Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit Laptop Langsam geworden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.09.2014, 18:52   #1
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Hallo
ich habe ein Laptop mit Win7 drauf.
dabei läuft auch Avira Antivir.und die Firewall von Windows.
Ich habe aber im Moment festgestellt das Windows sehr langsam hochfährt und auch so sehr langsam arbeitet.
Desweiteren hab ich auch im Internet Probleme beim surfen von der geschwindigkeit her.
Hab 12000 DSL aber kommt mir manchmal vor wie 1000.
Was kann ich da machen? Könnt ihr mir helfen. Bin nicht unbedingt ein Laie was das angeht
aber vllt. hat da wer ne Lösung.
Danke im voraus

Alt 09.09.2014, 19:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 09.09.2014, 20:00   #3
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by 1860 (administrator) on 1860-PC on 09-09-2014 20:51:19
Running from C:\Users\1860\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lxdncoms.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\OneBrowse\OneBrowseUIProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\1860\Downloads\otl.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\1860\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1860\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Google Drive) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-06]
CHR Extension: (Adblock Plus) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Google Mail) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 OneBrowseService; C:\Program Files (x86)\OneBrowse\OneBrowseService.exe [323584 2014-08-19] () [File not signed]
R4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148632 2012-01-10] (Crawler.com)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-17] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [76400 2011-01-25] (Atheros Communications, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 OneBrowseDriver; C:\Program Files (x86)\OneBrowse\OneBrowse.sys [35720 2014-08-19] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-08-29] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 20:51 - 2014-09-09 20:52 - 00014766 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-09 20:51 - 2014-09-09 20:51 - 00000000 ____D () C:\FRST
2014-09-09 20:50 - 2014-09-09 20:50 - 02105344 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-09 17:46 - 2014-09-09 17:46 - 00000622 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartnermaxdome.htm
2014-09-09 17:46 - 2014-09-09 17:46 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartnermaxdome_files
2014-09-09 17:45 - 2014-09-09 17:45 - 00000621 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartner16000.htm
2014-09-09 17:45 - 2014-09-09 17:45 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartner16000_files
2014-09-09 17:44 - 2014-09-09 17:44 - 00000616 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartner.htm
2014-09-09 17:44 - 2014-09-09 17:44 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartner_files
2014-09-08 19:06 - 2014-09-08 19:06 - 00000618 _____ () C:\Windows\PFRO.log
2014-09-07 07:26 - 2014-09-09 14:26 - 00000168 _____ () C:\Windows\setupact.log
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:30 - 2014-09-05 14:32 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-09-03 14:50 - 2014-09-09 14:30 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 17:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-31 17:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-31 17:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-31 17:54 - 2014-08-31 18:14 - 00000000 ____D () C:\Qoobox
2014-08-31 17:54 - 2014-08-31 18:12 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 17:49 - 2014-08-31 17:50 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:33 - 2014-08-29 18:33 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-08-29 18:32 - 2014-08-29 18:33 - 00000000 ____D () C:\Python27
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-09-09 14:44 - 00001024 _____ () C:\.rnd
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:24 - 2014-09-09 14:44 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-08-29 18:24 - 2014-08-29 18:24 - 00000000 ____D () C:\Program Files (x86)\Easy BitTorrent Client
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-09-04 14:48 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 18:01 - 2014-08-29 18:01 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Spyware Terminator
2014-08-29 18:01 - 2014-08-29 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-08-29 12:29 - 2014-08-29 12:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:45 - 2014-08-30 14:13 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-08-29 10:45 - 2014-08-29 10:44 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:37 - 2014-08-29 06:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-28 06:38 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:38 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:38 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:25 - 2014-08-21 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:28 - 2014-08-25 10:46 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-21 10:24 - 2014-08-28 07:31 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-21 10:24 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:27 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-20 12:18 - 2014-08-20 12:19 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-19 06:26 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 06:26 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 06:26 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 06:26 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 06:26 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 06:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:52 - 2014-08-18 18:53 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:48 - 2014-08-18 18:49 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:35 - 2014-08-16 06:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00011776 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2014-08-15 19:34 - 2014-08-15 19:36 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:15 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 05:15 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 05:15 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 05:15 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 05:15 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 20:34 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:34 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:34 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:34 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:34 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:34 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:34 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:34 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:16 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:16 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:16 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:16 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:16 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:16 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:16 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:16 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:16 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:16 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:16 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:16 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:16 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:16 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:16 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:16 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:16 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:16 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:16 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:16 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:15 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:15 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:14 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:14 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-10 22:50 - 2014-08-10 22:51 - 35595360 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetupFull.exe
2014-08-10 22:49 - 2014-08-10 22:49 - 00003188 _____ () C:\Windows\System32\Tasks\{7D477009-58F9-4698-B334-40CE5E979124}
2014-08-10 22:47 - 2014-08-10 22:47 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 20:52 - 2014-09-09 20:51 - 00014766 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-09 20:51 - 2014-09-09 20:51 - 00000000 ____D () C:\FRST
2014-09-09 20:51 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 20:51 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 20:50 - 2014-09-09 20:50 - 02105344 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-09 20:35 - 2014-03-06 14:04 - 01860000 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-09 20:34 - 2014-03-06 15:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 20:25 - 2014-05-25 21:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-09 20:01 - 2014-03-10 14:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-09 18:28 - 2014-03-06 14:49 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Skype
2014-09-09 17:46 - 2014-09-09 17:46 - 00000622 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartnermaxdome.htm
2014-09-09 17:46 - 2014-09-09 17:46 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartnermaxdome_files
2014-09-09 17:45 - 2014-09-09 17:45 - 00000621 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartner16000.htm
2014-09-09 17:45 - 2014-09-09 17:45 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartner16000_files
2014-09-09 17:44 - 2014-09-09 17:44 - 00000616 _____ () C:\Users\1860\Desktop\1&1 Vertriebspartner.htm
2014-09-09 17:44 - 2014-09-09 17:44 - 00000000 ____D () C:\Users\1860\Desktop\1&1 Vertriebspartner_files
2014-09-09 14:44 - 2014-08-29 18:27 - 00001024 _____ () C:\.rnd
2014-09-09 14:44 - 2014-08-29 18:24 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-09-09 14:30 - 2014-09-03 14:50 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-09 14:27 - 2014-05-25 21:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-09 14:26 - 2014-09-07 07:26 - 00000168 _____ () C:\Windows\setupact.log
2014-09-09 14:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 19:06 - 2014-09-08 19:06 - 00000618 _____ () C:\Windows\PFRO.log
2014-09-08 13:37 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\Documents\UseNeXT
2014-09-07 18:43 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\AppData\Roaming\UseNeXT
2014-09-07 17:14 - 2014-03-10 14:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:32 - 2014-09-05 14:30 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:31 - 2014-08-03 15:42 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-05 14:31 - 2014-08-03 15:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-05 14:24 - 2009-07-14 19:58 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-09-05 14:24 - 2009-07-14 19:58 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-09-05 14:24 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 14:48 - 2014-08-29 18:01 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-09-03 14:47 - 2009-07-14 06:45 - 00434848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 20:40 - 2014-03-18 16:08 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 18:14 - 2014-08-31 17:54 - 00000000 ____D () C:\Qoobox
2014-08-31 18:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-31 18:12 - 2014-08-31 17:54 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 18:09 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-31 17:50 - 2014-08-31 17:49 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-31 11:32 - 2014-08-03 09:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-30 14:13 - 2014-08-29 10:45 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:35 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860
2014-08-29 18:33 - 2014-08-29 18:33 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-08-29 18:33 - 2014-08-29 18:32 - 00000000 ____D () C:\Python27
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:24 - 2014-08-29 18:24 - 00000000 ____D () C:\Program Files (x86)\Easy BitTorrent Client
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 18:01 - 2014-08-29 18:01 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Spyware Terminator
2014-08-29 18:01 - 2014-08-29 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-08-29 13:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-29 12:30 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:30 - 2014-07-06 13:02 - 00011928 _____ () C:\Users\1860\Downloads\hijackthis.log
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:44 - 2014-08-29 10:45 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:38 - 2014-08-29 06:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 06:38 - 2014-07-30 18:17 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 06:37 - 2014-07-30 18:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-28 07:31 - 2014-08-21 10:24 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-28 06:49 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860\AppData\Local\VirtualStore
2014-08-28 06:47 - 2014-05-08 12:09 - 00000000 ____D () C:\Users\1860\Desktop\bilder auto
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-25 10:46 - 2014-08-21 10:28 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-25 10:46 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-23 04:07 - 2014-08-28 06:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 06:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 06:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:26 - 2014-08-21 13:25 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:27 - 2014-08-21 10:23 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 05:06 - 2014-03-17 18:11 - 00000000 ____D () C:\Users\1860\AppData\Roaming\DAEMON Tools Lite
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLearn
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\eLearn
2014-08-20 12:19 - 2014-08-20 12:18 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-20 06:04 - 2014-03-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 06:03 - 2014-03-17 19:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-19 06:19 - 2014-03-06 14:23 - 00111912 _____ () C:\Users\1860\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:53 - 2014-08-18 18:52 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:49 - 2014-08-18 18:48 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-17 05:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-16 20:54 - 2014-03-15 06:37 - 00000404 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:34 - 2014-08-16 06:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:36 - 2014-08-15 19:34 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 19:34 - 2014-03-15 10:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 05:50 - 2014-05-12 08:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-10 22:51 - 2014-08-10 22:50 - 35595360 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetupFull.exe
2014-08-10 22:49 - 2014-08-10 22:49 - 00003188 _____ () C:\Windows\System32\Tasks\{7D477009-58F9-4698-B334-40CE5E979124}
2014-08-10 22:47 - 2014-08-10 22:47 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (1).exe

Some content of TEMP:
====================
C:\Users\1860\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 19:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by 1860 at 2014-09-09 20:52:54
Running from C:\Users\1860\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
arCV (HKLM-x32\...\{ACC1683B-5AB9-429A-88C2-D575424009D0}) (Version: 4.3.3 - Arne Reuter)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.0816 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.0816 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
DriverEasy 4.6.6 (HKLM\...\DriverEasy_is1) (Version: 4.6.6.0 - Easeware)
Easy BitTorrent Client (HKLM-x32\...\Easy BitTorrent Client) (Version:  - )
Easy Torrent Support (HKLM-x32\...\OneBrowse platform) (Version:  - OneBrowse)
eLearn CDROM 1.0 (HKLM-x32\...\eLearn 1.2.1_is1) (Version:  - FIAT Auto S.p.A.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flat Trader (HKCU\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.7.2.1 - FX Flat)
Flat Trader (x32 Version: 2.38.56.7.2.1 - FX Flat) Hidden
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
KMSnano 22 (HKLM\...\KMSnano 22_is1) (Version: KMSnano 22 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
onl!ne email grabber professional 2.2.1 (HKLM-x32\...\email grabber_is1) (Version: 2.2.1.0 - Sven Bader - Design & Software)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4D36-97C2-A316084722CF}) (Version: 2.7.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
SafeFinder Smartbar (HKLM-x32\...\{1898B668-CCF5-429F-A86F-9837E5439D77}) (Version: 11.114.72.19232 - Linkury Ltd.) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.54 - Crawler.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XMedia Recode Version 3.1.8.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.8 - XMedia Recode)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-08-2014 04:33:01 Installed Java 7 Update 67
17-08-2014 02:58:20 Windows Update
18-08-2014 16:50:50 Installiert Flat Trader
19-08-2014 04:23:08 Windows Update
27-08-2014 16:52:41 Geplanter Prüfpunkt
28-08-2014 04:45:27 arCV wird installiert
29-08-2014 16:31:57 Installed Python 2.7.2
31-08-2014 15:57:27 ComboFix created restore point
03-09-2014 12:24:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-31 18:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FA62DF7-79A8-4232-9582-F1718B017E20} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1362B6F4-F077-43BD-AD01-4E2EAA919012} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {15B696BE-385F-45D0-81E0-F1B0ADEDC9AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {208AA79F-9418-4C41-BF4E-687CE6F0BEF9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {5EEBED88-76C1-49D4-9CB4-74D702CE9C06} - System32\Tasks\AutoKMS => C:\WINDOWS\AUTOKMS\AutoKMS.exe [2014-03-30] ()
Task: {627FEC70-8C45-4116-BAA2-6E2E6AD1D2CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {64BDF030-3E0D-4454-8A97-14E4F61D526A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FAEB5A2-5CEE-43D7-8950-05A6AC803870} - System32\Tasks\{7D477009-58F9-4698-B334-40CE5E979124} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.18.0.106&amp;LastError=12007
Task: {735F2130-57DC-4819-B8D7-1A0866EC9AD9} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {B10F2ECA-D3E7-4F14-88E3-DE0B86EBC067} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5352DB3-4A18-4108-80C6-540773412094} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {C58DCE38-CD62-4901-9381-A142415BFC59} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {DAA2DEB8-E9BD-41A0-9E74-B7C666D0A488} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-02-26] (Easeware)
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-18 16:08 - 2009-08-13 13:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2013-10-31 11:24 - 2013-10-31 11:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-15 19:34 - 2011-08-25 10:50 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2014-08-19 14:20 - 2014-08-19 14:20 - 00019968 _____ () C:\Program Files (x86)\OneBrowse\OneBrowseUIProcess.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-03 14:48 - 2014-08-14 17:27 - 00051504 _____ () C:\Users\1860\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-19 14:20 - 2014-08-19 14:20 - 00032256 _____ () C:\Program Files (x86)\OneBrowse\OneBrowse.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00051016 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00716616 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00100168 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 04061000 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00394568 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 01647432 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 13632840 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: ST2012_Svc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_643ADABA1D5F8841A8D9FF4E8733D2D0 => "C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Power2GoExpress => "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\1860\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\1860\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2014 06:33:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm otl.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ce0

Startzeit: 01cfcc4b7cee2954

Endzeit: 0

Anwendungspfad: C:\Users\1860\Downloads\otl.exe

Berichts-ID: eb9097f5-383e-11e4-b8a8-bc773708f1c3

Error: (09/09/2014 05:22:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.5.0.0, Zeitstempel: 0x52aef33f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x788
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3

Error: (09/09/2014 05:22:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TriggerKMS.exe, Version: 9.1.0.0, Zeitstempel: 0x5103d618
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xTriggerKMS.exe0
Pfad der fehlerhaften Anwendung: TriggerKMS.exe1
Pfad des fehlerhaften Moduls: TriggerKMS.exe2
Berichtskennung: TriggerKMS.exe3

Error: (09/09/2014 05:22:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (09/09/2014 05:21:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TriggerKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei System.Management.ManagementScope.Initialize()
   bei TriggerKMS.Principal.Connect()
   bei TriggerKMS.Principal.Main()

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7192

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7192

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2014 08:21:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6131

Error: (09/08/2014 08:21:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6131


System errors:
=============
Error: (09/09/2014 02:45:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2014 02:26:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2014 um 05:32:50 unerwartet heruntergefahren.

Error: (09/09/2014 05:18:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 22:22:54 unerwartet heruntergefahren.

Error: (09/08/2014 07:09:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (09/08/2014 07:08:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 13:38:57 unerwartet heruntergefahren.

Error: (09/07/2014 03:42:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (09/03/2014 02:47:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2014 02:22:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/02/2014 03:14:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/01/2014 03:05:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/09/2014 06:33:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: otl.exe3.2.69.0ce001cfcc4b7cee29540C:\Users\1860\Downloads\otl.exeeb9097f5-383e-11e4-b8a8-bc773708f1c3

Error: (09/09/2014 05:22:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052aef33fKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d78801cfcbdcd968f9f1C:\WINDOWS\AUTOKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dll7e2e0484-37d0-11e4-b9a8-bc773708f1c3

Error: (09/09/2014 05:22:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TriggerKMS.exe9.1.0.05103d618KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d6c401cfcbdcd5a029e1C:\Program Files\KMSnano\TriggerKMS.exeC:\Windows\system32\KERNELBASE.dll7e2ddd74-37d0-11e4-b9a8-bc773708f1c3

Error: (09/09/2014 05:22:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (09/09/2014 05:21:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TriggerKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei System.Management.ManagementScope.Initialize()
   bei TriggerKMS.Principal.Connect()
   bei TriggerKMS.Principal.Main()

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7192

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7192

Error: (09/08/2014 08:21:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2014 08:21:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6131

Error: (09/08/2014 08:21:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6131


CodeIntegrity Errors:
===================================
  Date: 2014-08-31 18:04:29.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.313
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.208
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.099
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.599
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 64%
Total physical RAM: 4003 MB
Available physical RAM: 1413.48 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 4887.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.53 GB) (Free:291.93 GB) NTFS
Drive d: (Recover) (Fixed) (Total:38 GB) (Free:16.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E47B19CB)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
__________________

Alt 09.09.2014, 20:12   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Zitat:
C:\Windows\System32\Tasks\AutoKMS
Microsoft Office Professional Plus 2013
Sry aber du hast ein gecracktes MS Office drauf. Das musst verschwinden bevor es weitergehen kann. Und natürlich muss auch alles andere runter, was noch illegal ist, sofern vorhanden.

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.09.2014, 15:01   #5
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



hallo also ist entfernt worden grad vorher.

und nu??

was soll ich jetzt machen? das ding is weg.deinstalliert.und nu?


Alt 10.09.2014, 15:05   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

__________________
--> Probleme mit Laptop Langsam geworden

Alt 10.09.2014, 15:22   #7
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by 1860 at 2014-09-10 16:07:50
Running from C:\Users\1860\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
arCV (HKLM-x32\...\{ACC1683B-5AB9-429A-88C2-D575424009D0}) (Version: 4.3.3 - Arne Reuter)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.0816 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.0816 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
eLearn CDROM 1.0 (HKLM-x32\...\eLearn 1.2.1_is1) (Version:  - FIAT Auto S.p.A.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flat Trader (HKCU\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.7.2.1 - FX Flat)
Flat Trader (x32 Version: 2.38.56.7.2.1 - FX Flat) Hidden
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
SafeFinder Smartbar (HKLM-x32\...\{1898B668-CCF5-429F-A86F-9837E5439D77}) (Version: 11.114.72.19232 - Linkury Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XMedia Recode Version 3.1.8.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.8 - XMedia Recode)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-08-2014 04:23:08 Windows Update
27-08-2014 16:52:41 Geplanter Prüfpunkt
28-08-2014 04:45:27 arCV wird installiert
29-08-2014 16:31:57 Installed Python 2.7.2
31-08-2014 15:57:27 ComboFix created restore point
03-09-2014 12:24:13 Windows Update
10-09-2014 12:37:53 Removed Microsoft Office Professional Plus 2013
10-09-2014 12:38:42 PROPLUSR
10-09-2014 13:04:55 Nokia Connectivity Cable Driver wird entfernt
10-09-2014 13:46:34 Removed Python 2.7.2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-31 18:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FA62DF7-79A8-4232-9582-F1718B017E20} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {15B696BE-385F-45D0-81E0-F1B0ADEDC9AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {208AA79F-9418-4C41-BF4E-687CE6F0BEF9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {64BDF030-3E0D-4454-8A97-14E4F61D526A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FAEB5A2-5CEE-43D7-8950-05A6AC803870} - System32\Tasks\{7D477009-58F9-4698-B334-40CE5E979124} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.18.0.106&amp;LastError=12007
Task: {77D07EF3-F7DB-4204-9EEF-D471241CD5C4} - \AutoKMS No Task File <==== ATTENTION
Task: {C5352DB3-4A18-4108-80C6-540773412094} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {C58DCE38-CD62-4901-9381-A142415BFC59} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {DAA2DEB8-E9BD-41A0-9E74-B7C666D0A488} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-18 16:08 - 2009-08-13 13:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2014-08-15 19:34 - 2011-08-25 10:50 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2013-10-31 11:24 - 2013-10-31 11:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-03 14:48 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\1860\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00051016 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00716616 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00100168 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 04061000 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00394568 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 01647432 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 13632840 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: ST2012_Svc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_643ADABA1D5F8841A8D9FF4E8733D2D0 => "C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Power2GoExpress => "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\1860\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\1860\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2014 03:46:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/09/2014 02:45:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2014 02:26:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2014 um 05:32:50 unerwartet heruntergefahren.

Error: (09/09/2014 05:18:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 22:22:54 unerwartet heruntergefahren.

Error: (09/08/2014 07:09:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (09/08/2014 07:08:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 13:38:57 unerwartet heruntergefahren.

Error: (09/07/2014 03:42:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (09/03/2014 02:47:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2014 02:22:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/02/2014 03:14:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/01/2014 03:05:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/10/2014 03:46:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-08-31 18:04:29.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.313
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.208
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.099
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.599
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 39%
Total physical RAM: 4003 MB
Available physical RAM: 2430.4 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 6068.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.53 GB) (Free:306.22 GB) NTFS
Drive d: (Recover) (Fixed) (Total:38 GB) (Free:16.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E47B19CB)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by 1860 (administrator) on 1860-PC on 10-09-2014 16:07:05
Running from C:\Users\1860\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lxdncoms.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\1860\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1860\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Google Drive) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-06]
CHR Extension: (Adblock Plus) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Google Mail) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-17] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [76400 2011-01-25] (Atheros Communications, Inc.)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\Users\1860\Downloads\FRST-OlderVersion
2014-09-10 14:57 - 2014-09-10 14:57 - 00000000 ____D () C:\Users\1860\AppData\Roaming\AppSplash
2014-09-09 20:52 - 2014-09-09 20:53 - 00043409 _____ () C:\Users\1860\Downloads\Addition.txt
2014-09-09 20:51 - 2014-09-10 16:07 - 00011065 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-09 20:51 - 2014-09-10 16:07 - 00000000 ____D () C:\FRST
2014-09-09 20:50 - 2014-09-10 16:06 - 02105856 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-08 19:06 - 2014-09-10 14:59 - 00000980 _____ () C:\Windows\PFRO.log
2014-09-07 07:26 - 2014-09-10 15:51 - 00000280 _____ () C:\Windows\setupact.log
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:30 - 2014-09-05 14:32 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 17:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-31 17:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-31 17:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-31 17:54 - 2014-08-31 18:14 - 00000000 ____D () C:\Qoobox
2014-08-31 17:54 - 2014-08-31 18:12 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 17:49 - 2014-08-31 17:50 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-09-09 14:44 - 00001024 _____ () C:\.rnd
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:24 - 2014-09-10 14:57 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 12:29 - 2014-08-29 12:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:45 - 2014-09-10 15:51 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-08-29 10:45 - 2014-08-29 10:44 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:37 - 2014-08-29 06:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-28 06:38 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:38 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:38 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:25 - 2014-08-21 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:28 - 2014-08-25 10:46 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-21 10:24 - 2014-08-28 07:31 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-21 10:24 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:27 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-20 12:18 - 2014-08-20 12:19 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-19 06:26 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 06:26 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 06:26 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 06:26 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 06:26 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 06:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:52 - 2014-08-18 18:53 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:48 - 2014-08-18 18:49 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:35 - 2014-08-16 06:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00011776 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2014-08-15 19:34 - 2014-08-15 19:36 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:15 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 05:15 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 05:15 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 05:15 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 05:15 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 20:34 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:34 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:34 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:34 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:34 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:34 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:34 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:34 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:16 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:16 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:16 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:16 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:16 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:16 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:16 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:16 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:16 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:16 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:16 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:16 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:16 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:16 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:16 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:16 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:16 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:16 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:16 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:16 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:15 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:15 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:14 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:14 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 16:07 - 2014-09-09 20:51 - 00011065 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-10 16:07 - 2014-09-09 20:51 - 00000000 ____D () C:\FRST
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\Users\1860\Downloads\FRST-OlderVersion
2014-09-10 16:06 - 2014-09-09 20:50 - 02105856 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-10 15:59 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 15:59 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 15:56 - 2014-03-06 14:04 - 01154795 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 15:51 - 2014-09-07 07:26 - 00000280 _____ () C:\Windows\setupact.log
2014-09-10 15:51 - 2014-08-29 10:45 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-09-10 15:51 - 2014-05-25 21:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 15:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 15:25 - 2014-05-25 21:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 15:16 - 2014-05-11 13:23 - 00000000 ____D () C:\ProgramData\Nokia
2014-09-10 15:16 - 2014-05-11 13:19 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-09-10 15:01 - 2014-03-06 14:49 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Skype
2014-09-10 15:00 - 2014-03-06 14:23 - 00109896 _____ () C:\Users\1860\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-10 14:59 - 2014-09-08 19:06 - 00000980 _____ () C:\Windows\PFRO.log
2014-09-10 14:59 - 2009-07-14 06:45 - 00431024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-10 14:57 - 2014-09-10 14:57 - 00000000 ____D () C:\Users\1860\AppData\Roaming\AppSplash
2014-09-10 14:57 - 2014-08-29 18:24 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-09-10 14:57 - 2014-03-31 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-10 14:48 - 2014-03-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 14:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-10 14:45 - 2014-03-17 19:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-10 14:45 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-09-10 14:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-10 14:41 - 2009-07-14 04:34 - 00000387 _____ () C:\Windows\win.ini
2014-09-10 14:18 - 2014-03-10 14:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job
2014-09-10 14:18 - 2014-03-10 14:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job
2014-09-09 20:53 - 2014-09-09 20:52 - 00043409 _____ () C:\Users\1860\Downloads\Addition.txt
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-09 20:34 - 2014-03-06 15:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-09 14:44 - 2014-08-29 18:27 - 00001024 _____ () C:\.rnd
2014-09-08 13:37 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\Documents\UseNeXT
2014-09-07 18:43 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\AppData\Roaming\UseNeXT
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:32 - 2014-09-05 14:30 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:31 - 2014-08-03 15:42 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-05 14:31 - 2014-08-03 15:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-05 14:24 - 2009-07-14 19:58 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-09-05 14:24 - 2009-07-14 19:58 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-09-05 14:24 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:40 - 2014-03-18 16:08 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 18:14 - 2014-08-31 17:54 - 00000000 ____D () C:\Qoobox
2014-08-31 18:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-31 18:12 - 2014-08-31 17:54 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 18:09 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-31 17:50 - 2014-08-31 17:49 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:35 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 13:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-29 12:30 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:30 - 2014-07-06 13:02 - 00011928 _____ () C:\Users\1860\Downloads\hijackthis.log
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:44 - 2014-08-29 10:45 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:38 - 2014-08-29 06:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 06:38 - 2014-07-30 18:17 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 06:37 - 2014-07-30 18:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-28 07:31 - 2014-08-21 10:24 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-28 06:49 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860\AppData\Local\VirtualStore
2014-08-28 06:47 - 2014-05-08 12:09 - 00000000 ____D () C:\Users\1860\Desktop\bilder auto
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-25 10:46 - 2014-08-21 10:28 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-25 10:46 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-23 04:07 - 2014-08-28 06:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 06:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 06:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:26 - 2014-08-21 13:25 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:27 - 2014-08-21 10:23 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 05:06 - 2014-03-17 18:11 - 00000000 ____D () C:\Users\1860\AppData\Roaming\DAEMON Tools Lite
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLearn
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\eLearn
2014-08-20 12:19 - 2014-08-20 12:18 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:53 - 2014-08-18 18:52 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:49 - 2014-08-18 18:48 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-17 05:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-16 20:54 - 2014-03-15 06:37 - 00000404 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:34 - 2014-08-16 06:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:36 - 2014-08-15 19:34 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 19:34 - 2014-03-15 10:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 05:50 - 2014-05-12 08:10 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\1860\AppData\Local\Temp\avgnt.exe
C:\Users\1860\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 19:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 10.09.2014, 15:54   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Deinstallier mal Apple's Bonjour, der müllt dein Ereignisprotokoll voll. Vllt hängt deine langsame Kiste damit ja auch zusammen. Vgl. http://praxistipps.chip.de/was-ist-b...ieder-los_2809
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.09.2014, 16:21   #9
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



also das Bonjour ist weg denk ich mal.
was könnt ich noch machen?

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by 1860 at 2014-09-10 17:20:15
Running from C:\Users\1860\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
arCV (HKLM-x32\...\{ACC1683B-5AB9-429A-88C2-D575424009D0}) (Version: 4.3.3 - Arne Reuter)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.0816 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.0816 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
eLearn CDROM 1.0 (HKLM-x32\...\eLearn 1.2.1_is1) (Version:  - FIAT Auto S.p.A.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flat Trader (HKCU\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.7.2.1 - FX Flat)
Flat Trader (x32 Version: 2.38.56.7.2.1 - FX Flat) Hidden
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
SafeFinder Smartbar (HKLM-x32\...\{1898B668-CCF5-429F-A86F-9837E5439D77}) (Version: 11.114.72.19232 - Linkury Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XMedia Recode Version 3.1.8.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.8 - XMedia Recode)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-08-2014 16:52:41 Geplanter Prüfpunkt
28-08-2014 04:45:27 arCV wird installiert
29-08-2014 16:31:57 Installed Python 2.7.2
31-08-2014 15:57:27 ComboFix created restore point
03-09-2014 12:24:13 Windows Update
10-09-2014 12:37:53 Removed Microsoft Office Professional Plus 2013
10-09-2014 12:38:42 PROPLUSR
10-09-2014 13:04:55 Nokia Connectivity Cable Driver wird entfernt
10-09-2014 13:46:34 Removed Python 2.7.2
10-09-2014 15:03:03 Removed Bonjour

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-31 18:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FA62DF7-79A8-4232-9582-F1718B017E20} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {15B696BE-385F-45D0-81E0-F1B0ADEDC9AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {208AA79F-9418-4C41-BF4E-687CE6F0BEF9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {64BDF030-3E0D-4454-8A97-14E4F61D526A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FAEB5A2-5CEE-43D7-8950-05A6AC803870} - System32\Tasks\{7D477009-58F9-4698-B334-40CE5E979124} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.18.0.106&amp;LastError=12007
Task: {77D07EF3-F7DB-4204-9EEF-D471241CD5C4} - \AutoKMS No Task File <==== ATTENTION
Task: {C5352DB3-4A18-4108-80C6-540773412094} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {C58DCE38-CD62-4901-9381-A142415BFC59} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10] (Facebook Inc.)
Task: {DAA2DEB8-E9BD-41A0-9E74-B7C666D0A488} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job => C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-18 16:08 - 2009-08-13 13:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2014-08-15 19:34 - 2011-08-25 10:50 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2013-10-31 11:24 - 2013-10-31 11:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-03 14:48 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\1860\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00051016 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00716616 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00100168 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 04061000 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 00394568 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 10:30 - 2014-03-02 04:35 - 01647432 _____ () C:\Windows.old\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: ST2012_Svc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_643ADABA1D5F8841A8D9FF4E8733D2D0 => "C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Power2GoExpress => "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\1860\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\1860\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2014 03:46:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/09/2014 02:45:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2014 02:26:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2014 um 05:32:50 unerwartet heruntergefahren.

Error: (09/09/2014 05:18:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 22:22:54 unerwartet heruntergefahren.

Error: (09/08/2014 07:09:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (09/08/2014 07:08:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2014 um 13:38:57 unerwartet heruntergefahren.

Error: (09/07/2014 03:42:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (09/03/2014 02:47:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OneBrowseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2014 02:22:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/02/2014 03:14:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/01/2014 03:05:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/10/2014 03:46:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2138

Error: (09/10/2014 03:09:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1124

Error: (09/10/2014 03:09:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21612488

Error: (09/10/2014 03:09:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-08-31 18:04:29.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.313
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.208
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 18:04:29.099
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.599
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-31 17:59:39.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 34%
Total physical RAM: 4003 MB
Available physical RAM: 2630.8 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 6351.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.53 GB) (Free:308.96 GB) NTFS
Drive d: (Recover) (Fixed) (Total:38 GB) (Free:16.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E47B19CB)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by 1860 (administrator) on 1860-PC on 10-09-2014 17:19:25
Running from C:\Users\1860\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lxdncoms.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Windows.old\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\1860\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1860\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Google Drive) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-06]
CHR Extension: (Adblock Plus) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Google Mail) - C:\Users\1860\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-17] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [76400 2011-01-25] (Atheros Communications, Inc.)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\Users\1860\Downloads\FRST-OlderVersion
2014-09-10 14:57 - 2014-09-10 14:57 - 00000000 ____D () C:\Users\1860\AppData\Roaming\AppSplash
2014-09-09 20:52 - 2014-09-10 16:08 - 00024933 _____ () C:\Users\1860\Downloads\Addition.txt
2014-09-09 20:51 - 2014-09-10 17:19 - 00011035 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-09 20:51 - 2014-09-10 17:19 - 00000000 ____D () C:\FRST
2014-09-09 20:50 - 2014-09-10 16:06 - 02105856 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-08 19:06 - 2014-09-10 14:59 - 00000980 _____ () C:\Windows\PFRO.log
2014-09-07 07:26 - 2014-09-10 17:08 - 00000336 _____ () C:\Windows\setupact.log
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:30 - 2014-09-05 14:32 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 17:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-31 17:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-31 17:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-31 17:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-31 17:54 - 2014-08-31 18:14 - 00000000 ____D () C:\Qoobox
2014-08-31 17:54 - 2014-08-31 18:12 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 17:49 - 2014-08-31 17:50 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-09-09 14:44 - 00001024 _____ () C:\.rnd
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:24 - 2014-09-10 14:57 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 12:29 - 2014-08-29 12:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:45 - 2014-09-10 15:51 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-08-29 10:45 - 2014-08-29 10:44 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:37 - 2014-08-29 06:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-28 06:38 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:38 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:38 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:25 - 2014-08-21 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:28 - 2014-08-25 10:46 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-21 10:24 - 2014-08-28 07:31 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-21 10:24 - 2014-08-25 10:46 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:27 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-20 12:18 - 2014-08-20 12:19 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-19 06:26 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 06:26 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 06:26 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 06:26 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 06:26 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 06:26 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 06:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 06:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:52 - 2014-08-18 18:53 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:48 - 2014-08-18 18:49 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:08 - 2014-08-16 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:35 - 2014-08-16 06:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2014-08-15 19:35 - 2011-03-26 10:37 - 00011776 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2014-08-15 19:34 - 2014-08-15 19:36 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:15 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 05:15 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 05:15 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 05:15 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 05:15 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 05:15 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 20:34 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:34 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:34 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:34 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:34 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:34 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:34 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:34 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:34 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:34 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:34 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:34 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:16 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:16 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:16 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:16 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:16 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:16 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:16 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:16 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:16 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:16 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:16 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:16 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:16 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:16 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:16 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:16 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:16 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:16 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:16 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:16 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:16 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:16 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:16 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:16 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:16 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:16 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:16 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:16 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:16 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:16 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:16 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:16 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:16 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:16 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:16 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:16 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:16 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:15 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:15 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:14 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:14 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 17:19 - 2014-09-09 20:51 - 00011035 _____ () C:\Users\1860\Downloads\FRST.txt
2014-09-10 17:19 - 2014-09-09 20:51 - 00000000 ____D () C:\FRST
2014-09-10 17:17 - 2014-05-25 21:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 17:16 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:16 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:12 - 2014-03-06 14:04 - 01178562 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 17:08 - 2014-09-07 07:26 - 00000336 _____ () C:\Windows\setupact.log
2014-09-10 17:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 17:01 - 2014-03-10 14:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job
2014-09-10 16:25 - 2014-05-25 21:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 16:08 - 2014-09-09 20:52 - 00024933 _____ () C:\Users\1860\Downloads\Addition.txt
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\Users\1860\Downloads\FRST-OlderVersion
2014-09-10 16:06 - 2014-09-09 20:50 - 02105856 _____ (Farbar) C:\Users\1860\Downloads\FRST64.exe
2014-09-10 15:51 - 2014-08-29 10:45 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-09-10 15:16 - 2014-05-11 13:23 - 00000000 ____D () C:\ProgramData\Nokia
2014-09-10 15:16 - 2014-05-11 13:19 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-09-10 15:01 - 2014-03-06 14:49 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Skype
2014-09-10 15:00 - 2014-03-06 14:23 - 00109896 _____ () C:\Users\1860\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-10 14:59 - 2014-09-08 19:06 - 00000980 _____ () C:\Windows\PFRO.log
2014-09-10 14:59 - 2009-07-14 06:45 - 00431024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-10 14:57 - 2014-09-10 14:57 - 00000000 ____D () C:\Users\1860\AppData\Roaming\AppSplash
2014-09-10 14:57 - 2014-08-29 18:24 - 00000000 ____D () C:\Program Files (x86)\OneBrowse
2014-09-10 14:57 - 2014-03-31 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-10 14:48 - 2014-03-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 14:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-10 14:45 - 2014-03-17 19:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-10 14:45 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-09-10 14:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-10 14:41 - 2009-07-14 04:34 - 00000387 _____ () C:\Windows\win.ini
2014-09-10 14:18 - 2014-03-10 14:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job
2014-09-09 20:34 - 2014-09-09 20:34 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 20:34 - 2014-03-06 16:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-09 20:34 - 2014-03-06 15:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 18:47 - 2014-09-09 18:47 - 00064150 _____ () C:\Users\1860\Downloads\Extras.Txt
2014-09-09 18:46 - 2014-09-09 18:46 - 00123594 _____ () C:\Users\1860\Downloads\OTL.Txt
2014-09-09 18:31 - 2014-09-09 18:31 - 00602112 _____ (OldTimer Tools) C:\Users\1860\Downloads\otl.exe
2014-09-09 14:44 - 2014-08-29 18:27 - 00001024 _____ () C:\.rnd
2014-09-08 13:37 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\Documents\UseNeXT
2014-09-07 18:43 - 2014-03-15 06:33 - 00000000 ____D () C:\Users\1860\AppData\Roaming\UseNeXT
2014-09-07 07:26 - 2014-09-07 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-06 20:05 - 2014-09-06 20:05 - 00000655 _____ () C:\Users\1860\Downloads\gist2794364-68d8e90bee246710daec296bc9c68bccb0ea3c3f.tar.gz
2014-09-05 14:54 - 2014-09-05 14:54 - 00031370 _____ () C:\Users\1860\Documents\cc_20140905_145425.reg
2014-09-05 14:32 - 2014-09-05 14:30 - 00000000 ____D () C:\Users\1860\Desktop\steuer, viren, bileder,bewerbung,30 euro
2014-09-05 14:31 - 2014-09-05 14:31 - 04901352 _____ (Piriform Ltd) C:\Users\1860\Downloads\ccsetup417.exe
2014-09-05 14:31 - 2014-08-03 15:42 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-05 14:31 - 2014-08-03 15:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-05 14:24 - 2009-07-14 19:58 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-09-05 14:24 - 2009-07-14 19:58 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-09-05 14:24 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:40 - 2014-03-18 16:08 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-08-31 18:34 - 2014-08-31 18:34 - 00345156 _____ () C:\Users\1860\Downloads\regsearch.zip
2014-08-31 18:14 - 2014-08-31 18:14 - 00021569 _____ () C:\ComboFix.txt
2014-08-31 18:14 - 2014-08-31 17:54 - 00000000 ____D () C:\Qoobox
2014-08-31 18:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-31 18:12 - 2014-08-31 17:54 - 00000000 ____D () C:\Windows\erdnt
2014-08-31 18:09 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-31 17:50 - 2014-08-31 17:49 - 05576326 ____R (Swearware) C:\Users\1860\Desktop\ComboFix.exe
2014-08-31 17:47 - 2014-08-31 17:47 - 00034169 _____ () C:\Windows\system32\hjtscanlist.txt
2014-08-31 17:40 - 2014-08-31 17:40 - 00002097 _____ () C:\Users\1860\Downloads\hjtscanlist.zip
2014-08-29 22:02 - 2014-08-29 22:02 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__r0ij9fgnxa1yb4agvitd_wsp.exe
2014-08-29 22:01 - 2014-08-29 22:01 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__7h9xxx1fgezq3qpfft0r_wsp.exe
2014-08-29 21:56 - 2014-08-29 21:56 - 04791736 _____ (Avira Operations GmbH & Co. KG) C:\Users\1860\Downloads\avira_de_av__ieufi9euwix87i2gugcy_wsp.exe
2014-08-29 18:36 - 2014-08-29 18:36 - 00000000 ____D () C:\Users\1860\AppData\Roaming\qBittorrent
2014-08-29 18:35 - 2014-08-29 18:35 - 00000000 ____D () C:\Users\1860\.idlerc
2014-08-29 18:35 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860
2014-08-29 18:29 - 2014-08-29 18:29 - 00000000 ____D () C:\Users\1860\Documents\PC Speed Maximizer
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 18:28 - 2014-08-29 18:28 - 00000000 ____D () C:\Users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 18:27 - 2014-08-29 18:27 - 00003337 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
2014-08-29 18:25 - 2014-08-29 18:25 - 00002521 _____ () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-29 18:23 - 2014-08-29 18:23 - 00642592 _____ () C:\Users\1860\Downloads\Easy Torrent.exe
2014-08-29 18:23 - 2014-08-29 18:23 - 00012357 _____ () C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2014-08-29 18:01 - 2014-08-29 18:01 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-08-29 13:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-29 12:30 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (3).exe
2014-08-29 12:30 - 2014-07-06 13:02 - 00011928 _____ () C:\Users\1860\Downloads\hijackthis.log
2014-08-29 12:29 - 2014-08-29 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\1860\Downloads\HiJackThis204 (2).exe
2014-08-29 10:44 - 2014-08-29 10:45 - 00937232 _____ (Crawler.com ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager [1].exe
2014-08-29 10:44 - 2014-08-29 10:44 - 00816064 _____ ( ) C:\Users\1860\Downloads\SpywareTerminatorSetup_CB-DL-Manager.exe
2014-08-29 06:38 - 2014-08-29 06:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 06:38 - 2014-07-30 18:17 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 06:37 - 2014-07-30 18:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-28 07:31 - 2014-08-21 10:24 - 00000000 ____D () C:\Users\1860\Documents\BewerbungsMaster
2014-08-28 06:49 - 2014-03-06 14:15 - 00000000 ____D () C:\Users\1860\AppData\Local\VirtualStore
2014-08-28 06:47 - 2014-05-08 12:09 - 00000000 ____D () C:\Users\1860\Desktop\bilder auto
2014-08-28 06:46 - 2014-08-28 06:46 - 00001785 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arCV.lnk
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\Program Files (x86)\arcv
2014-08-28 06:46 - 2014-08-28 06:46 - 00000000 ____D () C:\arcv
2014-08-28 06:45 - 2014-08-28 06:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-28 06:44 - 2014-08-28 06:44 - 12601114 _____ () C:\Users\1860\Downloads\arcv.exe
2014-08-25 10:46 - 2014-08-21 10:28 - 00000003 _____ () C:\Users\1860\Documents\bmm.cfg
2014-08-25 10:46 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\BewerbungsMaster
2014-08-23 04:07 - 2014-08-28 06:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 06:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 06:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:37 - 2014-08-22 13:37 - 00040218 _____ () C:\Users\1860\Downloads\dbox_astra_matze (1).zip
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FlashFXP
2014-08-22 13:26 - 2014-08-22 13:26 - 00000000 ____D () C:\ProgramData\FlashFXP
2014-08-22 13:19 - 2014-08-22 13:19 - 00000055 _____ () C:\Users\1860\Downloads\CCcam.cfg
2014-08-21 13:26 - 2014-08-21 13:25 - 00000000 ____D () C:\Users\1860\AppData\Roaming\elsterformular
2014-08-21 13:25 - 2014-08-21 13:25 - 00000000 ____D () C:\ProgramData\elsterformular
2014-08-21 10:27 - 2014-08-21 10:23 - 00000000 ____D () C:\Program Files (x86)\BEWERBUNGSMASTER
2014-08-21 10:24 - 2014-08-21 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 10:23 - 2014-08-21 10:23 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-08-21 10:23 - 2014-08-21 10:23 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2014-08-21 05:06 - 2014-03-17 18:11 - 00000000 ____D () C:\Users\1860\AppData\Roaming\DAEMON Tools Lite
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLearn
2014-08-20 12:21 - 2014-05-01 18:52 - 00000000 ____D () C:\eLearn
2014-08-20 12:19 - 2014-08-20 12:18 - 25000000 _____ () C:\Users\1860\Downloads\Grande Punto eLEARN.part01 (1).rar
2014-08-18 20:44 - 2014-08-18 20:44 - 00000000 ____D () C:\Users\1860\AppData\Roaming\FX Flat
2014-08-18 19:14 - 2014-08-18 19:14 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Users\1860\AppData\Roaming\TeamViewer
2014-08-18 19:14 - 2014-08-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-08-18 19:13 - 2014-08-18 19:13 - 06304880 _____ (TeamViewer GmbH) C:\Users\1860\Downloads\TeamViewer_Setup_de.exe
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Flat
2014-08-18 18:53 - 2014-08-18 18:53 - 00000000 ____D () C:\Users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 18:53 - 2014-08-18 18:52 - 00000000 ____D () C:\Program Files (x86)\Flat Trader
2014-08-18 18:50 - 2014-08-18 18:50 - 00000000 ____D () C:\Users\1860\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
2014-08-18 18:49 - 2014-08-18 18:48 - 26915558 _____ (FX Flat ) C:\Users\1860\Downloads\Flat Trader Setup.exe
2014-08-17 05:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-16 20:54 - 2014-03-15 06:37 - 00000404 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-08-16 09:09 - 2014-08-16 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 09:09 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 09:08 - 2014-08-16 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-16 06:36 - 2014-08-16 06:36 - 00000000 ____D () C:\ProgramData\Sun
2014-08-16 06:34 - 2014-08-16 06:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-16 06:34 - 2014-08-16 06:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-16 06:34 - 2014-08-16 06:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-15 21:43 - 2014-08-15 21:43 - 00918440 _____ (Oracle Corporation) C:\Users\1860\Downloads\chromeinstall-7u67.exe
2014-08-15 19:36 - 2014-08-15 19:34 - 00000000 ____D () C:\Program Files (x86)\1&1 Surf-Stick
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2014-08-15 19:34 - 2014-03-15 10:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-15 08:14 - 2014-08-15 08:14 - 01677928 _____ (Skype Technologies S.A.) C:\Users\1860\Downloads\SkypeSetup (2).exe
2014-08-15 05:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 05:50 - 2014-05-12 08:10 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\1860\AppData\Local\Temp\avgnt.exe
C:\Users\1860\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 19:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 10.09.2014, 23:15   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Zitat:
was könnt ich noch machen?
Vllt mal testen ob es ohne Bonjour etwas besser geworden ist...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.09.2014, 12:48   #11
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



naja nicht wirklich besser geworden

Alt 11.09.2014, 14:18   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.09.2014, 19:17   #13
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Code:
ATTFilter
ComboFix 14-09-11.01 - 1860 11.09.2014  18:56:16.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4003.2416 [GMT 2:00]
ausgeführt von:: c:\users\1860\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\1860\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-11 bis 2014-09-11  ))))))))))))))))))))))))))))))
.
.
2014-09-11 17:01 . 2014-09-11 17:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-10 12:57 . 2014-09-10 12:57	--------	d-----w-	c:\users\1860\AppData\Roaming\AppSplash
2014-09-09 18:51 . 2014-09-10 15:20	--------	d-----w-	C:\FRST
2014-08-29 16:36 . 2014-08-29 16:36	--------	d-----w-	c:\users\1860\AppData\Roaming\qBittorrent
2014-08-29 16:35 . 2014-08-29 16:35	--------	d-----w-	c:\users\1860\.idlerc
2014-08-29 16:28 . 2014-08-29 16:28	--------	d-----w-	c:\users\1860\AppData\Roaming\Easy BitTorrent Client
2014-08-29 16:28 . 2014-08-29 16:28	--------	d-----w-	c:\users\1860\AppData\Local\Easy BitTorrent Client
2014-08-29 16:24 . 2014-09-10 12:57	--------	d-----w-	c:\program files (x86)\OneBrowse
2014-08-29 16:01 . 2014-08-29 16:01	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2014-08-29 08:45 . 2014-09-10 13:51	--------	d-----w-	c:\program files (x86)\Spyware Terminator
2014-08-29 04:37 . 2014-08-29 04:37	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-08-28 04:46 . 2014-08-28 04:46	--------	d-----w-	c:\program files (x86)\Common Files\Borland Shared
2014-08-28 04:46 . 2014-08-28 04:46	--------	d-----w-	c:\program files (x86)\arcv
2014-08-28 04:46 . 2014-08-28 04:46	--------	d-----w-	C:\arcv
2014-08-28 04:45 . 2014-08-28 04:45	--------	d-----w-	c:\windows\Downloaded Installations
2014-08-28 04:38 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 04:38 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-28 04:38 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-22 11:26 . 2014-08-22 11:26	--------	d-----w-	c:\users\1860\AppData\Roaming\FlashFXP
2014-08-22 11:26 . 2014-08-22 11:26	--------	d-----w-	c:\programdata\FlashFXP
2014-08-21 11:25 . 2014-08-21 11:26	--------	d-----w-	c:\users\1860\AppData\Roaming\elsterformular
2014-08-21 11:25 . 2014-08-21 11:25	--------	d-----w-	c:\programdata\elsterformular
2014-08-21 08:24 . 2014-08-25 08:46	--------	d-----w-	c:\programdata\BewerbungsMaster
2014-08-21 08:23 . 2014-08-21 08:27	--------	d-----w-	c:\program files (x86)\BEWERBUNGSMASTER
2014-08-21 08:23 . 2014-08-21 08:23	335872	------w-	c:\windows\Setup1.exe
2014-08-21 08:23 . 2014-08-21 08:23	74752	----a-w-	c:\windows\ST6UNST.EXE
2014-08-19 04:26 . 2014-05-14 16:23	44512	----a-w-	c:\windows\system32\wups2.dll
2014-08-19 04:26 . 2014-05-14 16:23	58336	----a-w-	c:\windows\system32\wuauclt.exe
2014-08-19 04:26 . 2014-05-14 16:23	2477536	----a-w-	c:\windows\system32\wuaueng.dll
2014-08-19 04:26 . 2014-05-14 16:21	2620928	----a-w-	c:\windows\system32\wucltux.dll
2014-08-19 04:26 . 2014-05-14 16:23	38880	----a-w-	c:\windows\system32\wups.dll
2014-08-19 04:26 . 2014-05-14 16:23	36320	----a-w-	c:\windows\SysWow64\wups.dll
2014-08-19 04:26 . 2014-05-14 16:23	700384	----a-w-	c:\windows\system32\wuapi.dll
2014-08-19 04:26 . 2014-05-14 16:23	581600	----a-w-	c:\windows\SysWow64\wuapi.dll
2014-08-19 04:26 . 2014-05-14 16:20	97792	----a-w-	c:\windows\system32\wudriver.dll
2014-08-19 04:26 . 2014-05-14 16:17	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2014-08-19 04:24 . 2014-05-14 07:23	198600	----a-w-	c:\windows\system32\wuwebv.dll
2014-08-19 04:24 . 2014-05-14 07:23	179656	----a-w-	c:\windows\SysWow64\wuwebv.dll
2014-08-19 04:24 . 2014-05-14 07:20	36864	----a-w-	c:\windows\system32\wuapp.exe
2014-08-19 04:24 . 2014-05-14 07:17	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2014-08-18 18:44 . 2014-08-18 18:44	--------	d-----w-	c:\users\1860\AppData\Roaming\FX Flat
2014-08-18 17:14 . 2014-08-18 17:14	--------	d-----w-	c:\users\1860\AppData\Roaming\TeamViewer
2014-08-18 17:14 . 2014-08-18 17:14	--------	d-----w-	c:\program files (x86)\TeamViewer
2014-08-18 16:53 . 2014-08-18 16:53	--------	d-----w-	c:\users\1860\AppData\Roaming\InstallShield Installation Information
2014-08-18 16:52 . 2014-08-18 16:53	--------	d-----w-	c:\program files (x86)\Flat Trader
2014-08-16 07:08 . 2014-08-16 07:09	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 07:08 . 2014-08-16 07:09	--------	d-----w-	c:\program files\iTunes
2014-08-16 07:08 . 2014-08-16 07:09	--------	d-----w-	c:\program files (x86)\iTunes
2014-08-16 07:08 . 2014-08-16 07:08	--------	d-----w-	c:\program files\iPod
2014-08-16 04:36 . 2014-08-16 04:36	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-08-16 04:34 . 2014-08-16 04:34	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-16 04:34 . 2014-08-16 04:34	--------	d-----w-	c:\program files (x86)\Java
2014-08-15 17:35 . 2011-03-26 08:37	123520	----a-w-	c:\windows\system32\drivers\ZTEusbser6k.sys
2014-08-15 17:35 . 2011-03-26 08:37	123520	----a-w-	c:\windows\system32\drivers\ZTEusbnmea.sys
2014-08-15 17:35 . 2011-03-26 08:37	123520	----a-w-	c:\windows\system32\drivers\ZTEusbmdm6k.sys
2014-08-15 17:35 . 2011-03-26 08:37	11776	----a-w-	c:\windows\system32\drivers\massfilter.sys
2014-08-15 17:34 . 2014-08-15 17:34	--------	d-----w-	c:\windows\SysWow64\SupportAppCB
2014-08-15 17:34 . 2014-08-15 17:36	--------	d-----w-	c:\program files (x86)\1&1 Surf-Stick
2014-08-15 03:15 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2014-08-15 03:15 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2014-08-15 03:15 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2014-08-15 03:15 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2014-08-15 03:15 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2014-08-15 03:15 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-08-15 03:15 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 03:15 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-08-13 18:16 . 2014-07-25 13:42	48128	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-08-13 18:15 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-08-13 18:15 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-08-13 18:14 . 2014-08-07 02:06	529920	----a-w-	c:\windows\system32\aepdu.dll
2014-08-13 18:14 . 2014-08-07 02:01	424448	----a-w-	c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-29 10:16 . 2014-03-11 12:47	42040	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-06-24 12:58 . 2014-03-06 14:44	117712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-06-18 02:18 . 2014-07-10 15:36	692736	----a-w-	c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 15:36	646144	----a-w-	c:\windows\SysWow64\osk.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe;c:\windows\SYSNATIVE\lxdncoms.exe [x]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C60x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000Core.job
- c:\users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10 12:56]
.
2014-09-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495459556-2568946141-1351117670-1000UA.job
- c:\users\1860\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-10 12:56]
.
2014-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25 19:14]
.
2014-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25 19:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442352]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-24 11780712]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-24 2189416]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-09-11  19:08:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-09-11 17:08
ComboFix2.txt  2014-08-31 16:14
.
Vor Suchlauf: 25 Verzeichnis(se), 327.640.829.952 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 327.337.078.784 Bytes frei
.
- - End Of File - - A2B4F026AC3ABADF9054EFAAEBA4C6F7
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 11.09.2014, 21:06   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



Zitat:
C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.v3.0.0.82.incl.crack.torrent
C:\Users\1860\Downloads\Easy Torrent.exe
C:\Users\1860\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
Dir ist nicht klar, dass du illegalen Müll benutzt? Oder wunderst du dich über einem langsamen Rechner aus einem anderen Grund?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.09.2014, 14:02   #15
alex1860
 
Probleme mit Laptop Langsam geworden - Standard

Probleme mit Laptop Langsam geworden



das ist doch gar nich mehr auf meinem rechner drauf... hab das schon ewig deinstalliert.
und jetzt?

combo fix is gemacht.was kann man noch machen

Antwort

Themen zu Probleme mit Laptop Langsam geworden
fehlercode 0x5, fehlercode 0x89000019, fehlercode 0xe0434352, laptop langsam, msil/hacktool.idlekms.a, msil/toolbar.linkury.g, sehr langsam, win32/bundled.toolbar.ask.d, win32/bundled.toolbar.ask.g, win32/bundled.toolbar.google.d, win32/bundled.toolbar.google.e, win32/distromatic.b, win32/hacktool.cheatengine.ab, win32/hacktool.cheatengine.af, win32/hacktool.patcher.t, win32/hiddenstart.b, win32/installcore.qh, win32/installshare.a, win32/opencandy.a, win32/securityxploded.a, win32/toolbar.conduit, win32/toolbar.linkury.e, win32/toolbar.widgi.b, win32/winloadsda.d, win64/systweak.a



Ähnliche Themen: Probleme mit Laptop Langsam geworden


  1. Lenovo E335 ist sehr langsam geworden und Tastatur reagiert langsam
    Log-Analyse und Auswertung - 11.09.2015 (25)
  2. Relativ neuer Laptop langsam geworden. Viren?
    Plagegeister aller Art und deren Bekämpfung - 11.06.2015 (21)
  3. Windows XP: Laptop sehr langsam geworden,oder er reagiert nicht mehr
    Log-Analyse und Auswertung - 30.05.2015 (41)
  4. Windows 8.1 ACER Laptop ist langsam geworden, Positive Finds unauffindbar, ständig Werbung
    Log-Analyse und Auswertung - 27.02.2015 (19)
  5. Laptop ist extrem langsam geworden und oeffnet selbstaendig internettabs
    Log-Analyse und Auswertung - 09.02.2015 (32)
  6. Vista-Laptop ist seeehr langsam geworden
    Log-Analyse und Auswertung - 02.12.2014 (15)
  7. Alter Vista Laptop ist extrem Langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2014 (3)
  8. Trojaner eingefangen...Pc langsam geworden, Seiten gehen langsam zu laden
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (21)
  9. Laptop Langsamer geworden
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (9)
  10. Laptop sehr langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (32)
  11. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  12. Laptop seit Tagen Extrem Langsam geworden IE , Firefox .
    Log-Analyse und Auswertung - 29.01.2013 (22)
  13. Laptop sehr langsam geworden und Malwarebytes hat viel gefunden
    Log-Analyse und Auswertung - 10.01.2013 (32)
  14. Viren/Laptop langsam/Probleme beim Booten
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (23)
  15. Laptop plötzlich langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 11.11.2012 (47)
  16. Laptop allgemein ziemlich langsam geworden
    Log-Analyse und Auswertung - 06.06.2009 (9)
  17. Probleme: Internet ist langsam geworden, Google links werden falsch geöfnet.
    Log-Analyse und Auswertung - 05.10.2008 (22)

Zum Thema Probleme mit Laptop Langsam geworden - Hallo ich habe ein Laptop mit Win7 drauf. dabei läuft auch Avira Antivir.und die Firewall von Windows. Ich habe aber im Moment festgestellt das Windows sehr langsam hochfährt und auch - Probleme mit Laptop Langsam geworden...
Archiv
Du betrachtest: Probleme mit Laptop Langsam geworden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.