014-12-19 15:59 - 00000000 ____D () C:\Users\user\AppData\Roaming\Avira
2014-12-18 18:57 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-18 18:57 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-18 18:57 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-18 18:53 - 2014-12-19 15:49 - 00000000 ____D () C:\ProgramData\Avira
2014-12-18 18:52 - 2014-12-18 18:52 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\user\Downloads\avira_de_av___ws.exe
2014-12-18 11:23 - 2014-12-18 11:30 - 00000000 ____D () C:\ComboFix
2014-12-18 11:23 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-18 11:23 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-18 11:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-18 11:15 - 2014-12-18 11:27 - 00000000 ____D () C:\Qoobox
2014-12-18 11:14 - 2014-12-18 11:30 - 00000000 ____D () C:\Windows\erdnt
2014-12-18 11:12 - 2014-12-18 11:12 - 05601641 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-12-18 11:09 - 2014-12-18 11:09 - 00001315 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-12-18 11:09 - 2014-12-18 11:09 - 00000000 ____D () C:\Users\user\AppData\Roaming\Cliqz
2014-12-18 11:08 - 2014-12-18 11:08 - 01174352 _____ () C:\Users\user\Downloads\Revo Uninstaller - CHIP-Installer.exe
2014-12-18 08:31 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 08:31 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 16:32 - 2014-12-19 15:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-17 16:32 - 2014-12-17 16:32 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\user\Downloads\avira_de_av_5659909440__ws.exe
2014-12-16 20:28 - 2014-12-19 23:03 - 00020187 _____ () C:\Users\user\Downloads\FRST.txt
2014-12-16 20:28 - 2014-12-19 23:03 - 00000000 ____D () C:\FRST
2014-12-16 20:28 - 2014-12-16 20:29 - 00027874 _____ () C:\Users\user\Downloads\Addition.txt
2014-12-16 20:27 - 2014-12-19 23:03 - 02121216 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-12-16 17:37 - 2014-12-16 17:38 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu(1).exe
2014-12-16 16:37 - 2014-12-16 16:37 - 00852490 _____ () C:\Users\user\Downloads\SecurityCheck.exe
2014-12-16 16:28 - 2014-12-16 16:28 - 01707646 _____ (Thisisu) C:\Users\user\Downloads\JRT64.exe
2014-12-16 16:28 - 2014-12-16 16:28 - 00000000 ____D () C:\Windows\ERUNT
2014-12-16 15:42 - 2014-12-16 15:42 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-12-16 15:42 - 2014-12-16 15:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-16 14:20 - 2014-12-19 16:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 14:20 - 2014-12-16 14:20 - 00001153 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-16 14:19 - 2014-12-16 14:19 - 01177424 _____ () C:\Users\user\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-16 13:44 - 2014-12-19 17:34 - 00000000 ____D () C:\AdwCleaner
2014-12-16 13:44 - 2014-12-16 13:44 - 02166272 _____ () C:\Users\user\Downloads\adwcleaner_4.105.exe
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-13 09:45 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-12-13 00:36 - 2014-12-13 00:36 - 00045222 _____ () C:\Users\user\Documents\Belegeformular_2014_neu2.xlsx
2014-12-13 00:35 - 2014-12-13 00:35 - 00045234 _____ () C:\Users\user\Documents\Belegformular-Abrechnung-Blanko.xlsx
2014-12-12 16:46 - 2014-12-12 16:46 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 16:38 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 16:38 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 05:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 05:56 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:56 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 05:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 05:56 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 05:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 05:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 05:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 05:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 05:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 05:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 05:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 05:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 05:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 05:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 05:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 05:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 05:52 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:47 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 05:47 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 05:46 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:45 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 05:45 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 21:29 - 2014-12-12 06:29 - 00000002 _____ () C:\Users\user\AppData\Local\DSI.DAT
2014-12-10 07:29 - 2014-12-14 11:29 - 00000133 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-12-10 06:38 - 2014-12-10 06:38 - 00001421 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00001352 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00000000 ____D () C:\Windows\de
2014-12-10 06:37 - 2014-12-10 06:37 - 00000092 _____ () C:\Users\user\Desktop\Radio-Liechtenstein-Hard-Rock.pls
2014-12-10 06:37 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-10 06:36 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-10 06:36 - 2014-12-10 06:36 - 00000195 _____ () C:\Windows\DirectX.log
2014-12-10 06:36 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-10 06:35 - 2014-12-10 06:38 - 00000000 ____D () C:\Users\user\AppData\Local\Windows Live
2014-12-10 06:34 - 2014-12-10 06:35 - 01245384 _____ (Microsoft Corporation) C:\Users\user\Downloads\wlsetup-web.exe
2014-12-10 06:30 - 2014-12-10 06:30 - 00000170 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ___HD () C:\Users\user\AppData\Roaming\GoldenGate
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-10 06:29 - 2014-12-10 06:29 - 07357440 _____ () C:\Users\user\Downloads\WindowsMovieMakerSetup [1].exe
2014-12-10 06:29 - 2014-12-10 06:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\WebTest
2014-12-09 12:27 - 2014-12-10 13:32 - 00000000 ____D () C:\Users\user\Desktop\Urs@BV
2014-12-09 10:33 - 2014-12-09 10:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 19:57 - 2014-12-01 18:20 - 00000097 _____ () C:\Users\user\Downloads\password.txt
2014-12-03 18:40 - 2014-12-03 18:40 - 00015549 _____ () C:\Users\user\Downloads\Sperrung Ihres Amazon-Kontos.html
2014-12-02 20:27 - 2014-12-02 20:29 - 00028672 _____ () C:\Users\user\Desktop\TO DO Liste 02122014..xls
2014-12-02 14:39 - 2014-12-02 14:39 - 00000000 __SHD () C:\Users\user\AppData\Local\EmieBrowserModeList
2014-11-28 11:16 - 2014-11-28 11:16 - 10613248 _____ () C:\Users\user\Downloads\Ralink_3x7x_5x7x_76xx_20140423_WNC v1.0.1.zip
2014-11-27 18:06 - 2014-11-27 18:06 - 08868657 _____ () C:\Users\user\Downloads\ALL_INST_1.12.0022_DASH_20110922_B1.zip
2014-11-27 17:50 - 2014-11-27 17:50 - 06160923 _____ () C:\Users\user\Downloads\Install_Win7_7089_09222014.zip
2014-11-25 15:50 - 2014-12-10 06:20 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-11-25 13:46 - 2014-12-12 14:39 - 00000000 ___RD () C:\MSOCache
2014-11-25 13:40 - 2014-12-19 15:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\SoftGrid Client
2014-11-25 13:40 - 2014-11-25 13:40 - 00000000 ____D () C:\Users\user\AppData\Local\SoftGrid Client
2014-11-25 13:39 - 2014-11-26 00:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-25 13:38 - 2014-11-25 13:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\TP
2014-11-25 13:38 - 2014-11-25 13:38 - 01632144 _____ (Microsoft Corporation) C:\Users\user\Downloads\setupconsumerc2rolw.exe
2014-11-19 06:18 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:18 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:18 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:18 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 22:57 - 2014-02-22 14:22 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 22:54 - 2014-05-22 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 22:54 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 22:54 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 22:50 - 2014-01-29 01:20 - 02014828 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 22:50 - 2009-07-14 05:51 - 00106016 _____ () C:\Windows\setupact.log
2014-12-19 22:31 - 2014-06-20 14:17 - 00000000 ____D () C:\Users\user\AppData\Local\LogMeIn Hamachi
2014-12-19 22:15 - 2014-11-14 20:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\Duplicati
2014-12-19 17:58 - 2014-06-11 13:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-19 17:40 - 2014-05-22 12:25 - 00000000 ___RD () C:\Users\user\Dropbox
2014-12-19 17:40 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-12-19 17:39 - 2014-02-22 14:22 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 17:38 - 2013-01-28 08:48 - 00702476 _____ () C:\Windows\system32\perfh007.dat
2014-12-19 17:38 - 2013-01-28 08:48 - 00150616 _____ () C:\Windows\system32\perfc007.dat
2014-12-19 17:38 - 2009-07-14 06:13 - 01624322 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 17:34 - 2014-01-29 01:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-19 17:34 - 2010-11-21 04:47 - 00434966 _____ () C:\Windows\PFRO.log
2014-12-19 17:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 16:00 - 2009-07-14 05:45 - 00302000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-19 15:49 - 2014-01-28 16:34 - 00066760 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-19 15:37 - 2014-08-06 17:16 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-19 14:37 - 2014-01-28 16:33 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-12-18 17:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 11:28 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-18 11:09 - 2014-01-31 16:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-16 16:29 - 2014-02-14 14:09 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-12-16 14:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-14 12:56 - 2014-10-16 17:32 - 00000000 ____D () C:\Users\user\AppData\Local\PDF24
2014-12-12 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 16:46 - 2014-04-30 23:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 16:41 - 2013-10-01 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 16:39 - 2013-10-01 14:22 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 14:39 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\Thunderbird
2014-12-12 14:39 - 2014-01-31 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 14:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-12 08:24 - 2014-02-21 12:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-12-12 06:21 - 2014-05-22 12:25 - 00001029 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-12-12 06:21 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 10:54 - 2014-05-22 12:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 10:54 - 2014-01-31 17:10 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 10:54 - 2014-01-31 17:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-07 20:01 - 2014-07-12 14:42 - 00000000 ____D () C:\Users\user\AppData\Roaming\MediaMonkey
2014-11-26 00:15 - 2013-10-01 13:32 - 01654684 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-25 18:01 - 2014-02-14 13:57 - 00000000 ____D () C:\Users\user\Desktop\Monatlich zu tun
2014-11-25 13:39 - 2014-07-23 07:51 - 00001361 _____ () C:\Users\user\Desktop\TO DO Liste 10092014..xls - Verknüpfung.lnk
2014-11-25 11:16 - 2014-09-03 14:34 - 00001311 _____ () C:\Users\user\Desktop\Teamsitzungspunkte.lnk
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 10:28 - 2014-09-26 18:20 - 00025090 _____ () C:\Users\user\Desktop\Sonntag Ersatzdienst Nex.T.odt
2014-11-19 12:39 - 2014-03-29 08:44 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp42zrur.dll
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:03

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

schrauber · 20.12.2014, 20:21

Dann sag deinem Kollegen mal nen schönen Gruß, Hijackthis nutzt keine Sau mehr. Das Ding ist seit Jahren out of date

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

K.laus · 22.12.2014, 19:50

Hi,

also ist (glaub ich) alles wieder gut... vielen dank für die hilfe hier die logs:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Java version 32-bit out of Date! 
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Mozilla Firefox (34.0.5) 
 Mozilla Thunderbird (31.3.0) 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by user (administrator) on WINDOWS-REP6GI3 on 22-12-2014 19:49:27
Running from C:\Users\user\Downloads
Loaded Profile: user (Available profiles: user)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\mysms\mysms.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(HexaD) C:\Program Files\Duplicati\Duplicati.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-19] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [E72B1338A84FAC5B92E5F250E30E2E866E45CA98._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [mysms] => C:\Program Files (x86)\mysms\mysms.exe [709632 2014-07-31] ()
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/pac/ch.pac"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\searchplugins\search_engine.xml
FF Extension: LastPass - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\support@lastpass.com [2014-12-20]
FF Extension: FireGestures - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\firegestures@xuldev.org.xpi [2014-01-31]
FF Extension: Flagfox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-05-02]
FF Extension: AniWeather - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-04-25]
FF Extension: Adblock Edge - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q60ukz7x.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-01-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-12]
CHR Extension: (Avira Browserschutz) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-18]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [Äÿ] - No Path
CHR HKU\S-1-5-21-1329205785-3825446788-1598842765-1000\...\Chrome\Extension: [Äÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-19]
CHR HKLM-x32\...\Chrome\Extension: [Äÿ] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-19] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1045608 2011-07-13] (Realtek Semiconductor Corporation                           )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-22] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 19:44 - 2014-12-22 19:44 - 00852505 _____ () C:\Users\user\Downloads\SecurityCheck(1).exe
2014-12-22 13:33 - 2014-12-22 13:33 - 00045070 _____ () C:\Users\user\Documents\Kastlunger F.A. Dez 14.xlsx
2014-12-22 13:24 - 2014-12-22 13:24 - 00046059 _____ () C:\Users\user\Documents\Kastlunger Dez 2014 1.xlsx
2014-12-22 11:25 - 2014-12-22 12:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-22 06:54 - 2014-12-22 06:54 - 00001417 _____ () C:\Users\user\Desktop\TO DO Liste 02122014..xls - Verknüpfung.lnk
2014-12-20 11:32 - 2014-12-20 11:32 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-12-20 11:32 - 2014-12-20 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-12-20 11:31 - 2014-12-20 11:32 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-12-20 11:30 - 2014-12-20 11:31 - 14147584 _____ () C:\Users\user\Downloads\lastpass_x64.exe
2014-12-19 23:03 - 2014-12-22 19:48 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-12-19 17:26 - 2014-12-19 17:26 - 01707646 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-12-19 16:00 - 2014-12-22 06:21 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-19 15:37 - 2014-12-19 15:37 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-19 15:37 - 2014-12-19 15:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-19 15:37 - 2014-12-19 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-19 15:29 - 2014-12-19 15:29 - 00000000 ____D () C:\Users\user\Downloads\backups
2014-12-19 14:50 - 2014-12-19 14:50 - 00003142 _____ () C:\Windows\System32\Tasks\{65E7B8FD-719B-4AEF-84DD-56986318DDDB}
2014-12-19 14:44 - 2014-12-19 14:51 - 00012029 _____ () C:\Users\user\Downloads\hijackthis.log
2014-12-19 14:36 - 2014-12-19 14:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\user\Downloads\HiJackThis204.exe
2014-12-18 18:59 - 2014-12-18 18:57 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-18 18:57 - 2014-12-19 15:59 - 00000000 ____D () C:\Users\user\AppData\Roaming\Avira
2014-12-18 18:57 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-18 18:57 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-18 18:57 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-18 18:53 - 2014-12-19 15:49 - 00000000 ____D () C:\ProgramData\Avira
2014-12-18 18:52 - 2014-12-18 18:52 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\user\Downloads\avira_de_av___ws.exe
2014-12-18 11:23 - 2014-12-18 11:30 - 00000000 ____D () C:\ComboFix
2014-12-18 11:23 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-18 11:23 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-18 11:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-18 11:23 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-18 11:15 - 2014-12-18 11:27 - 00000000 ____D () C:\Qoobox
2014-12-18 11:14 - 2014-12-18 11:30 - 00000000 ____D () C:\Windows\erdnt
2014-12-18 11:12 - 2014-12-18 11:12 - 05601641 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-12-18 11:09 - 2014-12-18 11:09 - 00001315 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-12-18 11:08 - 2014-12-18 11:08 - 01174352 _____ () C:\Users\user\Downloads\Revo Uninstaller - CHIP-Installer.exe
2014-12-18 08:31 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 08:31 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 16:32 - 2014-12-19 15:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-17 16:32 - 2014-12-17 16:32 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\user\Downloads\avira_de_av_5659909440__ws.exe
2014-12-16 20:28 - 2014-12-22 19:49 - 00020671 _____ () C:\Users\user\Downloads\FRST.txt
2014-12-16 20:28 - 2014-12-22 19:49 - 00000000 ____D () C:\FRST
2014-12-16 20:28 - 2014-12-16 20:29 - 00027874 _____ () C:\Users\user\Downloads\Addition.txt
2014-12-16 20:27 - 2014-12-22 19:48 - 02122240 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-12-16 17:37 - 2014-12-16 17:38 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu(1).exe
2014-12-16 16:37 - 2014-12-16 16:37 - 00852490 _____ () C:\Users\user\Downloads\SecurityCheck.exe
2014-12-16 16:28 - 2014-12-16 16:28 - 01707646 _____ (Thisisu) C:\Users\user\Downloads\JRT64.exe
2014-12-16 16:28 - 2014-12-16 16:28 - 00000000 ____D () C:\Windows\ERUNT
2014-12-16 15:42 - 2014-12-16 15:42 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-12-16 15:42 - 2014-12-16 15:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-16 14:20 - 2014-12-19 16:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 14:20 - 2014-12-16 14:20 - 00001153 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-16 14:20 - 2014-12-16 14:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-16 14:20 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-16 14:20 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-16 14:19 - 2014-12-16 14:19 - 01177424 _____ () C:\Users\user\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-16 13:44 - 2014-12-19 17:34 - 00000000 ____D () C:\AdwCleaner
2014-12-16 13:44 - 2014-12-16 13:44 - 02166272 _____ () C:\Users\user\Downloads\adwcleaner_4.105.exe
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-16 08:07 - 2014-12-16 08:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-13 09:45 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-12-13 00:36 - 2014-12-13 00:36 - 00045222 _____ () C:\Users\user\Documents\Belegeformular_2014_neu2.xlsx
2014-12-13 00:35 - 2014-12-13 00:35 - 00045234 _____ () C:\Users\user\Documents\Belegformular-Abrechnung-Blanko.xlsx
2014-12-12 16:46 - 2014-12-12 16:46 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 16:38 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 16:38 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 05:56 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 05:56 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:56 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 05:56 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 05:56 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 05:56 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 05:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 05:56 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:56 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:56 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 05:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:56 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:56 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:56 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:56 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:56 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 05:56 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 05:56 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:56 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 05:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 05:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:56 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 05:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 05:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 05:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 05:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 05:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 05:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 05:52 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:52 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:47 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 05:47 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 05:46 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:45 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 05:45 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 21:29 - 2014-12-12 06:29 - 00000002 _____ () C:\Users\user\AppData\Local\DSI.DAT
2014-12-10 07:29 - 2014-12-14 11:29 - 00000133 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-12-10 06:38 - 2014-12-10 06:38 - 00001421 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00001352 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-10 06:38 - 2014-12-10 06:38 - 00000000 ____D () C:\Windows\de
2014-12-10 06:37 - 2014-12-10 06:37 - 00000092 _____ () C:\Users\user\Desktop\Radio-Liechtenstein-Hard-Rock.pls
2014-12-10 06:37 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-10 06:36 - 2014-12-10 06:37 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-10 06:36 - 2014-12-10 06:36 - 00000195 _____ () C:\Windows\DirectX.log
2014-12-10 06:36 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-10 06:36 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-10 06:36 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-10 06:36 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-10 06:35 - 2014-12-10 06:38 - 00000000 ____D () C:\Users\user\AppData\Local\Windows Live
2014-12-10 06:34 - 2014-12-10 06:35 - 01245384 _____ (Microsoft Corporation) C:\Users\user\Downloads\wlsetup-web.exe
2014-12-10 06:30 - 2014-12-10 06:30 - 00000170 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ___HD () C:\Users\user\AppData\Roaming\GoldenGate
2014-12-10 06:30 - 2014-12-10 06:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-10 06:29 - 2014-12-10 06:29 - 07357440 _____ () C:\Users\user\Downloads\WindowsMovieMakerSetup [1].exe
2014-12-10 06:29 - 2014-12-10 06:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\WebTest
2014-12-09 12:27 - 2014-12-10 13:32 - 00000000 ____D () C:\Users\user\Desktop\Urs@BV
2014-12-09 10:33 - 2014-12-09 10:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 19:57 - 2014-12-01 18:20 - 00000097 _____ () C:\Users\user\Downloads\password.txt
2014-12-03 18:40 - 2014-12-03 18:40 - 00015549 _____ () C:\Users\user\Downloads\Sperrung Ihres Amazon-Kontos.html
2014-12-02 20:27 - 2014-12-02 20:29 - 00028672 _____ () C:\Users\user\Desktop\TO DO Liste 02122014..xls
2014-12-02 14:39 - 2014-12-02 14:39 - 00000000 __SHD () C:\Users\user\AppData\Local\EmieBrowserModeList
2014-11-28 11:16 - 2014-11-28 11:16 - 10613248 _____ () C:\Users\user\Downloads\Ralink_3x7x_5x7x_76xx_20140423_WNC v1.0.1.zip
2014-11-27 18:06 - 2014-11-27 18:06 - 08868657 _____ () C:\Users\user\Downloads\ALL_INST_1.12.0022_DASH_20110922_B1.zip
2014-11-27 17:50 - 2014-11-27 17:50 - 06160923 _____ () C:\Users\user\Downloads\Install_Win7_7089_09222014.zip
2014-11-25 15:50 - 2014-12-10 06:20 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-11-25 13:46 - 2014-12-12 14:39 - 00000000 ___RD () C:\MSOCache
2014-11-25 13:40 - 2014-12-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\SoftGrid Client
2014-11-25 13:40 - 2014-11-25 13:40 - 00000000 ____D () C:\Users\user\AppData\Local\SoftGrid Client
2014-11-25 13:39 - 2014-11-26 00:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-25 13:39 - 2014-11-25 13:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-25 13:38 - 2014-11-25 13:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\TP
2014-11-25 13:38 - 2014-11-25 13:38 - 01632144 _____ (Microsoft Corporation) C:\Users\user\Downloads\setupconsumerc2rolw.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 18:57 - 2014-02-22 14:22 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-22 18:54 - 2014-05-22 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 14:29 - 2009-07-14 05:51 - 00106856 _____ () C:\Windows\setupact.log
2014-12-22 13:57 - 2014-02-22 14:22 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 12:29 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\user\AppData\Local\Thunderbird
2014-12-22 11:26 - 2014-01-29 01:20 - 02089710 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 06:28 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 06:28 - 2009-07-14 05:45 - 00032560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 06:25 - 2013-01-28 08:48 - 00702476 _____ () C:\Windows\system32\perfh007.dat
2014-12-22 06:25 - 2013-01-28 08:48 - 00150616 _____ () C:\Windows\system32\perfc007.dat
2014-12-22 06:25 - 2009-07-14 06:13 - 01624322 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-22 06:23 - 2014-05-22 12:25 - 00000000 ___RD () C:\Users\user\Dropbox
2014-12-22 06:23 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-12-22 06:22 - 2014-06-20 14:17 - 00000000 ____D () C:\Users\user\AppData\Local\LogMeIn Hamachi
2014-12-22 06:21 - 2014-01-29 01:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-22 06:21 - 2010-11-21 04:47 - 00435964 _____ () C:\Windows\PFRO.log
2014-12-22 06:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 22:15 - 2014-11-14 20:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\Duplicati
2014-12-19 16:00 - 2009-07-14 05:45 - 00302000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-19 15:49 - 2014-01-28 16:34 - 00066760 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-19 15:37 - 2014-08-06 17:16 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-19 15:37 - 2014-01-31 16:54 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-19 14:37 - 2014-01-28 16:33 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-12-18 17:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 11:28 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-18 11:09 - 2014-01-31 16:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-16 16:29 - 2014-02-14 14:09 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-12-16 14:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-14 12:56 - 2014-10-16 17:32 - 00000000 ____D () C:\Users\user\AppData\Local\PDF24
2014-12-12 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 16:46 - 2014-04-30 23:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 16:41 - 2013-10-01 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 16:39 - 2013-10-01 14:22 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 14:39 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\Thunderbird
2014-12-12 14:39 - 2014-01-31 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 14:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-12 08:24 - 2014-02-21 12:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-12-12 06:21 - 2014-05-22 12:25 - 00001029 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-12-12 06:21 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 10:54 - 2014-05-22 12:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 10:54 - 2014-01-31 17:10 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 10:54 - 2014-01-31 17:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-07 20:01 - 2014-07-12 14:42 - 00000000 ____D () C:\Users\user\AppData\Roaming\MediaMonkey
2014-11-26 00:15 - 2013-10-01 13:32 - 01654684 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-25 18:01 - 2014-02-14 13:57 - 00000000 ____D () C:\Users\user\Desktop\Monatlich zu tun
2014-11-25 11:16 - 2014-09-03 14:34 - 00001311 _____ () C:\Users\user\Desktop\Teamsitzungspunkte.lnk
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 10:28 - 2014-09-26 18:20 - 00025090 _____ () C:\Users\user\Desktop\Sonntag Ersatzdienst Nex.T.odt

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzny5h7.dll
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:03

==================== End Of Log ============================

--- --- ---

sollte so passen, was meinst du?

greeez from vienna

k.laus

schrauber · 23.12.2014, 17:49

ESET?

23.12.2014, 17:49	#10
schrauber /// the machine /// TB-Ausbilder	Im Browser sehe ich doppelt unterstrichene Wörter die ein Link sind ESET? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Im Browser sehe ich doppelt unterstrichene Wörter die ein Link sind

Plagegeister aller Art und deren Bekämpfung: Im Browser sehe ich doppelt unterstrichene Wörter die ein Link sind