Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.08.2014, 22:06   #1
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Seit ein paar Monaten kämpfe ich gegen Download Protect 2.2.1 und dachte auch, ich wäre erfolgreich, aber es taucht immer wieder auf, jetzt als Version 2.2.5.
Daher bitte ich hier um Hilfe zur Bereinigung.
Entsprechend der Anleitung habe ich verschiedene Scans durchgeführt und auch die bisherigen Logs nach Funden durchsucht.
FRST txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 28-08-2014 20:50:41
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\System32\mfc100ud.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(BitTorrent Inc.) C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}\{0D7A2C21-0378-4936-9A95-A8998DF16BE6}.bin (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}\{DC9BEE3D-5D7C-465C-B106-37545D94A2C5}.bin (Download Protect)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110

FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}] - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi [2014-08-27]

Chrome: 
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 sdbinstd; C:\Windows\system32\mfc100ud.exe [118784 2014-03-01] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 20:50 - 2014-08-28 20:50 - 00018297 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:35 - 2014-08-16 20:46 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 21:59 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:23 - 2014-08-17 21:39 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:53 - 2014-08-24 16:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 20:51 - 2014-08-28 20:50 - 00018297 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:51 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-28 20:50 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-28 20:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-28 20:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 18:04 - 2012-06-25 15:02 - 01837126 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 16:46 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-28 16:46 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-28 16:42 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-28 16:41 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-28 16:41 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-28 16:41 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 16:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 16:37 - 2009-07-14 06:51 - 00277423 _____ () C:\Windows\setupact.log
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-26 19:33 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-25 22:55 - 2010-11-21 05:47 - 00118352 _____ () C:\Windows\PFRO.log
2014-08-25 22:23 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 16:36 - 2014-08-14 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 21:39 - 2014-08-16 20:23 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 21:59 - 2014-08-16 20:34 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:46 - 2014-08-16 20:35 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:54 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 15:55 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-05 15:55 - 2014-02-22 13:06 - 375355670 _____ () C:\Windows\MEMORY.DMP
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 17:07 - 2014-07-10 19:42 - 00147525 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_45282BA1.dat
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 21:44

==================== End Of Log ============================
         
GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-28 21:07:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HITACHI_ rev.JF4Z 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\bieni2\AppData\Local\Temp\pwriipog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                             fffff80003bb4000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                             fffff80003bb402f 23 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   00000000749b1465 2 bytes [9B, 74]
.text     C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000749b14bb 2 bytes [9B, 74]
.text     ...                                                                                                                            * 2
.text     C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4260] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69       00000000749b1465 2 bytes [9B, 74]
.text     C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4260] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155      00000000749b14bb 2 bytes [9B, 74]
.text     ...                                                                                                                            * 2
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              00000000749b1465 2 bytes [9B, 74]
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             00000000749b14bb 2 bytes [9B, 74]
.text     ...                                                                                                                            * 2

---- Threads - GMER 2.1 ----

Thread    C:\Windows\System32\svchost.exe [2316:5392]                                                                                    000007fef1599688

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d43034057                                                    
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d4314adc4                                                    
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\685d43034057 (not active ControlSet)                                
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\685d4314adc4 (not active ControlSet)                                

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                          unknown MBR code

---- EOF - GMER 2.1 ----
         

MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 28.08.2014
Scan Time: 21:07:56
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.25.05
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bieni2

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 334682
Time Elapsed: 14 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 13
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect.1, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\INPROCSERVER32, , [7d4c12b881faa5917233f75621dfb54b], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.DownloadProtect.A, C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}\{0D7A2C21-0378-4936-9A95-A8998DF16BE6}.bin, , [7d4c12b881faa5917233f75621dfb54b], 
PUP.Optional.DownloadProtect.A, C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}\{DC9BEE3D-5D7C-465C-B106-37545D94A2C5}.bin, , [7d4c12b881faa5917233f75621dfb54b], 

Physical Sectors: 0
(No malicious items detected)


(end)
         
Und als Archiv habe ich drei Logs von Avira Free Antivirus als zip angehängt, da sonst zu groß.
Über Eure Unterstützung zur Beseitigung aller Infektionen würde ich mich sehr freuen.

Alt 28.08.2014, 22:07   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 29.08.2014, 09:31   #3
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Oh, hatte mich an den automatisch erstellten Hinweis von der Webseite gehalten, in dem ich zum Anhängen aufgefordert wurde. Vielleicht könnte dieser Hinweis geändert werden?

Wie verteilt man notfalls über mehrere Beiträge?

Hier ungezippt die Antivir-Virenscaner-Logs in chronologischer Reihenfolge:
Code:
ATTFilter
Avira Free Antivirus
Report file date: Samstag, 16. August 2014  13:23


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Avira Antivirus Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 7 Home Premium
Windows version : (Service Pack 1)  [6.1.7601]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : BIENI2-PC

Version information:
BUILD.DAT       : 14.0.6.552     92022 Bytes  23.07.2014 13:29:00
AVSCAN.EXE      : 14.0.6.548   1046608 Bytes  12.08.2014 06:28:37
AVSCANRC.DLL    : 14.0.6.522     52816 Bytes  12.08.2014 06:28:37
LUKE.DLL        : 14.0.6.522     57936 Bytes  12.08.2014 06:28:42
AVSCPLR.DLL     : 14.0.6.548     92752 Bytes  12.08.2014 06:28:37
AVREG.DLL       : 14.0.6.522    262224 Bytes  12.08.2014 06:28:37
avlode.dll      : 14.0.6.526    603728 Bytes  12.08.2014 06:28:36
avlode.rdf      : 14.0.4.42      65114 Bytes  03.08.2014 05:53:00
XBV00009.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00010.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00011.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00012.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00013.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00014.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00015.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00016.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00017.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00018.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00019.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00020.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00021.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00022.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00023.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00024.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00025.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00026.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00027.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00028.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00029.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00030.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00031.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00032.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00033.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00034.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00035.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00036.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00037.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00038.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00039.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00040.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00041.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00106.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00107.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00108.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00109.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00110.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00111.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00112.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00113.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:06
XBV00114.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00115.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00116.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00117.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00118.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00119.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00120.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00121.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00122.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00123.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00124.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00125.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00126.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00127.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00128.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00129.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00130.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00131.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00132.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00133.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00134.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00135.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00136.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00137.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00138.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00139.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:07
XBV00140.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00141.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00142.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00143.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00144.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00145.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00146.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00147.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00148.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00149.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00150.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00151.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00152.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00153.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00154.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00155.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00156.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00157.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00158.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00159.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00160.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00161.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00162.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00163.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00164.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00165.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00166.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00167.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00168.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00169.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00170.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00171.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00172.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00173.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00174.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00175.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00176.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00177.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:08
XBV00178.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00179.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00180.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00181.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00182.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00183.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00184.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00185.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00186.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00187.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00188.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00189.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00190.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00191.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00192.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00193.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00194.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00195.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00196.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00197.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00198.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00199.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00200.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00201.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00202.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00203.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00204.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00205.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00206.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00207.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00208.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00209.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00210.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00211.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00212.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00213.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00214.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00215.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00216.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:09
XBV00217.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00218.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00219.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00220.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00221.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00222.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00223.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00224.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00225.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00226.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00227.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00228.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00229.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00230.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00231.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00232.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00233.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00234.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00235.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00236.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00237.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00238.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00239.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00240.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00241.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00242.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00243.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00244.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00245.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00246.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00247.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00248.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00249.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00250.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00251.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00252.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00253.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00254.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00255.VDF    : 8.11.165.192     2048 Bytes  07.08.2014 11:24:10
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 13:59:55
XBV00001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 14:31:20
XBV00002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 12:56:52
XBV00003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 17:46:32
XBV00004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 11:05:34
XBV00005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 17:57:52
XBV00006.VDF    : 7.11.139.38 15708672 Bytes  27.03.2014 18:43:00
XBV00007.VDF    : 7.11.152.100  4193792 Bytes  02.06.2014 13:07:23
XBV00008.VDF    : 8.11.165.192  4251136 Bytes  07.08.2014 11:24:03
XBV00042.VDF    : 8.11.165.218   217600 Bytes  07.08.2014 17:23:48
XBV00043.VDF    : 8.11.165.246   262656 Bytes  07.08.2014 17:23:48
XBV00044.VDF    : 8.11.165.250    20480 Bytes  07.08.2014 13:47:20
XBV00045.VDF    : 8.11.165.252     2048 Bytes  07.08.2014 13:47:20
XBV00046.VDF    : 8.11.165.254     7168 Bytes  07.08.2014 13:47:20
XBV00047.VDF    : 8.11.166.4      5120 Bytes  08.08.2014 13:47:20
XBV00048.VDF    : 8.11.166.16     6144 Bytes  08.08.2014 13:47:20
XBV00049.VDF    : 8.11.166.20    28160 Bytes  08.08.2014 13:47:20
XBV00050.VDF    : 8.11.166.22     2048 Bytes  08.08.2014 13:47:21
XBV00051.VDF    : 8.11.166.24    20480 Bytes  08.08.2014 13:47:21
XBV00052.VDF    : 8.11.166.28    33280 Bytes  08.08.2014 19:47:25
XBV00053.VDF    : 8.11.166.32   214016 Bytes  08.08.2014 07:15:40
XBV00054.VDF    : 8.11.166.34     5120 Bytes  08.08.2014 07:15:40
XBV00055.VDF    : 8.11.166.58   216576 Bytes  09.08.2014 17:57:46
XBV00056.VDF    : 8.11.166.78    15872 Bytes  09.08.2014 17:57:46
XBV00057.VDF    : 8.11.166.98    37888 Bytes  10.08.2014 11:59:29
XBV00058.VDF    : 8.11.166.100     2048 Bytes  10.08.2014 11:59:29
XBV00059.VDF    : 8.11.166.102    45568 Bytes  10.08.2014 18:26:55
XBV00060.VDF    : 8.11.166.104     2048 Bytes  10.08.2014 18:26:56
XBV00061.VDF    : 8.11.166.106    16384 Bytes  11.08.2014 10:38:45
XBV00062.VDF    : 8.11.166.108     3072 Bytes  11.08.2014 10:38:45
XBV00063.VDF    : 8.11.166.110     8192 Bytes  11.08.2014 16:38:30
XBV00064.VDF    : 8.11.166.112    10240 Bytes  11.08.2014 16:38:30
XBV00065.VDF    : 8.11.166.114    24576 Bytes  11.08.2014 16:38:31
XBV00066.VDF    : 8.11.166.118   215552 Bytes  11.08.2014 04:22:53
XBV00067.VDF    : 8.11.166.138     2048 Bytes  11.08.2014 04:22:53
XBV00068.VDF    : 8.11.166.158     2048 Bytes  11.08.2014 04:22:53
XBV00069.VDF    : 8.11.166.180     8704 Bytes  11.08.2014 04:22:53
XBV00070.VDF    : 8.11.166.202    11264 Bytes  12.08.2014 06:28:43
XBV00071.VDF    : 8.11.166.206     4096 Bytes  12.08.2014 12:34:23
XBV00072.VDF    : 8.11.166.208     5632 Bytes  12.08.2014 12:34:23
XBV00073.VDF    : 8.11.166.210     6656 Bytes  12.08.2014 18:34:18
XBV00074.VDF    : 8.11.166.212   215040 Bytes  12.08.2014 18:34:18
XBV00075.VDF    : 8.11.166.216    29184 Bytes  12.08.2014 18:34:18
XBV00076.VDF    : 8.11.166.222    22528 Bytes  12.08.2014 17:28:15
XBV00077.VDF    : 8.11.166.226    10752 Bytes  13.08.2014 17:28:15
XBV00078.VDF    : 8.11.166.228     2048 Bytes  13.08.2014 17:28:15
XBV00079.VDF    : 8.11.166.230    12288 Bytes  13.08.2014 17:28:15
XBV00080.VDF    : 8.11.166.232   223232 Bytes  13.08.2014 17:28:16
XBV00081.VDF    : 8.11.166.234    10752 Bytes  13.08.2014 17:28:16
XBV00082.VDF    : 8.11.166.236     2048 Bytes  13.08.2014 17:28:16
XBV00083.VDF    : 8.11.166.238   224256 Bytes  13.08.2014 17:28:16
XBV00084.VDF    : 8.11.166.240    11264 Bytes  13.08.2014 17:28:16
XBV00085.VDF    : 8.11.166.242     2048 Bytes  13.08.2014 17:28:16
XBV00086.VDF    : 8.11.166.244    41472 Bytes  13.08.2014 11:56:55
XBV00087.VDF    : 8.11.166.250     8704 Bytes  13.08.2014 11:56:55
XBV00088.VDF    : 8.11.167.16   209920 Bytes  14.08.2014 11:56:55
XBV00089.VDF    : 8.11.167.34   203776 Bytes  14.08.2014 11:56:55
XBV00090.VDF    : 8.11.167.54     5632 Bytes  14.08.2014 11:56:55
XBV00091.VDF    : 8.11.167.76     2048 Bytes  14.08.2014 11:56:55
XBV00092.VDF    : 8.11.167.96    35840 Bytes  14.08.2014 17:56:23
XBV00093.VDF    : 8.11.167.98   204800 Bytes  14.08.2014 17:56:23
XBV00094.VDF    : 8.11.167.100     2048 Bytes  14.08.2014 17:56:23
XBV00095.VDF    : 8.11.167.102     2048 Bytes  14.08.2014 17:56:23
XBV00096.VDF    : 8.11.167.106    19456 Bytes  14.08.2014 06:49:01
XBV00097.VDF    : 8.11.167.108     2048 Bytes  14.08.2014 06:49:01
XBV00098.VDF    : 8.11.167.110     2048 Bytes  14.08.2014 06:49:01
XBV00099.VDF    : 8.11.167.116   207360 Bytes  15.08.2014 06:49:01
XBV00100.VDF    : 8.11.167.118    13312 Bytes  15.08.2014 15:25:18
XBV00101.VDF    : 8.11.167.120    28672 Bytes  15.08.2014 15:25:18
XBV00102.VDF    : 8.11.167.122     2048 Bytes  15.08.2014 15:25:18
XBV00103.VDF    : 8.11.167.124     2048 Bytes  15.08.2014 15:25:18
XBV00104.VDF    : 8.11.167.126     2048 Bytes  15.08.2014 15:25:18
XBV00105.VDF    : 8.11.167.130   251904 Bytes  15.08.2014 06:34:26
LOCAL001.VDF    : 8.11.167.130 108654080 Bytes  15.08.2014 06:34:39
Engine version  : 8.3.24.12 
AEVDF.DLL       : 8.3.1.4       133992 Bytes  14.08.2014 17:56:23
AESCRIPT.DLL    : 8.2.0.16      428912 Bytes  14.08.2014 17:56:23
AESCN.DLL       : 8.3.2.2       139456 Bytes  03.08.2014 05:52:58
AESBX.DLL       : 8.2.20.24    1409224 Bytes  08.05.2014 13:16:19
AERDL.DLL       : 8.2.0.138     704888 Bytes  02.12.2013 16:53:59
AEPACK.DLL      : 8.4.0.50      792488 Bytes  07.08.2014 17:23:48
AEOFFICE.DLL    : 8.3.0.20      216104 Bytes  14.08.2014 17:56:23
AEHEUR.DLL      : 8.1.4.1226   7388016 Bytes  14.08.2014 17:56:23
AEHELP.DLL      : 8.3.1.0       278728 Bytes  28.05.2014 14:19:18
AEGEN.DLL       : 8.1.7.28      450752 Bytes  06.06.2014 10:38:42
AEEXP.DLL       : 8.4.2.22      244584 Bytes  03.08.2014 05:52:59
AEEMU.DLL       : 8.1.3.4       399264 Bytes  07.08.2014 17:23:46
AEDROID.DLL     : 8.4.2.24      442568 Bytes  04.06.2014 18:27:28
AECORE.DLL      : 8.3.2.6       243712 Bytes  07.08.2014 17:23:46
AEBB.DLL        : 8.1.2.0        60448 Bytes  07.08.2014 17:23:46
AVWINLL.DLL     : 14.0.6.522     24144 Bytes  12.08.2014 06:28:36
AVPREF.DLL      : 14.0.6.522     50256 Bytes  12.08.2014 06:28:37
AVREP.DLL       : 14.0.6.522    219216 Bytes  12.08.2014 06:28:37
AVARKT.DLL      : 14.0.5.368    226384 Bytes  01.07.2014 11:30:18
AVEVTLOG.DLL    : 14.0.6.522    182352 Bytes  12.08.2014 06:28:36
SQLITE3.DLL     : 14.0.6.522    452176 Bytes  12.08.2014 06:28:43
AVSMTP.DLL      : 14.0.6.522     76368 Bytes  12.08.2014 06:28:37
NETNT.DLL       : 14.0.6.522     13392 Bytes  12.08.2014 06:28:42
RCIMAGE.DLL     : 14.0.6.522   4864080 Bytes  12.08.2014 06:28:36
RCTEXT.DLL      : 14.0.6.526     73808 Bytes  12.08.2014 06:28:36

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Samstag, 16. August 2014  13:23

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
    [INFO]      No virus was found!

Starting search for hidden objects.

The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '150' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'avguard.exe' - '133' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '69' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '54' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '36' Module(s) have been scanned
Scan process 'taskhost.exe' - '60' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '161' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'uTorrent.exe' - '95' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '88' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '58' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '36' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '122' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '28' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'YouCamService.exe' - '78' Module(s) have been scanned
Scan process 'avscan.exe' - '119' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'iTunes.exe' - '164' Module(s) have been scanned
Scan process 'firefox.exe' - '127' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'AppleMobileDeviceHelper.exe' - '75' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'distnoted.exe' - '37' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'plugin-container.exe' - '83' Module(s) have been scanned
Scan process 'FlashPlayerPlugin_14_0_0_145.exe' - '54' Module(s) have been scanned
Scan process 'FlashPlayerPlugin_14_0_0_145.exe' - '73' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '69' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned

Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)

Starting to scan executable files (registry):
The registry was scanned ( '10142' files ).


Starting the file scan:

Begin scan in 'C:\' <Boot>
    [0] Archive type: Runtime Packed
    --> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
        [1] Archive type: NSIS
      --> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
          [2] Archive type: RSRC
        --> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
            [3] Archive type: Runtime Packed
          --> C:\Windows\Installer\{467404D0-B489-494F-9A84-A21A838E2F7B}\{597FF948-BD70-4285-A910-755B895FD79D}.xpi
              [4] Archive type: ZIP
            --> chrome/content/dp.js
                [DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
                [WARNING]   Infected files in archives cannot be repaired
C:\Windows\Installer\{467404D0-B489-494F-9A84-A21A838E2F7B}\{597FF948-BD70-4285-A910-755B895FD79D}.xpi
  [DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
  [NOTE]      The file was deleted.
          --> C:\Windows\Installer\{72EC1C9D-EE9A-44A4-B4C0-805B97F3AE7B}\cekkjdnjimhfiabhibnimkgcnpbbiebjfrx
              [4] Archive type: ZIP
            --> dp.js
                [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
                [WARNING]   Infected files in archives cannot be repaired
C:\Windows\Installer\{72EC1C9D-EE9A-44A4-B4C0-805B97F3AE7B}\cekkjdnjimhfiabhibnimkgcnpbbiebjfrx
  [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
  [NOTE]      The file was deleted.
Begin scan in 'D:\' <Recover>


End of the scan: Samstag, 16. August 2014  17:35
Used time:  4:11:27 Hour(s)

The scan has been done completely.

  73767 Scanned directories
 2492593 Files were scanned
      4 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      2 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 2492589 Files not concerned
  46897 Archives were scanned
      2 Warnings
      2 Notes
 1300986 Objects were scanned with rootkit scan
      0 Hidden objects were found
         
Code:
ATTFilter
Avira Free Antivirus
Report file date: Freitag, 22. August 2014  20:21


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Avira Antivirus Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 7 Home Premium
Windows version : (Service Pack 1)  [6.1.7601]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : BIENI2-PC

Version information:
BUILD.DAT       : 14.0.6.552     92022 Bytes  23.07.2014 13:29:00
AVSCAN.EXE      : 14.0.6.548   1046608 Bytes  12.08.2014 06:28:37
AVSCANRC.DLL    : 14.0.6.522     52816 Bytes  12.08.2014 06:28:37
LUKE.DLL        : 14.0.6.522     57936 Bytes  12.08.2014 06:28:42
AVSCPLR.DLL     : 14.0.6.548     92752 Bytes  12.08.2014 06:28:37
AVREG.DLL       : 14.0.6.522    262224 Bytes  12.08.2014 06:28:37
avlode.dll      : 14.0.6.526    603728 Bytes  12.08.2014 06:28:36
avlode.rdf      : 14.0.4.42      65114 Bytes  03.08.2014 05:53:00
XBV00009.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00010.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00011.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00012.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00013.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00014.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00015.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00016.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00017.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00018.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00019.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00020.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00021.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00022.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00023.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00024.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00025.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00026.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00027.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00028.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00029.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00030.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00031.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00032.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00033.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00034.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00035.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00036.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00037.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00038.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00039.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00040.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00041.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00068.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00069.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00070.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00071.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00072.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00073.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00074.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00075.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00076.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00077.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00078.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:45
XBV00079.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00080.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00081.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00082.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00083.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00084.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00085.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00086.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00087.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00088.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00089.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00090.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00091.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00092.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00093.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00094.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00095.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00096.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00097.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00098.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00099.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00100.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00101.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00102.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00103.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00104.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00105.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00106.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00107.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00108.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00109.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00110.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00111.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00112.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00113.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00114.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00115.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00116.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00117.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00118.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00119.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00120.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00121.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00122.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00123.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00124.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00125.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00126.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00127.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00128.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00129.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00130.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00131.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00132.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00133.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00134.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00135.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00136.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00137.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00138.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00139.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00140.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00141.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00142.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00143.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00144.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00145.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00146.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00147.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00148.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00149.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00150.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00151.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00152.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00153.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00154.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00155.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00156.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00157.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00158.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00159.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00160.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00161.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00162.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00163.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00164.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00165.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00166.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00167.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00168.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00169.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00170.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00171.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00172.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00173.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00174.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00175.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00176.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00177.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00178.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00179.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00180.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00181.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00182.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00183.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00184.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00185.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00186.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00187.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00188.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00189.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00190.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00191.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00192.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00193.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00194.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00195.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00196.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00197.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00198.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00199.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00200.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00201.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00202.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00203.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00204.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00205.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00206.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00207.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00208.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00209.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00210.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00211.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00212.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00213.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00214.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00215.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00216.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00217.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00218.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00219.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00220.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00221.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00222.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00223.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00224.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00225.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00226.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00227.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00228.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00229.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00230.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00231.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00232.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00233.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00234.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00235.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00236.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00237.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00238.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00239.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00240.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00241.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00242.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00243.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00244.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00245.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00246.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00247.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00248.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00249.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00250.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00251.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00252.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00253.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00254.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00255.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 13:59:55
XBV00001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 14:31:20
XBV00002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 12:56:52
XBV00003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 17:46:32
XBV00004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 11:05:34
XBV00005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 17:57:52
XBV00006.VDF    : 7.11.139.38 15708672 Bytes  27.03.2014 18:43:00
XBV00007.VDF    : 7.11.152.100  4193792 Bytes  02.06.2014 13:07:23
XBV00008.VDF    : 8.11.165.192  4251136 Bytes  07.08.2014 11:24:03
XBV00042.VDF    : 8.11.167.234  1073152 Bytes  19.08.2014 18:22:42
XBV00043.VDF    : 8.11.167.236     3584 Bytes  19.08.2014 18:22:42
XBV00044.VDF    : 8.11.167.238    17408 Bytes  19.08.2014 18:22:42
XBV00045.VDF    : 8.11.167.242     7168 Bytes  19.08.2014 18:22:43
XBV00046.VDF    : 8.11.167.248     2048 Bytes  19.08.2014 18:22:43
XBV00047.VDF    : 8.11.168.26    19968 Bytes  19.08.2014 18:22:43
XBV00048.VDF    : 8.11.168.44    10240 Bytes  19.08.2014 13:59:41
XBV00049.VDF    : 8.11.168.60     2048 Bytes  19.08.2014 13:59:41
XBV00050.VDF    : 8.11.168.78    27136 Bytes  20.08.2014 13:59:41
XBV00051.VDF    : 8.11.168.80     2048 Bytes  20.08.2014 13:59:41
XBV00052.VDF    : 8.11.168.98    15360 Bytes  20.08.2014 13:59:41
XBV00053.VDF    : 8.11.168.100     2048 Bytes  20.08.2014 13:59:41
XBV00054.VDF    : 8.11.168.116    28160 Bytes  20.08.2014 19:59:34
XBV00055.VDF    : 8.11.168.118     9216 Bytes  20.08.2014 07:06:59
XBV00056.VDF    : 8.11.168.120     4096 Bytes  20.08.2014 07:06:59
XBV00057.VDF    : 8.11.168.124    12800 Bytes  21.08.2014 07:06:59
XBV00058.VDF    : 8.11.168.126    25088 Bytes  21.08.2014 13:43:06
XBV00059.VDF    : 8.11.168.132    33280 Bytes  21.08.2014 19:43:08
XBV00060.VDF    : 8.11.168.134     2048 Bytes  21.08.2014 19:43:08
XBV00061.VDF    : 8.11.168.138    11776 Bytes  21.08.2014 15:25:46
XBV00062.VDF    : 8.11.168.140     3584 Bytes  21.08.2014 15:25:46
XBV00063.VDF    : 8.11.168.158     3584 Bytes  22.08.2014 15:25:46
XBV00064.VDF    : 8.11.168.174     2048 Bytes  22.08.2014 15:25:46
XBV00065.VDF    : 8.11.168.180     5120 Bytes  22.08.2014 15:25:46
XBV00066.VDF    : 8.11.168.220     7168 Bytes  22.08.2014 15:25:46
XBV00067.VDF    : 8.11.168.222    20480 Bytes  22.08.2014 15:25:46
LOCAL000.VDF    : 8.11.168.222 109041664 Bytes  22.08.2014 15:26:35
Engine version  : 8.3.24.18 
AEVDF.DLL       : 8.3.1.6       133992 Bytes  20.08.2014 13:59:41
AESCRIPT.DLL    : 8.2.0.18      437104 Bytes  22.08.2014 15:25:46
AESCN.DLL       : 8.3.2.2       139456 Bytes  03.08.2014 05:52:58
AESBX.DLL       : 8.2.20.24    1409224 Bytes  08.05.2014 13:16:19
AERDL.DLL       : 8.2.0.138     704888 Bytes  02.12.2013 16:53:59
AEPACK.DLL      : 8.4.0.50      792488 Bytes  07.08.2014 17:23:48
AEOFFICE.DLL    : 8.3.0.20      216104 Bytes  14.08.2014 17:56:23
AEHEUR.DLL      : 8.1.4.1240   7433072 Bytes  22.08.2014 15:25:45
AEHELP.DLL      : 8.3.1.0       278728 Bytes  28.05.2014 14:19:18
AEGEN.DLL       : 8.1.7.28      450752 Bytes  06.06.2014 10:38:42
AEEXP.DLL       : 8.4.2.30      247712 Bytes  22.08.2014 15:25:46
AEEMU.DLL       : 8.1.3.4       399264 Bytes  07.08.2014 17:23:46
AEDROID.DLL     : 8.4.2.24      442568 Bytes  04.06.2014 18:27:28
AECORE.DLL      : 8.3.2.6       243712 Bytes  07.08.2014 17:23:46
AEBB.DLL        : 8.1.2.0        60448 Bytes  07.08.2014 17:23:46
AVWINLL.DLL     : 14.0.6.522     24144 Bytes  12.08.2014 06:28:36
AVPREF.DLL      : 14.0.6.522     50256 Bytes  12.08.2014 06:28:37
AVREP.DLL       : 14.0.6.522    219216 Bytes  12.08.2014 06:28:37
AVARKT.DLL      : 14.0.5.368    226384 Bytes  01.07.2014 11:30:18
AVEVTLOG.DLL    : 14.0.6.522    182352 Bytes  12.08.2014 06:28:36
SQLITE3.DLL     : 14.0.6.522    452176 Bytes  12.08.2014 06:28:43
AVSMTP.DLL      : 14.0.6.522     76368 Bytes  12.08.2014 06:28:37
NETNT.DLL       : 14.0.6.522     13392 Bytes  12.08.2014 06:28:42
RCIMAGE.DLL     : 14.0.6.522   4864080 Bytes  12.08.2014 06:28:36
RCTEXT.DLL      : 14.0.6.526     73808 Bytes  12.08.2014 06:28:36

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Freitag, 22. August 2014  20:21

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
    [INFO]      No virus was found!

Starting search for hidden objects.

The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '89' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'avguard.exe' - '133' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'MemeoBackgroundService.exe' - '65' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '76' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'taskhost.exe' - '63' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '170' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'ATouch64.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '48' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '29' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'uTorrent.exe' - '97' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '74' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '59' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '37' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '122' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '57' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'YouCamService.exe' - '77' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'avscan.exe' - '119' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'taskhost.exe' - '31' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '29' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '71' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned

Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)

Starting to scan executable files (registry):
The registry was scanned ( '10140' files ).


Starting the file scan:

Begin scan in 'C:\' <Boot>
    [0] Archive type: Runtime Packed
    --> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
        [1] Archive type: NSIS
      --> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
          [2] Archive type: RSRC
        --> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
            [3] Archive type: Runtime Packed
          --> C:\Windows\Installer\{2D684F5E-DAA7-4FDA-9343-6578AFFDB4F2}\ckogggjiflbkidckdamfkillakaejmbjarx
              [4] Archive type: ZIP
            --> dp.js
                [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
                [WARNING]   Infected files in archives cannot be repaired
C:\Windows\Installer\{2D684F5E-DAA7-4FDA-9343-6578AFFDB4F2}\ckogggjiflbkidckdamfkillakaejmbjarx
  [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
  [NOTE]      The file was deleted.
          --> C:\Windows\Installer\{E733C20B-7995-4E0A-A09E-FDB7C7003A57}\{1CF5D753-E587-4D0A-B498-AB1D9A234392}.xpi
              [4] Archive type: ZIP
            --> chrome/content/dp.js
                [DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
                [WARNING]   Infected files in archives cannot be repaired
C:\Windows\Installer\{E733C20B-7995-4E0A-A09E-FDB7C7003A57}\{1CF5D753-E587-4D0A-B498-AB1D9A234392}.xpi
  [DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
  [NOTE]      The file was deleted.
Begin scan in 'D:\' <Recover>


End of the scan: Samstag, 23. August 2014  01:58
Used time:  5:37:16 Hour(s)

The scan has been done completely.

  72415 Scanned directories
 2493620 Files were scanned
      4 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      2 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 2493616 Files not concerned
  46563 Archives were scanned
      2 Warnings
      2 Notes
 1299957 Objects were scanned with rootkit scan
      0 Hidden objects were found
         
Code:
ATTFilter
Avira Free Antivirus
Report file date: Montag, 25. August 2014  22:59


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Avira Antivirus Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 7 Home Premium
Windows version : (Service Pack 1)  [6.1.7601]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : BIENI2-PC

Version information:
BUILD.DAT       : 14.0.6.552     92022 Bytes  23.07.2014 13:29:00
AVSCAN.EXE      : 14.0.6.548   1046608 Bytes  12.08.2014 06:28:37
AVSCANRC.DLL    : 14.0.6.522     52816 Bytes  12.08.2014 06:28:37
LUKE.DLL        : 14.0.6.522     57936 Bytes  12.08.2014 06:28:42
AVSCPLR.DLL     : 14.0.6.548     92752 Bytes  12.08.2014 06:28:37
AVREG.DLL       : 14.0.6.522    262224 Bytes  12.08.2014 06:28:37
avlode.dll      : 14.0.6.526    603728 Bytes  12.08.2014 06:28:36
avlode.rdf      : 14.0.4.42      65114 Bytes  03.08.2014 05:53:00
XBV00009.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00010.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00011.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00012.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00013.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00014.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00015.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00016.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00017.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00018.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00019.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00020.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00021.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00022.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00023.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00024.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00025.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00026.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00027.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00028.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00029.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00030.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00031.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00032.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00033.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00034.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00035.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00036.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00037.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00038.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00039.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00040.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00041.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 11:24:04
XBV00088.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:46
XBV00089.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00090.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00091.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00092.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00093.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00094.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00095.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00096.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00097.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00098.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00099.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00100.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00101.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00102.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00103.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00104.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00105.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00106.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00107.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00108.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00109.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00110.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00111.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00112.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00113.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00114.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00115.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00116.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00117.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00118.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00119.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00120.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00121.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00122.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00123.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:47
XBV00124.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00125.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00126.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00127.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00128.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00129.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00130.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00131.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00132.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00133.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00134.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00135.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00136.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00137.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00138.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00139.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00140.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00141.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00142.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00143.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00144.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00145.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00146.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00147.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00148.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00149.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00150.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00151.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00152.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00153.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00154.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:48
XBV00155.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00156.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00157.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00158.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00159.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00160.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00161.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00162.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00163.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00164.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00165.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00166.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00167.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00168.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00169.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:57
XBV00170.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00171.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00172.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00173.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00174.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00175.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00176.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00177.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00178.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00179.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00180.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00181.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00182.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00183.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00184.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:58
XBV00185.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00186.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00187.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00188.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00189.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00190.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00191.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00192.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00193.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00194.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00195.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00196.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00197.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00198.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00199.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00200.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00201.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00202.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:22:59
XBV00203.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00204.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00205.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00206.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00207.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00208.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00209.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00210.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00211.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00212.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00213.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00214.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00215.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00216.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00217.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00218.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00219.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00220.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00221.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00222.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00223.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00224.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00225.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:00
XBV00226.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00227.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00228.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00229.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00230.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00231.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00232.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00233.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00234.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00235.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00236.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00237.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00238.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00239.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00240.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:01
XBV00241.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00242.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00243.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00244.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00245.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00246.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00247.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00248.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00249.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00250.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00251.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00252.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00253.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00254.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00255.VDF    : 8.11.167.234     2048 Bytes  19.08.2014 18:23:02
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 13:59:55
XBV00001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 14:31:20
XBV00002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 12:56:52
XBV00003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 17:46:32
XBV00004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 11:05:34
XBV00005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 17:57:52
XBV00006.VDF    : 7.11.139.38 15708672 Bytes  27.03.2014 18:43:00
XBV00007.VDF    : 7.11.152.100  4193792 Bytes  02.06.2014 13:07:23
XBV00008.VDF    : 8.11.165.192  4251136 Bytes  07.08.2014 11:24:03
XBV00042.VDF    : 8.11.167.234  1073152 Bytes  19.08.2014 18:22:42
XBV00043.VDF    : 8.11.167.236     3584 Bytes  19.08.2014 18:22:42
XBV00044.VDF    : 8.11.167.238    17408 Bytes  19.08.2014 18:22:42
XBV00045.VDF    : 8.11.167.242     7168 Bytes  19.08.2014 18:22:43
XBV00046.VDF    : 8.11.167.248     2048 Bytes  19.08.2014 18:22:43
XBV00047.VDF    : 8.11.168.26    19968 Bytes  19.08.2014 18:22:43
XBV00048.VDF    : 8.11.168.44    10240 Bytes  19.08.2014 13:59:41
XBV00049.VDF    : 8.11.168.60     2048 Bytes  19.08.2014 13:59:41
XBV00050.VDF    : 8.11.168.78    27136 Bytes  20.08.2014 13:59:41
XBV00051.VDF    : 8.11.168.80     2048 Bytes  20.08.2014 13:59:41
XBV00052.VDF    : 8.11.168.98    15360 Bytes  20.08.2014 13:59:41
XBV00053.VDF    : 8.11.168.100     2048 Bytes  20.08.2014 13:59:41
XBV00054.VDF    : 8.11.168.116    28160 Bytes  20.08.2014 19:59:34
XBV00055.VDF    : 8.11.168.118     9216 Bytes  20.08.2014 07:06:59
XBV00056.VDF    : 8.11.168.120     4096 Bytes  20.08.2014 07:06:59
XBV00057.VDF    : 8.11.168.124    12800 Bytes  21.08.2014 07:06:59
XBV00058.VDF    : 8.11.168.126    25088 Bytes  21.08.2014 13:43:06
XBV00059.VDF    : 8.11.168.132    33280 Bytes  21.08.2014 19:43:08
XBV00060.VDF    : 8.11.168.134     2048 Bytes  21.08.2014 19:43:08
XBV00061.VDF    : 8.11.168.138    11776 Bytes  21.08.2014 15:25:46
XBV00062.VDF    : 8.11.168.140     3584 Bytes  21.08.2014 15:25:46
XBV00063.VDF    : 8.11.168.158     3584 Bytes  22.08.2014 15:25:46
XBV00064.VDF    : 8.11.168.174     2048 Bytes  22.08.2014 15:25:46
XBV00065.VDF    : 8.11.168.180     5120 Bytes  22.08.2014 15:25:46
XBV00066.VDF    : 8.11.168.220     7168 Bytes  22.08.2014 15:25:46
XBV00067.VDF    : 8.11.168.222    20480 Bytes  22.08.2014 15:25:46
XBV00068.VDF    : 8.11.168.226    17920 Bytes  22.08.2014 21:26:19
XBV00069.VDF    : 8.11.168.230     8704 Bytes  22.08.2014 06:48:42
XBV00070.VDF    : 8.11.168.234     4608 Bytes  23.08.2014 06:48:42
XBV00071.VDF    : 8.11.168.236     4608 Bytes  23.08.2014 06:48:42
XBV00072.VDF    : 8.11.168.238     4608 Bytes  23.08.2014 06:48:42
XBV00073.VDF    : 8.11.168.240    37376 Bytes  23.08.2014 06:48:42
XBV00074.VDF    : 8.11.168.242     2048 Bytes  23.08.2014 06:48:42
XBV00075.VDF    : 8.11.168.244    38400 Bytes  24.08.2014 14:34:35
XBV00076.VDF    : 8.11.168.246     2048 Bytes  24.08.2014 14:34:35
XBV00077.VDF    : 8.11.168.248    14848 Bytes  24.08.2014 14:34:35
XBV00078.VDF    : 8.11.168.252     2048 Bytes  24.08.2014 14:34:36
XBV00079.VDF    : 8.11.168.254    24576 Bytes  24.08.2014 14:34:36
XBV00080.VDF    : 8.11.169.2      2048 Bytes  24.08.2014 15:34:35
XBV00081.VDF    : 8.11.169.4     22528 Bytes  25.08.2014 15:34:35
XBV00082.VDF    : 8.11.169.20     6656 Bytes  25.08.2014 15:34:35
XBV00083.VDF    : 8.11.169.36     4608 Bytes  25.08.2014 15:34:35
XBV00084.VDF    : 8.11.169.38    11264 Bytes  25.08.2014 15:34:35
XBV00085.VDF    : 8.11.169.40     2048 Bytes  25.08.2014 15:34:35
XBV00086.VDF    : 8.11.169.54     8192 Bytes  25.08.2014 15:34:35
XBV00087.VDF    : 8.11.169.62    28672 Bytes  25.08.2014 19:03:29
LOCAL001.VDF    : 8.11.169.62 109239808 Bytes  25.08.2014 19:03:44
Engine version  : 8.3.24.18 
AEVDF.DLL       : 8.3.1.6       133992 Bytes  20.08.2014 13:59:41
AESCRIPT.DLL    : 8.2.0.18      437104 Bytes  22.08.2014 15:25:46
AESCN.DLL       : 8.3.2.2       139456 Bytes  03.08.2014 05:52:58
AESBX.DLL       : 8.2.20.24    1409224 Bytes  08.05.2014 13:16:19
AERDL.DLL       : 8.2.0.138     704888 Bytes  02.12.2013 16:53:59
AEPACK.DLL      : 8.4.0.50      792488 Bytes  07.08.2014 17:23:48
AEOFFICE.DLL    : 8.3.0.20      216104 Bytes  14.08.2014 17:56:23
AEHEUR.DLL      : 8.1.4.1240   7433072 Bytes  22.08.2014 15:25:45
AEHELP.DLL      : 8.3.1.0       278728 Bytes  28.05.2014 14:19:18
AEGEN.DLL       : 8.1.7.28      450752 Bytes  06.06.2014 10:38:42
AEEXP.DLL       : 8.4.2.30      247712 Bytes  22.08.2014 15:25:46
AEEMU.DLL       : 8.1.3.4       399264 Bytes  07.08.2014 17:23:46
AEDROID.DLL     : 8.4.2.24      442568 Bytes  04.06.2014 18:27:28
AECORE.DLL      : 8.3.2.6       243712 Bytes  07.08.2014 17:23:46
AEBB.DLL        : 8.1.2.0        60448 Bytes  07.08.2014 17:23:46
AVWINLL.DLL     : 14.0.6.522     24144 Bytes  12.08.2014 06:28:36
AVPREF.DLL      : 14.0.6.522     50256 Bytes  12.08.2014 06:28:37
AVREP.DLL       : 14.0.6.522    219216 Bytes  12.08.2014 06:28:37
AVARKT.DLL      : 14.0.5.368    226384 Bytes  01.07.2014 11:30:18
AVEVTLOG.DLL    : 14.0.6.522    182352 Bytes  12.08.2014 06:28:36
SQLITE3.DLL     : 14.0.6.522    452176 Bytes  12.08.2014 06:28:43
AVSMTP.DLL      : 14.0.6.522     76368 Bytes  12.08.2014 06:28:37
NETNT.DLL       : 14.0.6.522     13392 Bytes  12.08.2014 06:28:42
RCIMAGE.DLL     : 14.0.6.522   4864080 Bytes  12.08.2014 06:28:36
RCTEXT.DLL      : 14.0.6.526     73808 Bytes  12.08.2014 06:28:36

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Montag, 25. August 2014  22:59

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
    [INFO]      No virus was found!

Starting search for hidden objects.

The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '141' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'avguard.exe' - '134' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'MemeoBackgroundService.exe' - '51' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '76' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'Avira.OE.ServiceHost.exe' - '127' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'taskhost.exe' - '73' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '169' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'ATouch64.exe' - '25' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '28' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'uTorrent.exe' - '97' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '74' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '58' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '36' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '54' Module(s) have been scanned
Scan process 'YouCamService.exe' - '78' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'avscan.exe' - '120' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '36' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '69' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned

Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)

Starting to scan executable files (registry):
The registry was scanned ( '10148' files ).


Starting the file scan:

Begin scan in 'C:\' <Boot>
    [0] Archive type: Runtime Packed
    --> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
        [1] Archive type: NSIS
      --> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
          [2] Archive type: RSRC
        --> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
            [3] Archive type: Runtime Packed
          --> C:\Windows\Installer\{A2549B58-0538-4957-9D69-296C167B6B07}\cgoeoagpliggelbifcanmkcjahlnahbbjrx
              [4] Archive type: ZIP
            --> dp.js
                [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
                [WARNING]   Infected files in archives cannot be repaired
C:\Windows\Installer\{A2549B58-0538-4957-9D69-296C167B6B07}\cgoeoagpliggelbifcanmkcjahlnahbbjrx
  [DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
  [NOTE]      The file was deleted.
Begin scan in 'D:\' <Recover>


End of the scan: Dienstag, 26. August 2014  02:42
Used time:  3:43:02 Hour(s)

The scan has been done completely.

  72860 Scanned directories
 2480053 Files were scanned
      2 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      1 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 2480051 Files not concerned
  46613 Archives were scanned
      1 Warnings
      1 Notes
 1299696 Objects were scanned with rootkit scan
      0 Hidden objects were found
         
Vielen Dank für weitere Hinweise.
__________________

Alt 29.08.2014, 09:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Das Addition Log von FRST fehlt
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.08.2014, 12:13   #5
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Oh, hatte ich glatt überlesen. Sorry. Gerade nochmal gescannt und diesmal bei Addition.txt das Häkchen gesetzt.
Hier also der aktuelle FRST scan:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 29-08-2014 12:08:38
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\System32\mfc100ud.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110

FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}] - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi [2014-08-27]

Chrome: 
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 sdbinstd; C:\Windows\system32\mfc100ud.exe [118784 2014-03-01] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:34 - 2014-08-28 21:35 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:50 - 2014-08-29 12:09 - 00017820 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:08 - 2014-08-28 21:23 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:35 - 2014-08-16 20:46 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 21:59 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:23 - 2014-08-17 21:39 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:53 - 2014-08-24 16:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 12:09 - 2014-08-28 20:50 - 00017820 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 12:08 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-29 12:08 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-29 11:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 11:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 09:48 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-29 09:47 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-29 09:47 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-29 09:47 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 09:44 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:44 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:41 - 2012-06-25 15:02 - 01859019 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 09:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 09:36 - 2009-07-14 06:51 - 00277591 _____ () C:\Windows\setupact.log
2014-08-29 09:32 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-29 08:19 - 2010-11-21 05:47 - 00119496 _____ () C:\Windows\PFRO.log
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:35 - 2014-08-28 21:34 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:34 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 21:34 - 2014-02-22 13:06 - 756738886 _____ () C:\Windows\MEMORY.DMP
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM.txt
2014-08-28 21:23 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-26 19:33 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 16:36 - 2014-08-14 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 21:39 - 2014-08-16 20:23 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 21:59 - 2014-08-16 20:34 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:46 - 2014-08-16 20:35 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:54 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 17:07 - 2014-07-10 19:42 - 00147525 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_45282BA1.dat
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 21:44

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Und diesmal auch das Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 12:09:29
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
ActiveState ActivePython 2.7.2.5 (32-bit) (HKLM-x32\...\{49351FE8-DB8F-4C56-9DA6-B2D6CE3F7BF8}) (Version: 2.7.5 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004106478.48.56.11741954 - Audible, Inc.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version:  - )
CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version:  - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version:  - )
DisplayLink Core Software (HKLM\...\{97E1E152-139C-496B-8876-8884AA18DE73}) (Version: 7.4.53134.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{ACA8E43C-8EAC-4F5B-8ECA-705361F4E183}) (Version: 6.3.40662.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version:  - )
ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version:  - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Ich sehe was ... die große Schatzsuche (HKLM-x32\...\{3170BDC4-4BF9-42AE-81BC-14D4F60569C0}) (Version: 1.00.0000 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version:  - NIH)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 3.3.0728 - KYOCERA Document Solutions Inc.)
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version:  - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version:  - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version:  - )
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.205.0 - Tracker Software Products Ltd)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Python 2.7 pycrypto-2.1.0 (HKCU\...\pycrypto-py2.7) (Version:  - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Videoload (HKCU\...\76135659.wcps.t-online.de) (Version:  - wcps.t-online.de)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinEdt (HKLM-x32\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version:  - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-08-2014 20:03:13 Windows Update
15-08-2014 11:23:57 Installed DisplayLink Graphics
19-08-2014 18:23:58 Windows Update
23-08-2014 20:10:49 Windows Update
24-08-2014 19:50:58 Installed calibre
26-08-2014 12:39:23 Windows Update
27-08-2014 20:42:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051DD7B2-D970-412F-BD2A-7E7D1742EAA9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: {1D8C02A5-3E7B-4816-978F-28B6CA02A032} - System32\Tasks\{5505A6B5-5BCF-41DA-8A58-280D847A26D2} => C:\Terzio\Fantasy\Fantasy.exe
Task: {4218E9AE-08BD-4C98-A92F-2D0A1AEDBEFC} - System32\Tasks\{A70AB0CA-7E5E-459F-9F12-438D86760230} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {9210A6B3-915C-4A98-B3CD-E6C529E36CD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated)
Task: {9AE072A8-C3D9-44BE-8171-9A83BDA4E5C8} - System32\Tasks\{38AAD464-4DDC-4FA7-8181-6DDE29AB2C88} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {9AEC74F9-AC5F-4D04-B2BF-7383E916BA9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: {A3AA101E-FCF2-4A10-ABDC-E07E162B1570} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {AC0EC1C2-2334-4A29-A699-9A31985586B5} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: {B7DE2F0E-E5B6-495A-B789-D3795A691202} - System32\Tasks\{F12E4BCB-1C92-467B-83A4-328D278EF4C1} => C:\Terzio\Fantasy\Fantasy.exe
Task: {C284D5B2-3150-4966-A44D-2B0E3CE36AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-04-11 11:57 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 11:57 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 07:19 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-01 23:21 - 2014-03-01 23:21 - 00118784 _____ () C:\Windows\system32\mfc100ud.exe
2012-04-11 09:57 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-11 11:57 - 2012-03-27 23:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 11:57 - 2012-02-24 23:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:14 - 2014-08-14 14:14 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-04-11 10:39 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-11 10:31 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-14 13:54 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\bieni2\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-04-11 11:57 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 11:57 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-08-03 08:55 - 2014-08-03 08:56 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2014 09:36:58 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/29/2014 08:19:39 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/28/2014 09:35:55 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/28/2014 04:38:23 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/27/2014 09:07:25 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/26/2014 07:03:39 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/26/2014 02:32:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/26/2014 10:13:54 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/26/2014 10:11:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
   at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
   at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.StartFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (08/26/2014 10:08:46 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)


System errors:
=============
Error: (08/29/2014 09:36:32 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (08/29/2014 08:33:48 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (08/29/2014 08:19:14 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (08/28/2014 09:35:12 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa80036c6040, 0xfffff80000b9c3d0)C:\Windows\MEMORY.DMP082814-15693-01

Error: (08/28/2014 09:34:41 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (08/28/2014 06:14:40 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (08/28/2014 05:29:28 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (08/28/2014 04:55:39 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (08/28/2014 04:36:26 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (08/27/2014 09:24:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-05-13 10:18:02.891
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:02.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:00.795
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:00.754
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:58.689
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:58.658
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:56.568
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:56.537
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:54.462
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:54.431
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 3990.83 MB
Available physical RAM: 1777.46 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 5405.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:56.19 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         


Alt 29.08.2014, 12:24   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen aus den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware

Alt 29.08.2014, 15:11   #7
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Hallo,
Ich habe alle Anweisungen befolgt. (Hoffentlich habe ich alles richtig ausgeührt.)
Hier die neuen Logfiles:
Adwcleaner Log
Code:
ATTFilter
# AdwCleaner v3.308 - Bericht erstellt am 29/08/2014 um 14:38:11
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bieni2 - BIENI2-PC
# Gestartet von : C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : sdbinstd

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
Ordner Gelöscht : C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}
Ordner Gelöscht : C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
Datei Gelöscht : C:\Windows\System32\mfc100ud.exe
Datei Gelöscht : C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Download Protect]
Schlüssel Gelöscht : HKLM\SOFTWARE\Solvusoft
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\prefs.js ]


*************************

AdwCleaner[R0].txt - [4684 octets] - [06/07/2014 21:18:24]
AdwCleaner[R1].txt - [1060 octets] - [06/07/2014 21:54:09]
AdwCleaner[R2].txt - [1181 octets] - [06/07/2014 22:08:46]
AdwCleaner[R3].txt - [1301 octets] - [06/07/2014 22:14:03]
AdwCleaner[R4].txt - [1236 octets] - [09/07/2014 20:57:27]
AdwCleaner[R5].txt - [1356 octets] - [09/07/2014 22:16:42]
AdwCleaner[R6].txt - [2422 octets] - [29/08/2014 14:24:34]
AdwCleaner[R7].txt - [2541 octets] - [29/08/2014 14:36:03]
AdwCleaner[R8].txt - [2660 octets] - [29/08/2014 14:37:33]
AdwCleaner[S0].txt - [4572 octets] - [06/07/2014 21:19:15]
AdwCleaner[S1].txt - [1122 octets] - [06/07/2014 21:57:40]
AdwCleaner[S2].txt - [1243 octets] - [06/07/2014 22:09:34]
AdwCleaner[S3].txt - [1298 octets] - [09/07/2014 20:58:14]
AdwCleaner[S4].txt - [1418 octets] - [09/07/2014 22:21:11]
AdwCleaner[S5].txt - [322 octets] - [29/08/2014 14:26:50]
AdwCleaner[S6].txt - [322 octets] - [29/08/2014 14:37:04]
AdwCleaner[S7].txt - [2581 octets] - [29/08/2014 14:38:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2641 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by bieni2 on 29.08.2014 at 14:54:07,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{2EAAC5A5-5F30-4389-A08B-8E776BCA21BB}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{4B48EC32-CC73-4E49-834E-F4A5B2EBA36C}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{74616613-6B4F-4C76-A546-6F1E0E0E8D2F}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{A2858F14-956C-42DE-AE1C-614A9B17D150}



~~~ FireFox

Emptied folder: C:\Users\bieni2\AppData\Roaming\mozilla\firefox\profiles\29abvt0m.bieni\minidumps [33 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.08.2014 at 15:01:10,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und als letztes das aktuelle FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 29-08-2014 15:04:24
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110

FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 15:04 - 2014-08-29 15:04 - 00016851 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 15:03 - 2014-08-29 15:03 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-29 15:01 - 2014-08-29 15:01 - 00001187 _____ () C:\Users\bieni2\Desktop\JRT.txt
2014-08-29 14:54 - 2014-08-29 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 14:48 - 2014-08-29 14:48 - 00002725 _____ () C:\Users\bieni2\Desktop\AdwCleaner[S7].txt
2014-08-29 14:23 - 2014-08-29 14:23 - 01364531 _____ () C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
2014-08-29 14:23 - 2014-08-29 14:23 - 01016261 _____ (Thisisu) C:\Users\bieni2\Desktop\JRT.exe
2014-08-29 14:21 - 2014-08-29 14:21 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-29 14:21 - 2014-08-29 14:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 12:09 - 2014-08-29 12:09 - 00066968 _____ () C:\Users\bieni2\Desktop\Addition_20140828.txt
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:34 - 2014-08-28 21:35 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM_20140828.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer_20140828.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:50 - 2014-08-29 12:09 - 00043247 _____ () C:\Users\bieni2\Desktop\FRST_20140828.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST6420140828.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 15:04 - 2014-08-29 15:04 - 00016851 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 15:04 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-29 15:03 - 2014-08-29 15:03 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-29 15:01 - 2014-08-29 15:01 - 00001187 _____ () C:\Users\bieni2\Desktop\JRT.txt
2014-08-29 14:54 - 2014-08-29 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 14:49 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-29 14:49 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-29 14:49 - 2009-07-14 06:51 - 00277815 _____ () C:\Windows\setupact.log
2014-08-29 14:48 - 2014-08-29 14:48 - 00002725 _____ () C:\Users\bieni2\Desktop\AdwCleaner[S7].txt
2014-08-29 14:48 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-29 14:48 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-29 14:48 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 14:48 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 14:48 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 14:45 - 2012-06-25 15:02 - 01942209 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 14:40 - 2010-11-21 05:47 - 00119810 _____ () C:\Windows\PFRO.log
2014-08-29 14:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 14:38 - 2014-07-06 21:18 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 14:23 - 2014-08-29 14:23 - 01364531 _____ () C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
2014-08-29 14:23 - 2014-08-29 14:23 - 01016261 _____ (Thisisu) C:\Users\bieni2\Desktop\JRT.exe
2014-08-29 14:21 - 2014-08-29 14:21 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-29 14:21 - 2014-08-29 14:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-29 14:16 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-29 13:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 12:09 - 2014-08-29 12:09 - 00066968 _____ () C:\Users\bieni2\Desktop\Addition_20140828.txt
2014-08-29 12:09 - 2014-08-28 20:50 - 00043247 _____ () C:\Users\bieni2\Desktop\FRST_20140828.txt
2014-08-29 09:32 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:35 - 2014-08-28 21:34 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:34 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 21:34 - 2014-02-22 13:06 - 756738886 _____ () C:\Windows\MEMORY.DMP
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM_20140828.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer_20140828.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST6420140828.exe
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 21:44

==================== End Of Log ============================
         
--- --- ---


mit dem aktuellen Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 15:05:14
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
ActiveState ActivePython 2.7.2.5 (32-bit) (HKLM-x32\...\{49351FE8-DB8F-4C56-9DA6-B2D6CE3F7BF8}) (Version: 2.7.5 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004106478.48.56.11741954 - Audible, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version:  - )
CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version:  - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version:  - )
DisplayLink Core Software (HKLM\...\{97E1E152-139C-496B-8876-8884AA18DE73}) (Version: 7.4.53134.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{ACA8E43C-8EAC-4F5B-8ECA-705361F4E183}) (Version: 6.3.40662.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version:  - )
ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version:  - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Ich sehe was ... die große Schatzsuche (HKLM-x32\...\{3170BDC4-4BF9-42AE-81BC-14D4F60569C0}) (Version: 1.00.0000 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version:  - NIH)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 3.3.0728 - KYOCERA Document Solutions Inc.)
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version:  - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version:  - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version:  - )
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.205.0 - Tracker Software Products Ltd)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Python 2.7 pycrypto-2.1.0 (HKCU\...\pycrypto-py2.7) (Version:  - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Videoload (HKCU\...\76135659.wcps.t-online.de) (Version:  - wcps.t-online.de)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinEdt (HKLM-x32\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version:  - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-08-2014 20:03:13 Windows Update
15-08-2014 11:23:57 Installed DisplayLink Graphics
19-08-2014 18:23:58 Windows Update
23-08-2014 20:10:49 Windows Update
24-08-2014 19:50:58 Installed calibre
26-08-2014 12:39:23 Windows Update
27-08-2014 20:42:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051DD7B2-D970-412F-BD2A-7E7D1742EAA9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: {1D8C02A5-3E7B-4816-978F-28B6CA02A032} - System32\Tasks\{5505A6B5-5BCF-41DA-8A58-280D847A26D2} => C:\Terzio\Fantasy\Fantasy.exe
Task: {4218E9AE-08BD-4C98-A92F-2D0A1AEDBEFC} - System32\Tasks\{A70AB0CA-7E5E-459F-9F12-438D86760230} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {9210A6B3-915C-4A98-B3CD-E6C529E36CD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated)
Task: {9AE072A8-C3D9-44BE-8171-9A83BDA4E5C8} - System32\Tasks\{38AAD464-4DDC-4FA7-8181-6DDE29AB2C88} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {9AEC74F9-AC5F-4D04-B2BF-7383E916BA9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: {A3AA101E-FCF2-4A10-ABDC-E07E162B1570} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {AC0EC1C2-2334-4A29-A699-9A31985586B5} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: {B7DE2F0E-E5B6-495A-B789-D3795A691202} - System32\Tasks\{F12E4BCB-1C92-467B-83A4-328D278EF4C1} => C:\Terzio\Fantasy\Fantasy.exe
Task: {C284D5B2-3150-4966-A44D-2B0E3CE36AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-04-11 11:57 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 11:57 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 07:19 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-04-11 09:57 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-11 11:57 - 2012-03-27 23:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 11:57 - 2012-02-24 23:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-07-14 16:49 - 2014-07-14 16:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-14 16:49 - 2014-07-14 16:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:14 - 2014-08-14 14:14 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-04-11 10:39 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-11 10:31 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-14 13:54 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\bieni2\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-04-11 11:57 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 11:57 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-05-13 10:18:02.891
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:02.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:00.795
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:18:00.754
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:58.689
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:58.658
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:56.568
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:56.537
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:54.462
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-13 10:17:54.431
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 43%
Total physical RAM: 3990.83 MB
Available physical RAM: 2242.18 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 5957.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:56.5 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.58 GB) NTFS
Drive e: (PIPPI_D3) (CDROM) (Total:7.08 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

Alt 29.08.2014, 16:03   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.08.2014, 18:04   #9
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Hallo
Habe FRST laufen lassen mit dem eingefügten Text. Hier ist das Ergebnis (Fixlog.txt)
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 16:54:39 Run:3
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
         
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 30.08.2014, 13:12   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.09.2014, 13:52   #11
blueinf
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



Hallo,
Sorry, dass ich eine ganze Weile für die Ausführung der Scans benötigt habe. Komme jetzt endlich dazu.

Hier das aktuelle MBAM Logfile:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 07.09.2014
Scan Time: 08:05:22
Logfile: mbam_20140907.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.07.01
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bieni2

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340838
Time Elapsed: 16 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Und hier ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b53fc8c3934fef438939a639f657263a
# engine=20034
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-07 10:10:56
# local_time=2014-09-07 12:10:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 57002 64009242 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 54544 161714506 0 0
# scanned=438141
# found=6
# cleaned=0
# scan_time=11155
sh=95D1E596ACC1912879100C54027750C1772027C7 ft=1 fh=212faf0536ad9d68 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\bieni2\AppData\Local\DownloadGuide\Offers\ResultsAlphaSetup.exe.vir"
sh=107FCBBD08C3CB01A6B817DF674851DC8EADB434 ft=1 fh=8875adce3e5b5647 vn="Variante von Win64/Agent.BL Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\mfc100ud.exe.vir"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe"
sh=A013EFA23324355B48343CB1E9241E8C88AF4CD8 ft=1 fh=0327700b639d5c9c vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Software\MKCAD6StudioDeutsch.exe"
sh=F1B26AFCE9959BE67A1FB8C912A4D71DCAB3383E ft=1 fh=47e2548a1805d6b0 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Software\pcbeschleunigen_3117294b04e644fbbdb5af6079d2ef92_.exe"
sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=a874d3fc82897e2d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe"
         
Beste Grüße
blueinf

Alt 10.09.2014, 14:29   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Standard

Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware



TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware
adware/lintrane.av, antivir, antivirus, beseitigung, bonjour, download protect 2.2.5 firefox, entfernen, firefox, flash player, homepage, js/gfilter.ba, malware, mozilla, pup.optional.downloadprotect.a, registry, services.exe, software, svchost.exe, system, temp, tracker, windows



Ähnliche Themen: Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware


  1. Download Protect 2.2.11 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 08.08.2015 (24)
  2. Download Protect 2.2.8 lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 10.07.2015 (19)
  3. Download Protect 2.2.8 lässt sich nicht entfernen.
    Alles rund um Windows - 05.07.2015 (3)
  4. Download Protect 2.2.5 (Add-on) lässt sich nicht dauerhaft aus Firefox entfernen
    Log-Analyse und Auswertung - 01.10.2014 (29)
  5. Download Protect 2.2.5 lässt sich aus Firefox nicht entfernen
    Log-Analyse und Auswertung - 13.08.2014 (12)
  6. Download protect 2.2.5 lässt sich als Erweiterung in Chrome nicht entfernen
    Log-Analyse und Auswertung - 06.08.2014 (15)
  7. download protect 2.2.1 / 2.2.4 unter windows 7 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 31.07.2014 (23)
  8. Windows 8: Add-on "Download protect 2.2.1." lässt sich nicht entfernen
    Log-Analyse und Auswertung - 07.07.2014 (22)
  9. Download Protect 2.2.1 und 1.0 im Firefox lässt sich nicht entfernen und schmeisst andere Erweiterungen raus
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (30)
  10. Download Protect 2.2.1 lässt sich nicht entfernen (Windows 7)
    Log-Analyse und Auswertung - 24.06.2014 (26)
  11. Download protect lässt sich aus Google Chrome nicht entfernen !
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (13)
  12. Download Protect in Firefox läßt sich nicht dauerhaft entfernen - Windows 8.1
    Log-Analyse und Auswertung - 16.06.2014 (11)
  13. Download Protect 2.20 lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (11)
  14. Download Protect in Firefox läßt sich nicht dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (27)
  15. Win7 FF Add on "download protect 2.2.0" lässt sich nicht entfernen
    Log-Analyse und Auswertung - 18.04.2014 (5)
  16. Add on: Download Protect lässt sich nicht entfernen. (Windows 7, Mozilla Firefox)
    Log-Analyse und Auswertung - 15.04.2014 (5)
  17. Download Protect 2.20 in Chrome lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 06.04.2014 (10)

Zum Thema Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware - Seit ein paar Monaten kämpfe ich gegen Download Protect 2.2.1 und dachte auch, ich wäre erfolgreich, aber es taucht immer wieder auf, jetzt als Version 2.2.5. Daher bitte ich hier - Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware...
Archiv
Du betrachtest: Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.