Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Eu-Cleaner hat TR/Matsnu.G gefunden .

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.03.2014, 12:17   #1
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Hallo ,ich habe ein Problem.Es fiel mir auf das ich bei Thunderbird in meinem T-Online E-Mails seit gestern ´mehrere Maildeliverys hatte die ich nicht versendet habe. Diese meldete ich über das KC als Spam darauf hin bekam ich eine Mail vom T-online Team das ein dritter Mails über meine Adresse verschickt.Passwörter wurden alle geändert und Thunderbird Deinstalliert.
Avira und Malwarebytes Anti-Malware (PRO) 1.75.0.1300 haben nichts gefunden nur EU-Cleaner.Es kommt aber immer wieder wenn man auf löschen klickt.


Zeitstempel des letzten Updates: 07.03.2014 11:46:06

Konfigurationsprofil: sysscan.avp

Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]

build.dat : 10.0.0.64 13423 Bytes 12.09.2013 08:06:00

Version der lokalen Installation:
build.dat : 14.0.3.350 58780 Bytes 25.02.2014 11:40:00


Beginn des Suchlaufs: Freitag, 7. März 2014 12:46

2357933ab60f269d83032a9c4c25b86327ffb35106374aac40c8e7f45433e2d9
[FUND] Ist das Trojanische Pferd TR/Matsnu.G


Ende des Suchlaufs: Freitag, 7. März 2014 13:14
Benötigte Zeit: 22:08 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

36743 Verzeichnisse wurden überprüft
865743 Dateien wurden geprüft
10 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
865733 Dateien ohne Befall
36939 Archive wurden durchsucht
1 Warnungen
0 Hinweise

Alt 07.03.2014, 12:42   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.03.2014, 15:31   #3
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by PC (administrator) on CARSTEN on 07-03-2014 13:54:49
Running from K:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPDLR.exe] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBFA466B298F7CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.t-online.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-...ient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\alle-preise---guenstigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\billigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\ebay-kleinanzeigen.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\hoodde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\idealode.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\schottenlandde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\wetter24.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\de_DE@dicts.j3e.de [2013-09-14]
FF Extension: FRITZ!Box AddOn - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\fb_add_on@avm.de [2013-10-12]
FF Extension: Toolbar Buttons - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2013-03-21]
FF Extension: Flagfox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: DownloadHelper - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: PDF Download - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2013-03-21]
FF Extension: eBay Sidebar for Firefox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2013-03-21]
FF Extension: Facebook Toolbar Button - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-21]
FF Extension: BetterPrivacy - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-03-21]
FF Extension: DownThemAll! - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-21]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-10-19] (ASUSTeK Computer Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-22] (REALiX(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 13:54 - 2014-03-07 13:54 - 00000000 ____D () C:\FRST
2014-03-07 12:29 - 2014-03-07 12:32 - 00000000 ____D () C:\AdwCleaner
2014-03-06 20:23 - 2014-03-06 20:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-06 18:34 - 2014-03-06 18:34 - 00002035 _____ () C:\Users\PC\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-03-06 18:34 - 2014-03-06 18:34 - 00001979 _____ () C:\Users\PC\Desktop\Avira EU-Cleaner.lnk
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-26 06:44 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 06:44 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 09:43 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-12 09:43 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-12 08:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 08:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 08:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 08:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 08:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 08:49 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 08:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 08:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 08:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 08:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 08:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 08:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 08:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 08:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 08:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 08:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 08:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 08:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 08:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 08:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 08:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 08:49 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 08:49 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 08:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 08:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 08:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 08:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 08:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 08:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 08:30 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 08:30 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 08:30 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 08:30 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-07 13:54 - 2014-03-07 13:54 - 00000000 ____D () C:\FRST
2014-03-07 13:54 - 2012-03-01 11:49 - 00000000 ____D () C:\Users\PC\AppData\Roaming\NetSpeedMonitor
2014-03-07 13:07 - 2012-03-31 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 13:01 - 2012-03-01 15:03 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 12:32 - 2014-03-07 12:29 - 00000000 ____D () C:\AdwCleaner
2014-03-07 12:08 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:08 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:07 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-03-07 12:07 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-03-07 12:07 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 12:06 - 2012-03-10 18:40 - 00000000 _____ () C:\Windows\Path.idx
2014-03-07 12:01 - 2013-05-16 19:05 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-03-07 12:00 - 2012-03-04 18:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.oit
2014-03-07 12:00 - 2012-03-01 15:03 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 12:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 12:00 - 2009-07-14 05:51 - 00241616 _____ () C:\Windows\setupact.log
2014-03-07 11:59 - 2012-03-01 10:46 - 01976555 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 20:23 - 2014-03-06 20:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-06 18:34 - 2014-03-06 18:34 - 00002035 _____ () C:\Users\PC\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-03-06 18:34 - 2014-03-06 18:34 - 00001979 _____ () C:\Users\PC\Desktop\Avira EU-Cleaner.lnk
2014-03-06 18:12 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-05 11:28 - 2013-03-22 12:45 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-27 17:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-25 07:41 - 2013-04-23 14:06 - 00002021 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-02-25 07:40 - 2012-07-05 16:33 - 00000000 ____D () C:\Users\PC\Documents\SelfMV
2014-02-22 17:44 - 2013-12-04 19:09 - 00001109 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-22 15:17 - 2012-03-01 13:21 - 00000000 ____D () C:\Users\PC\AppData\Local\Paint.NET
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 10:07 - 2012-03-31 08:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:07 - 2012-03-31 08:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:07 - 2012-03-01 13:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-18 16:46 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-16 11:32 - 2012-03-01 16:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BOM
2014-02-15 17:56 - 2012-03-01 15:03 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 17:56 - 2012-03-01 15:03 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 07:36 - 2012-04-24 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 08:56 - 2012-03-01 11:10 - 00327364 _____ () C:\Windows\PFRO.log
2014-02-12 08:55 - 2012-03-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 08:54 - 2013-07-14 11:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 08:53 - 2012-03-01 11:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 08:51 - 2013-10-03 17:38 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-06 13:16 - 2014-02-12 08:49 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 08:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 08:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 08:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 08:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 08:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 08:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 08:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 08:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 08:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 08:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 08:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 08:49 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 08:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 08:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 08:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 08:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 08:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 08:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 08:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 08:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 08:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 08:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 08:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 08:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 08:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 08:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 08:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 08:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 08:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 08:49 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 08:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 08:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 08:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 08:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 08:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 08:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 08:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 08:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe
C:\Users\PC\AppData\Local\Temp\Execute2App.exe
C:\Users\PC\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\PC\AppData\Local\Temp\msvcp90.dll
C:\Users\PC\AppData\Local\Temp\msvcr90.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 11:36

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---







Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014
Ran by PC at 2014-03-07 13:55:02
Running from K:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.0 - Futuremark Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Application Profiles (HKLM-x32\...\{05696DBC-59F4-C274-F175-1E7546F05995}) (Version: 2.0.4441.36343 - Advanced Micro Devices, Inc.)
Ashampoo Photo Commander 8 v.8.5.0 (HKLM-x32\...\Ashampoo Photo Commander 8_is1) (Version: 8.5.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.10.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Audials (HKLM-x32\...\{7FAA26D8-3727-41CD-A9DE-9480E4EA9130}) (Version: 8.0.55300.0 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
Benutzerhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Useg) (Version:  - )
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
CPUID ASUS CPU-Z 1.61.3 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.61.3 - CPUID, Inc.)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2d (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2d - Crystal Dew World)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DIGI+ Power Control (HKLM-x32\...\{BEE4C824-BEA3-454F-BC9B-A22BFA52E458}) (Version:  - )
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Geekbench 2.4 (HKLM-x32\...\Geekbench 2.4) (Version:  - Primate Labs)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mediaport (HKLM-x32\...\Mediaport) (Version:  - )
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Netzwerkhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Netg) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
RunAlyzer (HKLM-x32\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.1.24 - Safer Networking Limited)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{C70D0229-9485-4ED3-81F0-0536F0120B9D}) (Version: 9.0 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TechniPort Plus Beta (HKLM-x32\...\TechniPort Plus Beta) (Version: 0.9.5.4_beta - TechniSat)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMedia Recode 3.0.8.1 (HKLM-x32\...\XMedia Recode) (Version: 3.0.8.1 - Sebastian Dörfler)
XMedia Recode Version 3.1.7.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.4 - XMedia Recode)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {066FFB28-17C9-4B31-B573-C63F34D8E75A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {20E01591-CA82-4003-96CD-D7EFC567523E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: {6143DE45-4FBD-4304-8B75-E3BF28799AF4} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {B16DB2D4-5893-4367-84A7-DA451682DDE9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {C21D7323-FAEB-4782-8225-2D1F4A817B61} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C8F1FAD0-D180-4DC5-9B11-C6EB00403617} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {D524285D-91A9-4D95-A15F-C04CD581A4E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-02-20 08:31 - 2012-06-01 17:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-11-01 08:15 - 2012-11-01 08:09 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-03 16:13 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2012-03-04 18:49 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2012-03-04 18:49 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2012-03-04 18:49 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2012-03-04 18:49 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2012-03-04 18:49 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2012-03-04 18:49 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2012-03-04 18:49 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2012-03-04 18:49 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2012-03-04 18:49 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2012-03-04 18:48 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2012-03-04 18:49 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2012-03-04 18:49 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2012-03-04 18:49 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2012-03-04 18:48 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2012-03-04 18:49 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2012-03-04 18:49 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2012-03-04 18:49 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2012-03-04 18:49 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2012-03-04 18:49 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2012-03-04 18:49 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2012-03-04 18:49 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2012-03-04 18:49 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2012-03-04 18:49 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2012-03-04 18:49 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2012-03-04 18:49 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2012-03-04 18:49 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2012-03-04 18:49 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2012-03-04 18:49 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2012-03-04 18:49 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2012-03-04 18:49 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2012-03-04 18:49 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2012-03-04 18:48 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2012-03-04 18:49 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2013-10-19 15:19 - 2013-08-19 16:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-10-19 15:19 - 2013-08-19 16:21 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-03-01 11:15 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-10-19 13:44 - 2013-01-28 14:58 - 00870400 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-03-01 11:15 - 2012-10-08 16:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-02-20 08:32 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-02-20 08:33 - 2012-06-19 12:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-02-20 08:33 - 2012-07-20 09:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-03-01 11:15 - 2013-04-15 13:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-03-01 11:15 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-03-01 11:15 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-03-01 11:15 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-03-01 11:15 - 2012-08-29 17:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-02-20 08:31 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-10-19 15:13 - 2012-01-19 08:39 - 00028672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2013-10-19 15:13 - 2010-09-23 10:51 - 00114688 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2013-10-19 15:13 - 2010-02-25 13:01 - 00139264 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2012-03-01 11:15 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-02-20 08:31 - 2014-03-07 12:01 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-02-20 08:31 - 2010-06-29 10:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-14 11:25 - 2014-02-14 11:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:98353363
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/07/2014 01:50:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/07/2014 11:53:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00095873
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/07/2014 11:26:16 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00095873
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/06/2014 08:23:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/06/2014 08:23:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/06/2014 05:08:11 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (03/03/2014 05:27:27 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (03/02/2014 09:02:31 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (03/01/2014 06:35:09 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (03/01/2014 07:46:07 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


System errors:
=============
Error: (03/07/2014 00:01:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/07/2014 00:00:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/07/2014 10:52:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/07/2014 10:52:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/07/2014 10:49:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/07/2014 10:48:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/06/2014 07:51:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/06/2014 07:51:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/06/2014 04:11:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/06/2014 04:11:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/07/2014 01:50:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu.exe

Error: (03/07/2014 11:53:28 AM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faantdll.dll6.1.7601.18247521ea8e7c000000d0009587315e801cf39f370dea629C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SysWOW64\ntdll.dllb64ef51d-a5e6-11e3-af19-60a44c600de0

Error: (03/07/2014 11:26:16 AM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faantdll.dll6.1.7601.18247521ea8e7c000000d00095873f8401cf39efa50ae46bC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SysWOW64\ntdll.dlle9a758e7-a5e2-11e3-af19-60a44c600de0

Error: (03/06/2014 08:23:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu.exe

Error: (03/06/2014 08:23:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu.exe

Error: (03/06/2014 05:08:11 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (03/03/2014 05:27:27 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422

Error: (03/02/2014 09:02:31 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422

Error: (03/01/2014 06:35:09 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422

Error: (03/01/2014 07:46:07 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422


CodeIntegrity Errors:
===================================
  Date: 2014-03-07 13:53:44.436
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 12:53:53.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 12:34:24.795
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 12:00:46.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 11:22:30.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 10:52:33.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-07 10:48:58.734
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-06 19:51:41.697
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-06 17:32:39.697
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-06 16:37:53.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 16284.15 MB
Available physical RAM: 13432.63 MB
Total Pagefile: 32566.48 MB
Available Pagefile: 29464.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Samsung SSD 840 Pro) (Fixed) (Total:238.47 GB) (Free:144.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive k: (HDD-WD 500) (Fixed) (Total:465.54 GB) (Free:396.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: B28EE89C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 74451BFB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Danke schon mal für die Hilfe hoffe das ich keine Neuinstallation machen muss ;-)
__________________

Alt 08.03.2014, 13:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2014, 14:25   #5
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Alle lief ohne Probleme durch.Habe den PC zum Schluss Neu gestartet.Nur bei EU-Cleaner war die Verknüpfung weg.

Code:
ATTFilter
ComboFix 14-03-05.01 - PC 08.03.2014  15:10:12.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16284.13912 [GMT 1:00]
ausgeführt von:: k:\downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PC\videos\HIS_DVB.BIN
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-08 bis 2014-03-08  ))))))))))))))))))))))))))))))
.
.
2014-03-08 14:14 . 2014-03-08 14:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-08 06:31 . 2014-02-17 00:32	10536864	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A142934C-9362-4B00-AD97-EE2ACE0DB859}\mpengine.dll
2014-03-07 17:22 . 2014-03-07 17:32	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-03-07 17:21 . 2014-03-07 17:21	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-03-07 17:00 . 2014-03-07 17:00	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2014-03-07 12:54 . 2014-03-07 12:55	--------	d-----w-	C:\FRST
2014-03-07 11:29 . 2014-03-07 14:41	--------	d-----w-	C:\AdwCleaner
2014-02-26 05:44 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-02-26 05:44 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2014-02-21 09:19 . 2014-02-21 09:22	--------	d-----w-	c:\users\PC\AppData\Local\CyberGhost
2014-02-21 09:19 . 2014-02-21 09:19	--------	d-----w-	c:\program files\TAP-Windows
2014-02-21 09:19 . 2014-02-21 09:22	--------	d-----w-	c:\program files\CyberGhost 5
2014-02-12 08:43 . 2014-01-23 03:21	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-02-12 08:43 . 2014-01-23 03:21	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-02-12 07:31 . 2013-12-06 02:30	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-02-12 07:30 . 2013-12-24 23:09	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-02-12 07:30 . 2013-12-24 22:48	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-02-12 07:30 . 2013-11-26 08:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2014-02-12 07:30 . 2013-11-22 22:48	3928064	----a-w-	c:\windows\system32\d2d1.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-08 14:03 . 2013-05-16 18:05	1048576	----a-w-	c:\windows\PE_Rom.dll
2014-02-21 09:07 . 2012-03-31 07:26	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 09:07 . 2012-03-01 12:28	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-12 07:53 . 2012-03-01 10:50	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-01-27 08:58 . 2012-03-01 10:52	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-25 07:01 . 2014-01-25 07:01	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-22 12:09 . 2012-11-22 18:03	31648	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2014-01-08 08:05 . 2013-08-23 15:04	5353952	----a-w-	c:\windows\PE_File.dll
2013-12-18 16:33 . 2013-05-07 14:02	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-18 16:33 . 2013-03-21 12:52	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-18 16:33 . 2013-03-21 12:52	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE" [2012-07-12 241280]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-04-18 578560]
"KiesPDLR.exe"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-02-14 845120]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-02-14 1564992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-08 495616]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-08 856064]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE" [2010-07-29 116632]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-02-14 311616]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2013-01-28 550272]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Magician.lnk - c:\program files (x86)\Samsung Magician\Samsung Magician.exe  /AUTOHIDE [2013-12-10 4580256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 ahcix64;ahcix64;c:\windows\system32\DRIVERS\ahcix64.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64.sys [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [x]
S2 CGVPNCliService;CyberGhost VPN 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 StarMoney 9.0 OnlineUpdate;StarMoney 9.0 OnlineUpdate;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 09:07]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01 14:03]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01 14:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.t-online.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: add to &BOM - c:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: FRITZ!Box Dial - c:\program files\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm
IE: FRITZ!Box Dial\Contexts - 16 (0x10)
IE: FRITZ!Box Dial\Flags
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\
FF - prefs.js: browser.startup.homepage - www.t-online.de
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-...ient&gfns=1&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Notify-LBTWlgn - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
   57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}"=hex:51,66,7a,6c,4c,1d,38,12,c0,08,7b,
   68,6e,2b,53,0b,f0,d2,a5,e5,25,9d,9d,3c
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
   b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:2d,f2,db,66,00,b8,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,d3,60,d8,dd,6d,41,4c,a4,f5,77,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,d3,60,d8,dd,6d,41,4c,a4,f5,77,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@="131473"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-08  15:15:38
ComboFix-quarantined-files.txt  2014-03-08 14:15
.
Vor Suchlauf: 11 Verzeichnis(se), 155.454.382.080 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 155.638.964.224 Bytes frei
.
- - End Of File - - 2CFF4E668734EE37066B1C02D73A6995
B1F7D7F6E4FBE98E578562A22A94D02C
         


Alt 09.03.2014, 07:50   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Eu-Cleaner hat TR/Matsnu.G gefunden .

Alt 09.03.2014, 09:03   #7
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Hier ist das Log von Malwarebytes.
Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.09.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
PC :: CARSTEN [Administrator]

Schutz: Aktiviert

09.03.2014 08:58:07
mbam-log-2014-03-09 (08-58-07).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 397187
Laufzeit: 27 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Log vom AWDCleaner

Code:
ATTFilter
# AdwCleaner v3.020 - Bericht erstellt am 09/03/2014 um 09:34:33
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : PC - xxxxxxx
# Gestartet von : K:\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Conduit

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\caphyon
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\prefs.js ]

Zeile gelöscht : user_pref("CT2206084..clientLogIsEnabled", true);
Zeile gelöscht : user_pref("CT2206084..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2206084..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2206084.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2206084.CT2206084", "CT2206084");
Zeile gelöscht : user_pref("CT2206084.CurrentServerDate", "13-4-2011");
Zeile gelöscht : user_pref("CT2206084.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2206084.DialogsGetterLastCheckTime", "Thu Apr 07 2011 21:52:14 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2206084.EMailNotifierPollDate", "Wed Apr 13 2011 11:05:49 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedLastCount128311388426518939", 872);
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128394382574669410", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128394382574669411", "Wed Apr 13 2011 11:05:52 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128394382574669412", "Wed Apr 13 2011 11:05:52 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128394382574669413", "Wed Apr 13 2011 11:05:52 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128394382574669414", "Wed Apr 13 2011 11:05:52 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128559429569307240", "Wed Apr 13 2011 11:05:52 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801410134769526", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801410271643768", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801410648675207", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801410803831945", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411020863399", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411145707150", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411258362590", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411369456587", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411490081588", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411659613144", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411801956980", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128801411974300317", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128895535588356636", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128895536575232020", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128895541734450320", "Wed Apr 13 2011 11:05:51 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128896127456250507", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128896133101250708", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128896136655781447", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128896138140469441", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedPollDate128896149451719443", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.FeedTTL128801410648675207", 2);
Zeile gelöscht : user_pref("CT2206084.FeedTTL128801411258362590", 5);
Zeile gelöscht : user_pref("CT2206084.FeedTTL128801411490081588", 30);
Zeile gelöscht : user_pref("CT2206084.FeedTTL128801411974300317", 5);
Zeile gelöscht : user_pref("CT2206084.FeedTTL128895535588356636", 5);
Zeile gelöscht : user_pref("CT2206084.FeedTTL128896138140469441", 2);
Zeile gelöscht : user_pref("CT2206084.FirstServerDate", "7-4-2011");
Zeile gelöscht : user_pref("CT2206084.FirstTime", true);
Zeile gelöscht : user_pref("CT2206084.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2206084.FixPageNotFoundErrors", false);
Zeile gelöscht : user_pref("CT2206084.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2206084.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2206084.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT2206084.Initialize", true);
Zeile gelöscht : user_pref("CT2206084.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2206084.InstallationAndCookieDataSentCount", 3);
Zeile gelöscht : user_pref("CT2206084.InstalledDate", "Thu Apr 07 2011 21:52:15 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.InvalidateCache", false);
Zeile gelöscht : user_pref("CT2206084.IsGrouping", false);
Zeile gelöscht : user_pref("CT2206084.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2206084.IsOpenThankYouPage", true);
Zeile gelöscht : user_pref("CT2206084.IsOpenUninstallPage", true);
Zeile gelöscht : user_pref("CT2206084.LanguagePackLastCheckTime", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2206084.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2206084.LastLogin_3.3.3.2", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.LatestVersion", "3.2.5.2");
Zeile gelöscht : user_pref("CT2206084.Locale", "de-de");
Zeile gelöscht : user_pref("CT2206084.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2206084.MCDetectTooltipShow", false);
Zeile gelöscht : user_pref("CT2206084.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2206084.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2206084.RadioIsPodcast", false);
Zeile gelöscht : user_pref("CT2206084.RadioLastCheckTime", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.RadioLastUpdateIPServer", "3");
Zeile gelöscht : user_pref("CT2206084.RadioLastUpdateServer", "128939446421370000");
Zeile gelöscht : user_pref("CT2206084.RadioMediaID", "10559111");
Zeile gelöscht : user_pref("CT2206084.RadioMediaType", "Media Player");
Zeile gelöscht : user_pref("CT2206084.RadioMenuSelectedID", "EBRadioMenu_CT220608410559111");
Zeile gelöscht : user_pref("CT2206084.RadioStationName", "Antenne%20Bayern%20Top%2040");
Zeile gelöscht : user_pref("CT2206084.RadioStationURL", "hxxp://channels.webradio.antenne.de/top-40");
Zeile gelöscht : user_pref("CT2206084.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2206084.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&q=");
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabLastCheckTime", "Wed Apr 13 2011 11:05:49 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2206084.SearchInNewTabUserEnabled", false);
Zeile gelöscht : user_pref("CT2206084.ServiceMapLastCheckTime", "Wed Apr 13 2011 11:05:49 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.SettingsLastCheckTime", "Wed Apr 13 2011 11:05:49 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.SettingsLastUpdate", "1300865530");
Zeile gelöscht : user_pref("CT2206084.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2206084.ThirdPartyComponentsLastCheck", "Thu Apr 07 2011 21:52:14 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.ThirdPartyComponentsLastUpdate", "1255344657");
Zeile gelöscht : user_pref("CT2206084.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2206084");
Zeile gelöscht : user_pref("CT2206084.UserID", "UN48074603479672643");
Zeile gelöscht : user_pref("CT2206084.WeatherNetwork", "");
Zeile gelöscht : user_pref("CT2206084.WeatherPollDate", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.WeatherUnit", "C");
Zeile gelöscht : user_pref("CT2206084.alertChannelId", "604380");
Zeile gelöscht : user_pref("CT2206084.approveUntrustedApps", true);
Zeile gelöscht : user_pref("CT2206084.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com\"}");
Zeile gelöscht : user_pref("CT2206084.globalFirstTimeInfoLastCheckTime", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("CT2206084.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2206084.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2206084.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2206084.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2206084.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2206084.oldAppsList", "128325851945531999,128541998593412748,128952322938437928,1000082,128963628988794044,128311388426518939,241910600392622828,129350935210162825,128795241664163022,1283[...]
Zeile gelöscht : user_pref("CT2206084.testingCtid", "");
Zeile gelöscht : user_pref("CT2206084.toolbarAppMetaDataLastCheckTime", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.toolbarContextMenuLastCheckTime", "Thu Apr 07 2011 21:52:15 GMT+0200");
Zeile gelöscht : user_pref("CT2206084.usageEnabled", false);
Zeile gelöscht : user_pref("CT2206084.usagesFlag", 1);
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2206084", "\"1300865454\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de-de", "L+tncv4eqt6Qm5T3dzChdA==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de-de", "uwY9T5AsudBxjradvWCAOA==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de-de", "QmycQXJXVyFVAzIiNllWhQ==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de-de", "ZdrYrsEQox0wVf3yXX8zTQ==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2206084", "\"634380269302130000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2206084/CT2206084", "\"1300865530\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"634351849102130000\"");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2206084");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{9d81af43-de53-48d0-a199-42c2a226b24c}");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_deutsch_ff");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2206084");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{9d81af43-de53-48d0-a199-42c2a226b24c}");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic_deutsch_ff");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2206084");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2206084");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 13 2011 11:05:50 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertEnabled", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Apr 13 2011 11:05:49 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "7b4249e5-504e-4d3c-9b43-969daa29b1a3");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "d3e9d28a-65d9-4626-a30f-743a743ad95d");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

*************************

AdwCleaner[R0].txt - [17760 octets] - [07/03/2014 12:29:09]
AdwCleaner[R1].txt - [17821 octets] - [07/03/2014 12:32:20]
AdwCleaner[R2].txt - [17882 octets] - [07/03/2014 15:40:53]
AdwCleaner[R3].txt - [17702 octets] - [09/03/2014 09:30:36]
AdwCleaner[R4].txt - [17763 octets] - [09/03/2014 09:34:00]
AdwCleaner[S0].txt - [17576 octets] - [09/03/2014 09:34:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17637 octets] ##########
         
JRT Log

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by PC on 09.03.2014 at  9:40:10,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{21192B29-7A7B-438D-9DDB-F057D33D0156}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{90800475-6D53-477D-852D-3D58B78F91A5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{AC5A90C4-3DD1-4948-B1CF-E8E7C8EB9314}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{B1350391-917F-4E86-A214-42F278CBE287}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{E419BD3F-7491-4E74-B468-9607DFCE13E2}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{E7AE94B3-67D8-4DCD-9D79-566C87853EE2}



~~~ FireFox

Emptied folder: C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\10yuuraw.default\minidumps [56 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.03.2014 at  9:44:44,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Log


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by PC (administrator) on CARSTEN on 09-03-2014 09:58:47
Running from K:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPDLR.exe] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBFA466B298F7CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.t-online.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-...ient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\alle-preise---guenstigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\billigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\ebay-kleinanzeigen.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\hoodde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\idealode.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\schottenlandde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\wetter24.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\de_DE@dicts.j3e.de [2013-09-14]
FF Extension: FRITZ!Box AddOn - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\fb_add_on@avm.de [2013-10-12]
FF Extension: Toolbar Buttons - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2013-03-21]
FF Extension: DownloadHelper - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: Flagfox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: PDF Download - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2013-03-21]
FF Extension: eBay Sidebar for Firefox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2013-03-21]
FF Extension: Facebook Toolbar Button - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-21]
FF Extension: BetterPrivacy - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-03-21]
FF Extension: DownThemAll! - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-21]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-10-19] (ASUSTeK Computer Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-22] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 09:49 - 2014-03-09 09:48 - 02156544 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2014-03-09 09:44 - 2014-03-09 09:44 - 00001371 _____ () C:\Users\PC\Desktop\JRT.txt
2014-03-09 09:40 - 2014-03-09 09:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 15:16 - 2014-03-08 15:16 - 00021712 _____ () C:\Users\PC\Downloads\Combofix.txt
2014-03-08 15:15 - 2014-03-08 15:15 - 00021712 _____ () C:\ComboFix.txt
2014-03-08 15:09 - 2014-03-08 15:15 - 00000000 ____D () C:\Qoobox
2014-03-08 15:09 - 2014-03-08 15:14 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 15:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-08 15:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-08 15:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-07 18:22 - 2014-03-07 18:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:21 - 2014-03-07 18:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00002105 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-07 18:00 - 2014-03-07 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-07 13:54 - 2014-03-09 09:58 - 00000000 ____D () C:\FRST
2014-03-07 12:29 - 2014-03-09 09:34 - 00000000 ____D () C:\AdwCleaner
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-26 06:44 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 06:44 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 09:43 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-12 09:43 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-12 08:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 08:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 08:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 08:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 08:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 08:49 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 08:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 08:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 08:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 08:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 08:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 08:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 08:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 08:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 08:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 08:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 08:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 08:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 08:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 08:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 08:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 08:49 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 08:49 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 08:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 08:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 08:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 08:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 08:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 08:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 08:30 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 08:30 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 08:30 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 08:30 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-09 09:58 - 2014-03-07 13:54 - 00000000 ____D () C:\FRST
2014-03-09 09:58 - 2012-03-01 11:49 - 00000000 ____D () C:\Users\PC\AppData\Roaming\NetSpeedMonitor
2014-03-09 09:56 - 2013-05-16 19:05 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-03-09 09:56 - 2012-03-04 18:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.oit
2014-03-09 09:56 - 2012-03-01 15:03 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 09:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 09:56 - 2009-07-14 05:51 - 00242064 _____ () C:\Windows\setupact.log
2014-03-09 09:55 - 2012-03-01 10:46 - 02056607 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 09:48 - 2014-03-09 09:49 - 02156544 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2014-03-09 09:44 - 2014-03-09 09:44 - 00001371 _____ () C:\Users\PC\Desktop\JRT.txt
2014-03-09 09:43 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 09:43 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 09:41 - 2012-03-10 18:40 - 00000000 _____ () C:\Windows\Path.idx
2014-03-09 09:40 - 2014-03-09 09:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 09:39 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-03-09 09:39 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-03-09 09:39 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 09:34 - 2014-03-07 12:29 - 00000000 ____D () C:\AdwCleaner
2014-03-09 09:07 - 2012-03-31 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 09:01 - 2012-03-01 15:03 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 08:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-08 15:17 - 2012-03-01 11:10 - 00327910 _____ () C:\Windows\PFRO.log
2014-03-08 15:16 - 2014-03-08 15:16 - 00021712 _____ () C:\Users\PC\Downloads\Combofix.txt
2014-03-08 15:15 - 2014-03-08 15:15 - 00021712 _____ () C:\ComboFix.txt
2014-03-08 15:15 - 2014-03-08 15:09 - 00000000 ____D () C:\Qoobox
2014-03-08 15:14 - 2014-03-08 15:09 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 15:14 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-08 07:00 - 2012-04-24 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-07 18:32 - 2014-03-07 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:21 - 2014-03-07 18:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00002105 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-07 18:00 - 2014-03-07 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-05 11:28 - 2013-03-22 12:45 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-27 17:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-25 07:41 - 2013-04-23 14:06 - 00002021 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-02-25 07:40 - 2012-07-05 16:33 - 00000000 ____D () C:\Users\PC\Documents\SelfMV
2014-02-22 17:44 - 2013-12-04 19:09 - 00001109 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-22 15:17 - 2012-03-01 13:21 - 00000000 ____D () C:\Users\PC\AppData\Local\Paint.NET
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 10:07 - 2012-03-31 08:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:07 - 2012-03-31 08:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:07 - 2012-03-01 13:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-18 16:46 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-16 11:32 - 2012-03-01 16:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BOM
2014-02-15 17:56 - 2012-03-01 15:03 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 17:56 - 2012-03-01 15:03 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 08:55 - 2012-03-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 08:54 - 2013-07-14 11:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 08:53 - 2012-03-01 11:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 08:51 - 2013-10-03 17:38 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe
C:\Users\PC\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 11:36

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01
Ran by PC at 2014-03-09 09:59:00
Running from K:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.0 - Futuremark Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Application Profiles (HKLM-x32\...\{05696DBC-59F4-C274-F175-1E7546F05995}) (Version: 2.0.4441.36343 - Advanced Micro Devices, Inc.)
Ashampoo Photo Commander 8 v.8.5.0 (HKLM-x32\...\Ashampoo Photo Commander 8_is1) (Version: 8.5.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.10.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Audials (HKLM-x32\...\{7FAA26D8-3727-41CD-A9DE-9480E4EA9130}) (Version: 8.0.55300.0 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
Benutzerhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Useg) (Version:  - )
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
CPUID ASUS CPU-Z 1.61.3 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.61.3 - CPUID, Inc.)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2d (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2d - Crystal Dew World)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DIGI+ Power Control (HKLM-x32\...\{BEE4C824-BEA3-454F-BC9B-A22BFA52E458}) (Version:  - )
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Geekbench 2.4 (HKLM-x32\...\Geekbench 2.4) (Version:  - Primate Labs)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mediaport (HKLM-x32\...\Mediaport) (Version:  - )
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Netzwerkhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Netg) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
RunAlyzer (HKLM-x32\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.1.24 - Safer Networking Limited)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{C70D0229-9485-4ED3-81F0-0536F0120B9D}) (Version: 9.0 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TechniPort Plus Beta (HKLM-x32\...\TechniPort Plus Beta) (Version: 0.9.5.4_beta - TechniSat)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMedia Recode 3.0.8.1 (HKLM-x32\...\XMedia Recode) (Version: 3.0.8.1 - Sebastian Dörfler)
XMedia Recode Version 3.1.7.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.4 - XMedia Recode)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-08 15:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {066FFB28-17C9-4B31-B573-C63F34D8E75A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {20E01591-CA82-4003-96CD-D7EFC567523E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: {6143DE45-4FBD-4304-8B75-E3BF28799AF4} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {B16DB2D4-5893-4367-84A7-DA451682DDE9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {C21D7323-FAEB-4782-8225-2D1F4A817B61} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C8F1FAD0-D180-4DC5-9B11-C6EB00403617} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {D524285D-91A9-4D95-A15F-C04CD581A4E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-02-20 08:31 - 2012-06-01 17:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-11-01 08:15 - 2012-11-01 08:09 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-03 16:13 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2012-03-04 18:49 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2012-03-04 18:49 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2012-03-04 18:49 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2012-03-04 18:49 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2012-03-04 18:49 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2012-03-04 18:49 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2012-03-04 18:49 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2012-03-04 18:49 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2012-03-04 18:49 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2012-03-04 18:48 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2012-03-04 18:49 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2012-03-04 18:49 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2012-03-04 18:49 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2012-03-04 18:48 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2012-03-04 18:49 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2012-03-04 18:49 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2012-03-04 18:49 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2012-03-04 18:49 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2012-03-04 18:49 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2012-03-04 18:49 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2012-03-04 18:49 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2012-03-04 18:49 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2012-03-04 18:49 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2012-03-04 18:49 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2012-03-04 18:49 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2012-03-04 18:49 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2012-03-04 18:49 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2012-03-04 18:49 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2012-03-04 18:49 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2012-03-04 18:49 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2012-03-04 18:49 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2012-03-04 18:48 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2012-03-04 18:49 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2013-10-19 15:19 - 2013-08-19 16:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-10-19 15:19 - 2013-08-19 16:21 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-03-01 11:15 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-10-19 13:44 - 2013-01-28 14:58 - 00870400 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-03-01 11:15 - 2012-10-08 16:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-02-20 08:32 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-02-20 08:33 - 2012-06-19 12:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-02-20 08:33 - 2012-07-20 09:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-03-01 11:15 - 2013-04-15 13:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-03-01 11:15 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-03-01 11:15 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-03-01 11:15 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-03-01 11:15 - 2012-08-29 17:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-02-20 08:31 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-10-19 15:13 - 2012-01-19 08:39 - 00028672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2012-03-01 11:15 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-02-20 08:31 - 2014-03-09 09:56 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-02-20 08:31 - 2010-06-29 10:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-14 11:25 - 2014-02-14 11:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:98353363
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (03/09/2014 09:56:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/09/2014 09:56:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-09 09:56:08.549
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:47:25.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:35:38.899
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 08:55:05.548
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-08 17:04:29.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-08 16:58:13.614
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-08 15:41:58.734
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-08 15:18:04.766
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-08 15:13:48.069
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-08 15:13:48.022
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 16284.15 MB
Available physical RAM: 13836.56 MB
Total Pagefile: 32566.48 MB
Available Pagefile: 29882.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Samsung SSD 840 Pro) (Fixed) (Total:238.47 GB) (Free:145.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive k: (HDD-WD 500) (Fixed) (Total:465.54 GB) (Free:396.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: B28EE89C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 74451BFB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
So alles erledigt hoffe das war so richtig.

Alt 10.03.2014, 09:40   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.03.2014, 18:28   #9
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Eset Log:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=609fc6826658754a9a3a9fee3c8a7e24
# engine=17385
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-10 03:18:20
# local_time=2014-03-10 04:18:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 202535 146094550 0 0
# scanned=1202
# found=0
# cleaned=0
# scan_time=105
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=609fc6826658754a9a3a9fee3c8a7e24
# engine=17385
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-10 04:02:59
# local_time=2014-03-10 05:02:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 208814 146097229 0 0
# scanned=196228
# found=0
# cleaned=0
# scan_time=2639
         
Security Check Log:
Code:
ATTFilter
Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 12.0.0.70  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (24.3.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST Log´s

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02
Ran by PC (administrator) on CARSTEN on 10-03-2014 17:22:12
Running from K:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPDLR.exe] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-219500871-3512627619-740844572-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBFA466B298F7CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.t-online.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-...ient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\alle-preise---guenstigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\billigerde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\ebay-kleinanzeigen.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\hoodde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\idealode.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\schottenlandde.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\wetter24.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\de_DE@dicts.j3e.de [2013-09-14]
FF Extension: FRITZ!Box AddOn - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\fb_add_on@avm.de [2013-10-12]
FF Extension: Toolbar Buttons - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2013-03-21]
FF Extension: DownloadHelper - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: Flagfox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: PDF Download - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2013-03-21]
FF Extension: eBay Sidebar for Firefox - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2013-03-21]
FF Extension: Facebook Toolbar Button - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-21]
FF Extension: BetterPrivacy - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-03-21]
FF Extension: DownThemAll! - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\10yuuraw.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-21]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2013-10-19] (ASUSTeK Computer Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-22] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 09:49 - 2014-03-09 09:48 - 02156544 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2014-03-09 09:40 - 2014-03-09 09:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 15:16 - 2014-03-08 15:16 - 00021712 _____ () C:\Users\PC\Downloads\Combofix.txt
2014-03-08 15:15 - 2014-03-08 15:15 - 00021712 _____ () C:\ComboFix.txt
2014-03-08 15:09 - 2014-03-08 15:15 - 00000000 ____D () C:\Qoobox
2014-03-08 15:09 - 2014-03-08 15:14 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 15:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-08 15:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-08 15:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-08 15:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-07 18:22 - 2014-03-07 18:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:21 - 2014-03-07 18:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00002105 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-07 18:00 - 2014-03-07 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-07 13:54 - 2014-03-10 17:22 - 00000000 ____D () C:\FRST
2014-03-07 12:29 - 2014-03-09 09:34 - 00000000 ____D () C:\AdwCleaner
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-26 06:44 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 06:44 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:19 - 2014-02-21 10:22 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 09:43 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-12 09:43 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-12 08:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 08:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 08:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 08:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 08:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 08:49 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 08:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 08:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 08:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 08:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 08:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 08:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 08:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 08:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 08:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 08:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 08:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 08:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 08:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 08:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 08:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 08:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 08:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 08:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 08:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 08:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 08:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 08:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 08:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 08:49 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 08:49 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 08:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 08:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 08:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 08:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 08:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 08:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 08:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 08:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 08:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 08:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 08:30 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 08:30 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 08:30 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 08:30 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-10 17:22 - 2014-03-07 13:54 - 00000000 ____D () C:\FRST
2014-03-10 17:21 - 2012-03-01 11:49 - 00000000 ____D () C:\Users\PC\AppData\Roaming\NetSpeedMonitor
2014-03-10 17:07 - 2012-03-31 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-10 17:01 - 2012-03-01 15:03 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 16:21 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-03-10 16:21 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-03-10 16:21 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-10 16:03 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-10 16:03 - 2009-07-14 05:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-10 16:02 - 2012-03-10 18:40 - 00000000 _____ () C:\Windows\Path.idx
2014-03-10 15:57 - 2013-05-16 19:05 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-03-10 15:57 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-10 15:56 - 2012-03-04 18:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.oit
2014-03-10 15:56 - 2012-03-01 15:03 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-10 15:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-10 15:56 - 2009-07-14 05:51 - 00242288 _____ () C:\Windows\setupact.log
2014-03-09 18:44 - 2012-03-01 10:46 - 02084258 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 13:18 - 2012-03-01 13:21 - 00000000 ____D () C:\Users\PC\AppData\Local\Paint.NET
2014-03-09 09:48 - 2014-03-09 09:49 - 02156544 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2014-03-09 09:40 - 2014-03-09 09:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 09:34 - 2014-03-07 12:29 - 00000000 ____D () C:\AdwCleaner
2014-03-08 15:17 - 2012-03-01 11:10 - 00327910 _____ () C:\Windows\PFRO.log
2014-03-08 15:16 - 2014-03-08 15:16 - 00021712 _____ () C:\Users\PC\Downloads\Combofix.txt
2014-03-08 15:15 - 2014-03-08 15:15 - 00021712 _____ () C:\ComboFix.txt
2014-03-08 15:15 - 2014-03-08 15:09 - 00000000 ____D () C:\Qoobox
2014-03-08 15:14 - 2014-03-08 15:09 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 15:14 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-08 07:00 - 2012-04-24 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-07 18:32 - 2014-03-07 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:21 - 2014-03-07 18:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00002105 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-07 18:00 - 2014-03-07 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-05 11:28 - 2013-03-22 12:45 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-27 17:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-26 07:53 - 2014-02-26 07:53 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-02-25 07:41 - 2013-04-23 14:06 - 00002021 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-02-25 07:40 - 2012-07-05 16:33 - 00000000 ____D () C:\Users\PC\Documents\SelfMV
2014-02-22 17:44 - 2013-12-04 19:09 - 00001109 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Users\PC\AppData\Local\CyberGhost
2014-02-21 10:22 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-21 10:19 - 2014-02-21 10:19 - 00001747 _____ () C:\Users\PC\Desktop\CyberGhost 5.lnk
2014-02-21 10:19 - 2014-02-21 10:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 10:07 - 2012-03-31 08:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:07 - 2012-03-31 08:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:07 - 2012-03-01 13:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-18 19:27 - 2014-02-18 19:27 - 00251940 _____ () C:\Users\PC\Downloads\archive18022014_192651.zip
2014-02-18 16:46 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-16 11:32 - 2012-03-01 16:50 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BOM
2014-02-15 17:56 - 2012-03-01 15:03 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 17:56 - 2012-03-01 15:03 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 11:25 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 11:52 - 2014-02-13 11:52 - 00006096 _____ () C:\Users\PC\Downloads\Carsten Stender.odt
2014-02-12 08:55 - 2012-03-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 08:54 - 2013-07-14 11:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 08:53 - 2012-03-01 11:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 08:51 - 2013-10-03 17:38 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe
C:\Users\PC\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 17:10

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014 02
Ran by PC at 2014-03-10 17:22:25
Running from K:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.0 - Futuremark Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Application Profiles (HKLM-x32\...\{05696DBC-59F4-C274-F175-1E7546F05995}) (Version: 2.0.4441.36343 - Advanced Micro Devices, Inc.)
Ashampoo Photo Commander 8 v.8.5.0 (HKLM-x32\...\Ashampoo Photo Commander 8_is1) (Version: 8.5.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.10.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Audials (HKLM-x32\...\{7FAA26D8-3727-41CD-A9DE-9480E4EA9130}) (Version: 8.0.55300.0 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
Benutzerhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Useg) (Version:  - )
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
CPUID ASUS CPU-Z 1.61.3 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.61.3 - CPUID, Inc.)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2d (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2d - Crystal Dew World)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DIGI+ Power Control (HKLM-x32\...\{BEE4C824-BEA3-454F-BC9B-A22BFA52E458}) (Version:  - )
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Geekbench 2.4 (HKLM-x32\...\Geekbench 2.4) (Version:  - Primate Labs)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mediaport (HKLM-x32\...\Mediaport) (Version:  - )
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Netzwerkhandbuch EPSON BX635FWD Series (HKLM-x32\...\EPSON BX635FWD Series Netg) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
RunAlyzer (HKLM-x32\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.1.24 - Safer Networking Limited)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{C70D0229-9485-4ED3-81F0-0536F0120B9D}) (Version: 9.0 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TechniPort Plus Beta (HKLM-x32\...\TechniPort Plus Beta) (Version: 0.9.5.4_beta - TechniSat)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMedia Recode 3.0.8.1 (HKLM-x32\...\XMedia Recode) (Version: 3.0.8.1 - Sebastian Dörfler)
XMedia Recode Version 3.1.7.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.4 - XMedia Recode)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-08 15:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {066FFB28-17C9-4B31-B573-C63F34D8E75A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {20E01591-CA82-4003-96CD-D7EFC567523E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: {6143DE45-4FBD-4304-8B75-E3BF28799AF4} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {B16DB2D4-5893-4367-84A7-DA451682DDE9} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {C21D7323-FAEB-4782-8225-2D1F4A817B61} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C8F1FAD0-D180-4DC5-9B11-C6EB00403617} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {D524285D-91A9-4D95-A15F-C04CD581A4E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-02-20 08:31 - 2012-06-01 17:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-11-01 08:15 - 2012-11-01 08:09 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-03 16:13 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2012-03-04 18:49 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2012-03-04 18:49 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2012-03-04 18:49 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2012-03-04 18:49 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2012-03-04 18:49 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2012-03-04 18:49 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2012-03-04 18:49 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2012-03-04 18:49 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2012-03-04 18:49 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2012-03-04 18:48 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2012-03-04 18:49 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2012-03-04 18:49 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2012-03-04 18:49 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2012-03-04 18:48 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2012-03-04 18:49 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2012-03-04 18:49 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2012-03-04 18:49 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2012-03-04 18:49 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2012-03-04 18:49 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2012-03-04 18:49 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2012-03-04 18:49 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2012-03-04 18:49 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2012-03-04 18:49 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2012-03-04 18:49 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2012-03-04 18:49 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2012-03-04 18:49 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2012-03-04 18:49 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2012-03-04 18:49 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2012-03-04 18:49 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2012-03-04 18:49 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2012-03-04 18:49 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2012-03-04 18:49 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2012-03-04 18:48 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2012-03-04 18:49 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2013-10-19 15:19 - 2013-08-19 16:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-10-19 15:19 - 2013-08-19 16:21 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-03-01 11:15 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-10-19 13:44 - 2013-01-28 14:58 - 00870400 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-03-01 11:15 - 2012-10-08 16:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-02-20 08:32 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-02-20 08:33 - 2012-06-19 12:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-02-20 08:33 - 2012-07-20 09:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-03-01 11:15 - 2013-04-15 13:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-03-01 11:15 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-03-01 11:15 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-03-01 11:15 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-03-01 11:15 - 2012-08-29 17:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-02-20 08:31 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-03-01 11:15 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-10-19 15:13 - 2012-01-19 08:39 - 00028672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2013-10-19 15:13 - 2010-09-23 10:51 - 00114688 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2013-10-19 15:13 - 2010-02-25 13:01 - 00139264 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2012-03-01 11:15 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-02-20 08:31 - 2014-03-10 15:56 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-02-20 08:31 - 2010-06-29 10:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-14 11:25 - 2014-02-14 11:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:98353363
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2014 05:13:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 05:10:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 04:18:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 04:18:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 04:14:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 04:14:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/10/2014 04:13:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/10/2014 03:56:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/10/2014 03:56:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/09/2014 06:24:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/09/2014 06:24:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/09/2014 01:15:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/09/2014 01:14:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/10/2014 05:13:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/10/2014 05:10:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/10/2014 04:18:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu(1).exe

Error: (03/10/2014 04:18:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu(1).exe

Error: (03/10/2014 04:14:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu(1).exe

Error: (03/10/2014 04:14:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu(1).exe

Error: (03/10/2014 04:13:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\Downloads\esetsmartinstaller_enu(1).exe


CodeIntegrity Errors:
===================================
  Date: 2014-03-10 16:01:38.401
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 15:56:29.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 18:24:34.854
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 13:14:57.692
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 11:43:14.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 11:22:01.571
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 10:06:52.112
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:56:08.549
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:47:25.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:35:38.899
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16284.15 MB
Available physical RAM: 13533.61 MB
Total Pagefile: 32566.48 MB
Available Pagefile: 29560.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Samsung SSD 840 Pro) (Fixed) (Total:238.47 GB) (Free:145.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive k: (HDD-WD 500) (Fixed) (Total:465.54 GB) (Free:396.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: B28EE89C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 74451BFB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Hallo schrauber der Eu-Cleaner findet immer noch das selbe und es lässt sich nicht löschen mit dem Programm????

Alt 11.03.2014, 12:14   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Flash Player updaten.

Logfile vom EU Cleaner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.03.2014, 15:53   #11
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Flash Player wurde Neu installiert den Flash Player 10 habe ich nicht.
Code:
ATTFilter
**************************************************
Zusammenfassung des Suchlaufs:
**************************************************

Zeitstempel des letzten Updates: 11.03.2014 15:22:06

Konfigurationsprofil: sysscan.avp

Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]

build.dat      : 10.0.0.64      13423 Bytes  12.09.2013 08:06:00

Version der lokalen Installation:
build.dat      : 14.0.3.350     58780 Bytes  25.02.2014 11:40:00


Beginn des Suchlaufs: Dienstag, 11. März 2014  16:22

2357933ab60f269d83032a9c4c25b86327ffb35106374aac40c8e7f45433e2d9
  [FUND]      Ist das Trojanische Pferd TR/Matsnu.G


Ende des Suchlaufs: Dienstag, 11. März 2014  16:45
Benötigte Zeit: 22:08 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  32918 Verzeichnisse wurden überprüft
 821241 Dateien wurden geprüft
     10 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 821231 Dateien ohne Befall
  30858 Archive wurden durchsucht
      1 Warnungen
      0 Hinweise
         
Eu Cleaner findet das immer in/ab da. C:User/PC/AppData/Roaming/Thunderbird/Profiles/.../Inbox

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (24.3.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 12.03.2014, 11:41   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Also in deinem Posteingang. Irgend eine Mail wird irgend ein Anhang angemekcert. Entweder manuell nach der Mail suchen oder die Meldung einfach ignorieren
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.03.2014, 17:45   #13
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Da das ganze ja nicht geholfen hat habe ich heute Win 7 Pro neu aufgesetzt .
Trotzdem Danke für die Hilfe.
Code:
ATTFilter
**************************************************
Zusammenfassung des Suchlaufs:
**************************************************

Zeitstempel des letzten Updates: 15.03.2014 17:21:09

Konfigurationsprofil: sysscan.avp

Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]

build.dat      : 10.0.0.64      13423 Bytes  12.09.2013 08:06:00

Version der lokalen Installation:
build.dat      : 14.0.3.350     58780 Bytes  25.02.2014 11:40:00


Beginn des Suchlaufs: Samstag, 15. März 2014  18:21


Ende des Suchlaufs: Samstag, 15. März 2014  18:41
Benötigte Zeit: 19:44 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  30427 Verzeichnisse wurden überprüft
 1417398 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 1417398 Dateien ohne Befall
   4085 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise
         

Alt 16.03.2014, 16:31   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



irgendwie voll unötig, aber ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.03.2014, 16:58   #15
Kieler1
 
Eu-Cleaner hat TR/Matsnu.G gefunden . - Standard

Eu-Cleaner hat TR/Matsnu.G gefunden .



Will bei so was auf Nummer sicher gehen da die Meldung immer noch da war.Hat ja nur 4Std. gedauert alles Neu zu machen.
Aber besten Dank für deine Hilfe

Antwort

Themen zu Eu-Cleaner hat TR/Matsnu.G gefunden .
adresse, anti-malware, archive, dateien, eu-cleaner, freitag, geändert, hinweis, installation, klick, lokale, löschen, malwarebytes, nichts, pferd, programme, quarantäne, service, spam, trojanische, trojanische pferd, unerwünschte, updates, viren, windows, windows 7



Ähnliche Themen: Eu-Cleaner hat TR/Matsnu.G gefunden .


  1. Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht
    Log-Analyse und Auswertung - 23.08.2015 (5)
  2. Trojanische Pferd TR/Matsnu.A.296 gefunden
    Log-Analyse und Auswertung - 03.06.2015 (15)
  3. Avira hat Trojaner TR/Matsnu.EB.133 gefunden
    Log-Analyse und Auswertung - 15.06.2014 (7)
  4. TR/Matsnu.EB.137 lässt sich mit AVIRA EU Cleaner nicht entfernen
    Log-Analyse und Auswertung - 13.03.2014 (41)
  5. mit PC Cleaner Schadsoftware gefunden
    Plagegeister aller Art und deren Bekämpfung - 31.01.2014 (15)
  6. Windows 7:Werde Viren nicht los TR/Matsnu.A.59,TR/Matsnu.A.56 und TR/BankZone.A.8
    Log-Analyse und Auswertung - 06.09.2013 (9)
  7. Trojaner Bubli.avlv, Matsnu.A, Symmi.20469 im AppData Ordner nach Inkasso-Mail gefunden
    Log-Analyse und Auswertung - 28.05.2013 (23)
  8. Matsnu.gen!A
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (22)
  9. TR/Matsnu.EB.133
    Log-Analyse und Auswertung - 08.04.2013 (1)
  10. TR/Agent13107.52, TR/Matsnu.A.74, Worm/Cridex.B.247 und andere gefunden.
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (6)
  11. TR/matsnu.A.77.
    Log-Analyse und Auswertung - 11.03.2013 (1)
  12. TR/Matsnu.eb.101 Trojaner gefunden
    Log-Analyse und Auswertung - 24.02.2013 (1)
  13. TR/Matsnu.EB.33
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  14. TR/Matsnu.EB.6
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (1)
  15. Matsnu.A.66
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  16. TR/Matsnu.EB.3
    Plagegeister aller Art und deren Bekämpfung - 30.05.2012 (1)
  17. Avira DE Cleaner hat Trojaner gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (11)

Zum Thema Eu-Cleaner hat TR/Matsnu.G gefunden . - Hallo ,ich habe ein Problem.Es fiel mir auf das ich bei Thunderbird in meinem T-Online E-Mails seit gestern ´mehrere Maildeliverys hatte die ich nicht versendet habe. Diese meldete ich über - Eu-Cleaner hat TR/Matsnu.G gefunden ....
Archiv
Du betrachtest: Eu-Cleaner hat TR/Matsnu.G gefunden . auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.