Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.09.2014, 15:50   #1
Roger Wilco
 
Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Hallo zusammen,

ich wollte heute für das Spiel Minecraft ein zusätzliches Paket (MCPatcher) installieren und habe bei der hektischen Google-Suche und Installation leider ein inoffizielles Setup-Paket heruntergeladen und installiert. Ich habe zwar bei der Installation darauf geachtet, immer "Benutzerdefiniert" auszuwählen und habe die die ganzen "Zusatzprogramme" abgewählt aber es wurde anscheinend trotzdem einiger Müll installiert.

Leider dachte ich zunächst an ein harmlose Adware, die ich selber entfernen kann, aber es wurde dann doch mehr. Daher habe ich Regel 1 nicht beachtet. :-(

Zuerst habe ich die veränderte Firefox-Startseite (istartsurf.com) und die geänderte Standardsuche bemerkt. Dann sah ich ein neues Tray-Icon, welches ich nicht beenden konnte.

Was habe ich bereits getan?

1.) Firefox-Startseite und Suche wieder zurückgesetzt sowie den IE vollständig resettet.
2.) Verdächtige/unbekannte Prozesse geschlossen, doch dann merkte ich, dass diese immer nachgestartet werden.
3.) Daraufhin habe ich ein Dienst, den ich mit istartsurf.com in Verbidnung gebracht habe gestoppt und konnte dann die Tasks auch beenden.
4.) Unter Programme und Funktionen, habe ich eine Adware gefunden und deinstalliert.
5.) Vollständigen Virenscan durchgeführt (AVAST Free). Ergebnis: keine Funde
6.) Malwarebytes Anti-Malware installiert und ausgeführt (Scan+Bereinigung). Ergbnis: Über 100 Funde (siehe Log).
7.) Adware Cleaner installiert und ausgeführt (Scan+Bereinigung). Egebnis: Mehrere Funde (siehe Log).

Dabei habe ich gemerkt, dass es mich richtig getroffen hat und daher bitte ich jetzt hier um Hilfe. Tut mir leid, dass ich nicht gleich gekommen bin.

Hier die Logs:

Malwarebytes Anti-Malware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.09.2014
Suchlauf-Zeit: 12:19:33
Logdatei:  Malwarebytes Anti-Malware .txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.21.02
Rootkit Datenbank: v2014.09.19.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: MyName

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448965
Verstrichene Zeit: 16 Min, 27 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

(***LOG zu groß -> siehe Malwarebytes Anti-Malware.txt im Anhang***)
         
AdwareCleaner
Code:
ATTFilter
# AdwCleaner v3.310 - Bericht erstellt am 21/09/2014 um 12:57:16
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : MyName - HPNOTEBOOK
# Gestartet von : C:\Users\MyName\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\User2\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\MyName\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\User1\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\User1\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\User1\AppData\Roaming\NCH Software
Datei Gelöscht : C:\END

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\User2\AppData\Roaming\Mozilla\Firefox\Profiles\sfgv9b1y.default\prefs.js ]


[ Datei : C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ixquick hxxpS - Deutsch");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ixquick hxxpS - Deutsch");
Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
Zeile gelöscht : user_pref("keyword.URL", "hxxps://ixquick.com/do/search?language=deutsch&cat=web&query=");

[ Datei : C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\lg2zq0n0.default\prefs.js ]

Zeile gelöscht : user_pref("CT2481020_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1356266447482,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=13&CUI=SB_CUI");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo DE Customized Web Search");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&q=");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481020");
Zeile gelöscht : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394100699518");

[ Datei : C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\jy05i4cu.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4995 octets] - [21/09/2014 12:50:47]
AdwCleaner[R1].txt - [5055 octets] - [21/09/2014 12:56:25]
AdwCleaner[S0].txt - [4666 octets] - [21/09/2014 12:57:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4726 octets] ##########
         

Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:24 on 21/09/2014 (MyName)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by MyName (administrator) on HPNOTEBOOK on 21-09-2014 14:09:29
Running from C:\Users\MyName\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-07] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-07] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2014-09-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\MountPoints2: {dc0b97a8-7fde-11e1-abcd-806e6f6e6963} - G:\LaunchBFII.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicyUsers\S-1-5-21-4219148564-3154154102-1992973587-1006\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-13] (Adobe Systems) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-10-18] (Macrovision Europe Ltd.) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-02-09] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-15] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-15] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] ()
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12306848 2011-08-31] (Intel Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-02] ()
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
U3 fwtdyaog; \??\C:\Users\MyName\AppData\Local\Temp\fwtdyaog.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 13:57 - 2014-09-21 14:09 - 00018384 _____ () C:\Users\MyName\Downloads\FRST.txt
2014-09-21 13:39 - 2014-09-21 13:39 - 00279208 _____ () C:\windows\Minidump\092114-25412-01.dmp
2014-09-21 13:38 - 2014-09-21 13:38 - 730026222 _____ () C:\windows\MEMORY.DMP
2014-09-21 13:26 - 2014-09-21 14:09 - 00000000 ____D () C:\FRST
2014-09-21 13:25 - 2014-09-21 13:25 - 00380416 _____ () C:\Users\MyName\Downloads\om9b1lo0.exe
2014-09-21 13:24 - 2014-09-21 13:25 - 02105856 _____ (Farbar) C:\Users\MyName\Downloads\FRST64.exe
2014-09-21 13:24 - 2014-09-21 13:24 - 00000474 _____ () C:\Users\MyName\Downloads\defogger_disable.log
2014-09-21 13:24 - 2014-09-21 13:24 - 00000000 _____ () C:\Users\MyName\defogger_reenable
2014-09-21 13:23 - 2014-09-21 13:23 - 00050477 _____ () C:\Users\MyName\Downloads\Defogger.exe
2014-09-21 13:14 - 2014-09-21 13:14 - 00024041 _____ () C:\Users\MyName\Desktop\ Malwarebytes Anti-Malware .txt
2014-09-21 13:00 - 2014-09-21 13:00 - 00004826 _____ () C:\Users\MyName\Desktop\AdwCleaner[S0].txt
2014-09-21 12:50 - 2014-09-21 13:02 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:18 - 2014-09-21 13:54 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:17 - 2014-09-21 12:17 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-21 12:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-21 12:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-09-21 12:10 - 2014-09-21 12:10 - 01373475 _____ () C:\Users\MyName\Downloads\AdwCleaner_3.310.exe
2014-09-21 12:09 - 2014-09-21 12:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MyName\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieUserList
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieSiteList
2014-09-21 10:04 - 2014-09-21 10:04 - 00003156 _____ () C:\windows\System32\Tasks\{F0DF3150-D166-46B9-9AB5-8C24B34019A2}
2014-09-19 23:43 - 2014-09-19 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 16:07 - 2014-09-19 19:20 - 00260017 _____ () C:\windows\DirectX.log
2014-09-14 14:10 - 2014-09-14 14:10 - 00000000 ____D () C:\ProgramData\Intel
2014-09-14 14:10 - 2012-05-15 07:13 - 00144896 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-09-14 14:10 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-09-14 14:05 - 2014-09-14 14:05 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:04 - 2014-09-14 14:04 - 00000000 ____D () C:\Users\MyName\SystemRequirementsLab
2014-09-14 13:54 - 2014-09-14 13:54 - 00000219 _____ () C:\Users\MyName\Desktop\Dota 2.url
2014-09-12 00:09 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-12 00:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-12 00:09 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-12 00:09 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-12 00:09 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-12 00:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-12 00:09 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-12 00:09 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-12 00:09 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-12 00:09 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-12 00:09 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-12 00:09 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-12 00:09 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-12 00:09 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-12 00:09 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-12 00:09 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-12 00:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-12 00:09 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-12 00:09 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-12 00:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-12 00:09 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 00:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-12 00:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-12 00:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-12 00:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-12 00:09 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-12 00:09 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-12 00:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-12 00:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-12 00:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-12 00:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-12 00:09 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-12 00:09 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-12 00:09 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-12 00:09 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-12 00:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 00:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-12 00:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-12 00:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-12 00:09 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-12 00:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-12 00:09 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-12 00:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-12 00:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-12 00:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-12 00:09 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-12 00:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-12 00:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-12 00:09 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-12 00:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-12 00:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-12 00:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 10:53 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-11 10:53 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-11 10:53 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-11 10:53 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-11 10:53 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-11 10:53 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-11 10:53 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-11 10:52 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-11 10:52 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-11 10:52 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-11 10:52 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 12:30 - 2014-09-09 12:30 - 00001151 _____ () C:\Users\User1\Desktop\INtex Hausverwaltung.lnk
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Roaming\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Local\FileMaker
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INtex Hausverwaltung 10
2014-09-09 12:29 - 2014-09-09 19:59 - 00000000 ____D () C:\Program Files (x86)\INtex Hausverwaltung 10
2014-09-09 12:28 - 2014-09-09 12:28 - 22176096 _____ (INtex Publishing ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager [1].exe
2014-09-09 12:23 - 2014-09-09 12:24 - 00816064 _____ ( ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager.exe
2014-09-07 16:30 - 2014-09-07 16:30 - 00000000 ____D () C:\ProgramData\ATI
2014-09-07 16:27 - 2014-09-07 16:27 - 00056100 _____ () C:\windows\SysWOW64\CCCInstall_201409071627426592.log
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\AMD
2014-09-07 16:15 - 2014-09-07 16:15 - 00000000 _____ () C:\windows\ativpsrm.bin
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-09-07 16:13 - 2011-09-12 17:05 - 00003917 _____ () C:\windows\SysWOW64\atipblup.dat
2014-09-07 16:13 - 2011-09-12 17:05 - 00003917 _____ () C:\windows\system32\atipblup.dat
2014-09-07 16:12 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-07 16:12 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files\ATI
2014-09-07 16:11 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-07 16:06 - 2014-09-21 12:58 - 00039234 _____ () C:\windows\PFRO.log
2014-09-07 16:05 - 2014-09-21 13:53 - 00001516 _____ () C:\windows\setupact.log
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 _____ () C:\windows\setuperr.log
2014-09-07 15:52 - 2014-09-07 15:52 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-07 15:13 - 2014-09-07 15:13 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Oracle
2014-09-07 15:08 - 2014-09-07 15:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-07 14:57 - 2014-09-07 14:57 - 00061609 _____ () C:\4ce94848-0159-4de0-a640-7fb2c9095920.dmp
2014-09-07 14:55 - 2014-09-07 14:55 - 00063761 _____ () C:\97b2af29-b4a4-4108-af20-fb688ea36072.dmp
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieUserList
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieSiteList
2014-09-06 18:47 - 2014-09-14 14:08 - 00000000 ____D () C:\Intel
2014-09-06 17:47 - 2014-09-06 17:47 - 00872152 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-09-06 17:47 - 2014-09-06 17:47 - 00074456 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-09-06 17:47 - 2014-09-06 17:47 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-06 17:46 - 2014-09-06 17:46 - 00175928 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-09-06 17:43 - 2014-09-06 17:45 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-06 17:43 - 2014-09-06 17:43 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-06 17:42 - 2014-09-06 17:42 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00722160 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00524016 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2014-09-06 17:42 - 2014-09-06 17:42 - 00421616 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo19.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00400112 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00251632 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00169712 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynTPCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00026416 _____ () C:\windows\system32\pca-manta.bin
2014-09-06 17:42 - 2014-09-06 17:42 - 00000092 _____ () C:\windows\system32\calibration.bin
2014-09-06 17:40 - 2014-09-06 17:40 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Hewlett-Packard Company
2014-09-06 17:16 - 2014-09-06 17:16 - 00000000 ____D () C:\Users\User2\AppData\Roaming\java
2014-09-06 10:28 - 2014-09-06 17:49 - 00000000 ____D () C:\ProgramData\HP
2014-09-06 10:28 - 2014-09-06 10:28 - 00000000 ____D () C:\HPSDM
2014-09-06 10:25 - 2014-09-06 10:26 - 20578280 _____ (Hewlett-Packard Company ) C:\Users\MyName\Downloads\HP_SDM_Setup.exe
2014-09-06 10:18 - 2014-09-06 10:18 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\java
2014-09-06 10:17 - 2014-09-06 10:17 - 00000000 ____D () C:\Program Files\Java
2014-09-06 10:05 - 2014-09-06 10:05 - 00675988 _____ () C:\Users\MyName\Downloads\Minecraft(1).exe
2014-08-30 09:00 - 2014-08-30 09:00 - 00803691 _____ () C:\Users\User2\Documents\transfer1.xps
2014-08-28 19:44 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 19:44 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 19:44 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 14:09 - 2014-09-21 13:57 - 00018384 _____ () C:\Users\MyName\Downloads\FRST.txt
2014-09-21 14:09 - 2014-09-21 13:26 - 00000000 ____D () C:\FRST
2014-09-21 14:01 - 2009-07-14 06:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 14:01 - 2009-07-14 06:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 13:58 - 2011-12-25 06:04 - 00702388 _____ () C:\windows\system32\perfh007.dat
2014-09-21 13:58 - 2011-12-25 06:04 - 00151022 _____ () C:\windows\system32\perfc007.dat
2014-09-21 13:58 - 2009-07-14 07:13 - 01628890 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-21 13:57 - 2012-04-06 13:37 - 01110237 _____ () C:\windows\WindowsUpdate.log
2014-09-21 13:54 - 2014-09-21 12:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 13:54 - 2012-04-06 13:52 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-09-21 13:54 - 2011-12-25 07:21 - 00000000 ____D () C:\ProgramData\PDFC
2014-09-21 13:53 - 2014-09-07 16:05 - 00001516 _____ () C:\windows\setupact.log
2014-09-21 13:53 - 2014-02-08 13:41 - 00000000 ____D () C:\ProgramData\VMware
2014-09-21 13:53 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-21 13:48 - 2012-11-03 20:55 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\XnViewMP
2014-09-21 13:46 - 2012-11-01 22:06 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{791ECB16-7748-46C6-B6AA-9CC3D6972430}
2014-09-21 13:44 - 2012-11-01 22:07 - 00000000 ____D () C:\Users\MyName\Documents\Bluetooth Folder
2014-09-21 13:40 - 2014-01-15 14:53 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-21 13:39 - 2014-09-21 13:39 - 00279208 _____ () C:\windows\Minidump\092114-25412-01.dmp
2014-09-21 13:39 - 2013-01-07 11:59 - 00000000 ____D () C:\windows\Minidump
2014-09-21 13:38 - 2014-09-21 13:38 - 730026222 _____ () C:\windows\MEMORY.DMP
2014-09-21 13:25 - 2014-09-21 13:25 - 00380416 _____ () C:\Users\MyName\Downloads\om9b1lo0.exe
2014-09-21 13:25 - 2014-09-21 13:24 - 02105856 _____ (Farbar) C:\Users\MyName\Downloads\FRST64.exe
2014-09-21 13:24 - 2014-09-21 13:24 - 00000474 _____ () C:\Users\MyName\Downloads\defogger_disable.log
2014-09-21 13:24 - 2014-09-21 13:24 - 00000000 _____ () C:\Users\MyName\defogger_reenable
2014-09-21 13:24 - 2012-11-01 22:06 - 00000000 ____D () C:\Users\MyName
2014-09-21 13:23 - 2014-09-21 13:23 - 00050477 _____ () C:\Users\MyName\Downloads\Defogger.exe
2014-09-21 13:22 - 2012-09-15 14:11 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-21 13:14 - 2014-09-21 13:14 - 00024041 _____ () C:\Users\MyName\Desktop\ Malwarebytes Anti-Malware .txt
2014-09-21 13:02 - 2014-09-21 12:50 - 00000000 ____D () C:\AdwCleaner
2014-09-21 13:00 - 2014-09-21 13:00 - 00004826 _____ () C:\Users\MyName\Desktop\AdwCleaner[S0].txt
2014-09-21 12:58 - 2014-09-07 16:06 - 00039234 _____ () C:\windows\PFRO.log
2014-09-21 12:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PLA
2014-09-21 12:17 - 2014-09-21 12:17 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:10 - 2014-09-21 12:10 - 01373475 _____ () C:\Users\MyName\Downloads\AdwCleaner_3.310.exe
2014-09-21 12:10 - 2014-09-21 12:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MyName\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieUserList
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieSiteList
2014-09-21 11:55 - 2013-02-02 23:23 - 00000000 ____D () C:\Users\MyName\AppData\Local\CrashDumps
2014-09-21 11:48 - 2012-11-03 20:32 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-21 10:05 - 2013-03-02 12:36 - 00000000 ____D () C:\Users\User2\Documents\Bluetooth Folder
2014-09-21 10:05 - 2012-11-01 22:06 - 00001425 _____ () C:\Users\MyName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-21 10:05 - 2012-09-10 20:57 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-21 10:05 - 2012-09-10 20:57 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-21 10:04 - 2014-09-21 10:04 - 00003156 _____ () C:\windows\System32\Tasks\{F0DF3150-D166-46B9-9AB5-8C24B34019A2}
2014-09-21 08:21 - 2014-01-18 21:28 - 00000000 ____D () C:\Users\User2\AppData\Roaming\.minecraft
2014-09-21 08:21 - 2013-03-02 12:35 - 00003934 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{76E34C46-0F60-4FBC-A6A1-E13060845810}
2014-09-21 08:17 - 2012-09-10 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 23:43 - 2014-09-19 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 19:20 - 2014-09-14 16:07 - 00260017 _____ () C:\windows\DirectX.log
2014-09-19 19:20 - 2014-03-18 21:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 10:44 - 2012-09-10 20:35 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{B198A42B-7342-457A-82F7-21F274254314}
2014-09-14 17:25 - 2013-05-18 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 14:18 - 2014-01-18 21:25 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\.minecraft
2014-09-14 14:10 - 2014-09-14 14:10 - 00000000 ____D () C:\ProgramData\Intel
2014-09-14 14:10 - 2011-12-25 06:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-14 14:08 - 2014-09-06 18:47 - 00000000 ____D () C:\Intel
2014-09-14 14:05 - 2014-09-14 14:05 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:04 - 2014-09-14 14:04 - 00000000 ____D () C:\Users\MyName\SystemRequirementsLab
2014-09-14 13:54 - 2014-09-14 13:54 - 00000219 _____ () C:\Users\MyName\Desktop\Dota 2.url
2014-09-14 13:54 - 2014-03-16 12:46 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-14 11:04 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-13 23:38 - 2012-09-10 22:11 - 00000000 ____D () C:\Users\User1\AppData\Roaming\XnView
2014-09-12 17:09 - 2014-07-02 18:50 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\vlc
2014-09-12 16:52 - 2014-07-02 18:47 - 00000000 ____D () C:\Users\MyName\.mediathek3
2014-09-12 00:08 - 2011-12-25 06:48 - 01603170 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 00:07 - 2013-08-14 21:46 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 00:01 - 2012-09-14 21:57 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 00:00 - 2014-05-07 19:26 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-11 14:20 - 2012-09-15 14:11 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 14:20 - 2012-09-15 14:11 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 14:20 - 2012-09-15 14:11 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 19:59 - 2014-09-09 12:29 - 00000000 ____D () C:\Program Files (x86)\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00001151 _____ () C:\Users\User1\Desktop\INtex Hausverwaltung.lnk
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Roaming\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Local\FileMaker
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INtex Hausverwaltung 10
2014-09-09 12:28 - 2014-09-09 12:28 - 22176096 _____ (INtex Publishing ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager [1].exe
2014-09-09 12:24 - 2014-09-09 12:23 - 00816064 _____ ( ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager.exe
2014-09-07 19:22 - 2012-09-15 14:42 - 00000000 ____D () C:\Users\User1\AppData\Local\CrashDumps
2014-09-07 16:30 - 2014-09-07 16:30 - 00000000 ____D () C:\ProgramData\ATI
2014-09-07 16:27 - 2014-09-07 16:27 - 00056100 _____ () C:\windows\SysWOW64\CCCInstall_201409071627426592.log
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-07 16:27 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-07 16:27 - 2014-09-07 16:11 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-07 16:27 - 2014-08-02 10:25 - 00000000 ____D () C:\ProgramData\AMD
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\AMD
2014-09-07 16:17 - 2012-11-01 22:08 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\ATI
2014-09-07 16:17 - 2012-11-01 22:08 - 00000000 ____D () C:\Users\MyName\AppData\Local\ATI
2014-09-07 16:15 - 2014-09-07 16:15 - 00000000 _____ () C:\windows\ativpsrm.bin
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-09-07 16:12 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files\ATI
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 _____ () C:\windows\setuperr.log
2014-09-07 15:54 - 2011-02-11 07:14 - 00000000 ____D () C:\windows\Panther
2014-09-07 15:52 - 2014-09-07 15:52 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-07 15:13 - 2014-09-07 15:13 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Oracle
2014-09-07 15:08 - 2014-09-07 15:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-07 15:08 - 2013-10-03 13:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-07 14:57 - 2014-09-07 14:57 - 00061609 _____ () C:\4ce94848-0159-4de0-a640-7fb2c9095920.dmp
2014-09-07 14:55 - 2014-09-07 14:55 - 00063761 _____ () C:\97b2af29-b4a4-4108-af20-fb688ea36072.dmp
2014-09-07 11:36 - 2013-03-13 18:24 - 00000000 ____D () C:\Users\User2\AppData\Local\CrashDumps
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieUserList
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieSiteList
2014-09-06 17:55 - 2011-12-25 06:37 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-06 17:54 - 2011-12-25 07:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-06 17:49 - 2014-09-06 10:28 - 00000000 ____D () C:\ProgramData\HP
2014-09-06 17:47 - 2014-09-06 17:47 - 00872152 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-09-06 17:47 - 2014-09-06 17:47 - 00074456 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-09-06 17:47 - 2014-09-06 17:47 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-06 17:47 - 2012-11-01 22:07 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\hpqLog
2014-09-06 17:47 - 2011-12-25 07:54 - 00108760 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RTNUninst64.dll
2014-09-06 17:47 - 2011-12-25 06:38 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-06 17:46 - 2014-09-06 17:46 - 00175928 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-09-06 17:45 - 2014-09-06 17:43 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-06 17:45 - 2012-04-06 13:45 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-09-06 17:44 - 2012-04-06 13:45 - 00000000 ____D () C:\windows\system32\nn-NO
2014-09-06 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-09-06 17:43 - 2014-09-06 17:43 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-06 17:42 - 2014-09-06 17:42 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00722160 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00524016 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2014-09-06 17:42 - 2014-09-06 17:42 - 00421616 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo19.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00400112 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00251632 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00169712 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynTPCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00026416 _____ () C:\windows\system32\pca-manta.bin
2014-09-06 17:42 - 2014-09-06 17:42 - 00000092 _____ () C:\windows\system32\calibration.bin
2014-09-06 17:40 - 2014-09-06 17:40 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Hewlett-Packard Company
2014-09-06 17:40 - 2011-12-25 07:23 - 00000191 _____ () C:\windows\system32\HPPA.ini
2014-09-06 17:40 - 2011-12-25 07:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-06 17:39 - 2012-04-06 13:56 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-09-06 17:16 - 2014-09-06 17:16 - 00000000 ____D () C:\Users\User2\AppData\Roaming\java
2014-09-06 10:28 - 2014-09-06 10:28 - 00000000 ____D () C:\HPSDM
2014-09-06 10:26 - 2014-09-06 10:25 - 20578280 _____ (Hewlett-Packard Company ) C:\Users\MyName\Downloads\HP_SDM_Setup.exe
2014-09-06 10:18 - 2014-09-06 10:18 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\java
2014-09-06 10:17 - 2014-09-06 10:17 - 00000000 ____D () C:\Program Files\Java
2014-09-06 10:05 - 2014-09-06 10:05 - 00675988 _____ () C:\Users\MyName\Downloads\Minecraft(1).exe
2014-09-05 04:10 - 2014-09-11 10:52 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 10:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-30 09:00 - 2014-08-30 09:00 - 00803691 _____ () C:\Users\User2\Documents\transfer1.xps
2014-08-29 08:57 - 2009-07-14 06:45 - 00413288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-26 20:02 - 2013-02-07 23:04 - 00000000 ____D () C:\windows\System32\Tasks\Games
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-23 19:04 - 2013-03-02 12:36 - 00117080 _____ () C:\Users\User2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-23 04:07 - 2014-08-28 19:44 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 19:44 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 19:44 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

Files to move or delete:
====================
C:\Users\MyName\WebVpnRegKey6-217-91-61-208.dll


Some content of TEMP:
====================
C:\Users\User2\AppData\Local\Temp\CmdLineExt.dll
C:\Users\User2\AppData\Local\Temp\drm_dialogs.dll
C:\Users\User2\AppData\Local\Temp\drm_dyndata_7300015.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 14:20

==================== End Of Log ============================
         
FRST - Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by MyName at 2014-09-21 14:09:53
Running from C:\Users\MyName\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Durchstarten mit Ponky - Deutsch 3+4" (HKLM-x32\...\"Durchstarten mit Ponky - Deutsch 3+4") (Version: 2.00 - Engel Edition)
"Ponky gezielt Mathe 3+4" (HKLM-x32\...\"Ponky gezielt Mathe 3+4") (Version: 2.00 - Engel Edition)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Center 2.0 (x32 Version: 2.0.0 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (x32 Version: 2.000.000 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.2 - Adobe Systems) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61013.1636 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audio-CD-Archiv v7 (HKLM-x32\...\{ACA709B7-DB00-48B3-A30C-97F50679E175}) (Version: 7.00.687 - GBelectronics)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 2(TM) (HKCU\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: 1.00.0000 - DICE)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BUG Mod 4.4 (HKLM-x32\...\BUG Mod 4.4) (Version:  - )
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help User2ish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6622 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6622 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2107 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2107 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - )
DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FlatOut2 (HKLM-x32\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FreeFileSync 5.10 (HKLM-x32\...\FreeFileSync) (Version: 5.10 - Zenju)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.30.0000 - Codemasters)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C6A49140-A2D9-4CA4-BB92-2E1C8CBB6E16}) (Version: 1.3.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{09A06482-FAF9-4DC5-9EC7-D340B394E22A}) (Version: 2.0.6.0 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{68E1C9E9-1606-49AF-9978-573148CED9E4}) (Version: 3.5.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{72E3D563-C37C-4037-9F04-B64C0DAD0EFF}) (Version: 2.2.3 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
INtex Hausverwaltung Version 10 (HKLM-x32\...\{C8F19197-739E-48C3-8A78-8C1434411F9A}_is1) (Version: 10 - INtex Publishing)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{43295475-62CA-4F25-B46C-43C59258780E}) (Version: 4.1.4.2 - The Document Foundation)
LibreOffice 4.3.0.4 (HKLM-x32\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM-x32\...\{908C5B2E-D684-425E-A54D-FE77D5C5A076}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (HKLM-x32\...\{3F380A3D-695A-4199-B026-A811A9FC6D91}) (Version: 12.0.00500 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.5.34.0 - Nokia)
Nokia Suite (x32 Version: 3.5.34.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Perspective Pilot Free 3.2.0 (HKLM\...\Perspective Pilot Free_is1) (Version: 3.2.0 - Two Pilots)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SDK (x32 Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Serif CraftArtist (HKLM-x32\...\{C1B148C9-FACF-45F1-8356-4E1C5E3DAA5B}) (Version: 1.0.5.043 - Serif (Europe) Ltd)
Serif Photo Projects (HKLM-x32\...\{D87677F6-5F58-4BB9-8D50-78A1BF9C2F33}) (Version: 1.0.2.027 - Serif (Europe) Ltd)
Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.2.012 - Serif (Europe) Ltd)
Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.19 - Firaxis Games)
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steuer 2012 (HKCU\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.9 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
test und FINANZtest Archiv CD-Rom 2011 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2011) (Version:  - )
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Ihr Firmenname)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XMedia Recode Version 3.1.2.5 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.5 - XMedia Recode)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)
XnViewMP 0.68 (HKLM\...\XnViewMP_is1) (Version: 0.68 - Gougelet Pierre-e)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-09-2014 14:06:22 DirectX wurde installiert
14-09-2014 16:04:58 DirectX wurde installiert
14-09-2014 16:08:14 DirectX wurde installiert
16-09-2014 12:19:12 Windows Update
16-09-2014 17:59:07 DirectX wurde installiert
19-09-2014 17:18:15 DirectX wurde installiert
19-09-2014 17:19:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14E9462E-AF2F-46A7-BE39-9271E4787599} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {656EFEA3-037B-4C77-B282-242798BB3DE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {8A00151D-E898-4D1F-98BC-4BEFEFC72D07} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {90779F6F-36FA-440A-9A1E-83A89A4D0B12} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-15] (AVAST Software)
Task: {A1C1248B-B6A4-4C6F-86FF-9EA5DD69F779} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {CCA38787-787F-4505-BD6E-0F1041E97EF8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-02-07 23:02 - 2013-02-09 22:57 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-11-04 02:34 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-03-09 15:32 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2012-04-06 05:09 - 2011-08-31 15:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-12 17:02 - 2011-09-12 17:02 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2014-07-15 22:48 - 2014-07-15 22:48 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-21 10:01 - 2014-09-21 10:01 - 02864640 _____ () C:\Program Files\AVAST Software\Avast\defs\14092100\algo.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-07-15 22:48 - 2014-07-15 22:48 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-12 15:52 - 2014-09-12 15:52 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\60e3de33f3b7204f87483b97989a13b6\IsdiInterop.ni.dll
2012-04-06 13:41 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-19 23:43 - 2014-09-19 23:43 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47
AlternateDataStreams: C:\ProgramData\TEMP:66633281

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2014 01:53:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 01:39:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:44:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 11:54:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002ff0fd8
ID des fehlerhaften Prozesses: 0x1bdc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (09/21/2014 08:18:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 07:29:07 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.

Error: (09/20/2014 07:29:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Name des fehlerhaften Moduls: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002b5d6
ID des fehlerhaften Prozesses: 0x2054
Startzeit der fehlerhaften Anwendung: 0xhpqWmiEx.exe0
Pfad der fehlerhaften Anwendung: hpqWmiEx.exe1
Pfad des fehlerhaften Moduls: hpqWmiEx.exe2
Berichtskennung: hpqWmiEx.exe3

Error: (09/20/2014 00:24:43 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.

Error: (09/20/2014 00:24:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Name des fehlerhaften Moduls: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002b5d6
ID des fehlerhaften Prozesses: 0x7dc
Startzeit der fehlerhaften Anwendung: 0xhpqWmiEx.exe0
Pfad der fehlerhaften Anwendung: hpqWmiEx.exe1
Pfad des fehlerhaften Moduls: hpqWmiEx.exe2
Berichtskennung: hpqWmiEx.exe3


System errors:
=============
Error: (09/21/2014 01:54:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/21/2014 01:54:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/21/2014 01:53:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (09/21/2014 01:53:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/21/2014 01:40:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/21/2014 01:40:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/21/2014 01:39:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (09/21/2014 01:39:06 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d8a0886817, 0xb3b7465ef306a351, 0xfffff880009f65c0, 0x0000000000000002)C:\windows\MEMORY.DMP092114-25412-01

Error: (09/21/2014 01:39:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎09.‎2014 um 13:37:20 unerwartet heruntergefahren.

Error: (09/21/2014 01:38:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (09/21/2014 01:53:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 01:39:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:44:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 11:54:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000002ff0fd81bdc01cfd571002902f4C:\windows\Explorer.EXEunknown52c37a86-4175-11e4-976b-9cb70dca0491

Error: (09/21/2014 08:18:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 07:29:07 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: Description is: 47

Error: (09/20/2014 07:29:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqWmiEx.exe4.6.15.150a165a9hpqWmiEx.exe4.6.15.150a165a9c00000050002b5d6205401cfd45882b8c07dC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe09d5a49a-4087-11e4-98da-83ef66920723

Error: (09/20/2014 00:24:43 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: Description is: 47

Error: (09/20/2014 00:24:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqWmiEx.exe4.6.15.150a165a9hpqWmiEx.exe4.6.15.150a165a9c00000050002b5d67dc01cfd44daa889e0bC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exebfe7226e-404b-11e4-98da-83ef66920723


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 27%
Total physical RAM: 8126.36 MB
Available physical RAM: 5914.68 MB
Total Pagefile: 16250.9 MB
Available Pagefile: 13639.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:674.31 GB) (Free:441.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:19.03 GB) (Free:2.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:4.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E76A04A3)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=674.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End Of Log ============================
         
GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-21 14:52:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE4O 698,64GB
Running: om9b1lo0.exe; Driver: C:\Users\MyName\AppData\Local\Temp\fwtdyaog.sys

(Log war zu groß --> siehe GMER.ZIP)
         
Angehängte Dateien
Dateityp: log defogger_disable.log (474 Bytes, 103x aufgerufen)
Dateityp: txt Malwarebytes Anti-Malware.txt (23,5 KB, 128x aufgerufen)
Dateityp: txt FRST.txt (52,6 KB, 112x aufgerufen)
Dateityp: txt Addition.txt (40,7 KB, 899x aufgerufen)

Alt 21.09.2014, 16:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



hi,

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________

__________________

Alt 22.09.2014, 20:30   #3
Roger Wilco
 
Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Hallo schrauber,

vielen Dank, dass Du Dich um mein Problem kümmerst!

Der ESET-Scan hat ganz schön lange gedauert und lief die Nacht durch, daher antworte ich erst jetzt.

Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by MyName on 21.09.2014 at 19:26:59,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4219148564-3154154102-1992973587-1004\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\MyName\AppData\Roaming\mozilla\firefox\profiles\tbn3bszz.default\minidumps [66 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.09.2014 at 19:38:14,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1c888171f63ea4498395dbaa670c8f33
# engine=20241
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-21 08:48:11
# local_time=2014-09-21 10:48:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 52255 175752981 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34475 162962341 0 0
# scanned=334371
# found=12
# cleaned=0
# scan_time=7905
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37C2B582C84E83EB1DBE7F6BE8648E406BD739A7 ft=1 fh=941e524606a3f411 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe.vir"
sh=DEDF92691226E483A0497515EDED90773F93398A ft=1 fh=24cc767e2aae6d63 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburnsetup_v4.62.exe.vir"
sh=79C1214442FB0E1F9AD7A32ECD224B2920A03DB0 ft=1 fh=c8fa3065121f18f8 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DE3EQANK\Ashampoo_DE[1].exe"
sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GD9KL305\statisticsstub[1].exe"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\AppData\LocalLow\Ashampoo_DE\ldrtbAsha.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\AppData\LocalLow\Ashampoo_DE\tbAsha.dll"
sh=227AA468A327AEEEBA2A8435EC181370136B81F9 ft=1 fh=5f440b0f78dc3247 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\Downloads\ashampoo_hdd_control_2_2.1.0_sm.exe"
sh=C54A0413E142F4DDA287BB3497EBF2E5BFF4D3C9 ft=1 fh=af27b5fd5f742cf7 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\Downloads\debutsetup.exe"
sh=DC6CFEC825E1BC7863CD87333BEF860CB04F5980 ft=1 fh=148f4ae10543316c vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\Downloads\dvdstyler-2.3.3-win32.exe"
sh=596D78A7F03D1DAEE86BCCE8DD7713AA60E8F9E4 ft=1 fh=8eaf1d336ac02ccc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\Downloads\FreeYouTubeToMP3Converter34.exe"
sh=23422BA9AC9EC006E9C287F868404A133244283B ft=1 fh=7dcb11e90876be50 vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager.exe"
         
SecurityChecker:
Code:
ATTFilter
UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by MyName (administrator) on HPNOTEBOOK on 22-09-2014 18:25:29
Running from C:\Users\MyName\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-07] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-07] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2014-09-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4219148564-3154154102-1992973587-1004\...\MountPoints2: {dc0b97a8-7fde-11e1-abcd-806e6f6e6963} - G:\LaunchBFII.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicyUsers\S-1-5-21-4219148564-3154154102-1992973587-1006\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\tbn3bszz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-13] (Adobe Systems) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-10-18] (Macrovision Europe Ltd.) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-02-09] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-15] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-15] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] ()
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12306848 2011-08-31] (Intel Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-02] ()
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 18:25 - 2014-09-22 18:25 - 00018399 _____ () C:\Users\MyName\Downloads\FRST.txt
2014-09-22 18:20 - 2014-09-22 18:20 - 00854417 _____ () C:\Users\MyName\Downloads\SecurityCheck.exe
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-21 20:30 - 2014-09-21 20:30 - 02347384 _____ (ESET) C:\Users\MyName\Downloads\esetsmartinstaller_deu.exe
2014-09-21 19:38 - 2014-09-21 19:38 - 00001557 _____ () C:\Users\MyName\Desktop\JRT.txt
2014-09-21 19:26 - 2014-09-21 19:26 - 00165713 _____ () C:\Users\MyName\Desktop\Malware_Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Trojaner-Board.htm
2014-09-21 19:26 - 2014-09-21 19:26 - 00000000 ____D () C:\windows\ERUNT
2014-09-21 19:26 - 2014-09-21 19:26 - 00000000 ____D () C:\Users\MyName\Desktop\Malware_Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Trojaner-Board-Dateien
2014-09-21 19:19 - 2014-09-21 19:19 - 01027006 _____ (Thisisu) C:\Users\MyName\Downloads\JRT.exe
2014-09-21 15:42 - 2014-09-21 15:42 - 00019844 _____ () C:\Users\MyName\Desktop\GMER.zip
2014-09-21 14:52 - 2014-09-21 14:55 - 00482910 _____ () C:\Users\MyName\Desktop\GMER.log
2014-09-21 14:09 - 2014-09-21 14:58 - 00041678 _____ () C:\Users\MyName\Desktop\Addition.txt
2014-09-21 13:57 - 2014-09-21 14:58 - 00053851 _____ () C:\Users\MyName\Desktop\FRST.txt
2014-09-21 13:39 - 2014-09-21 13:39 - 00279208 _____ () C:\windows\Minidump\092114-25412-01.dmp
2014-09-21 13:38 - 2014-09-21 13:38 - 730026222 _____ () C:\windows\MEMORY.DMP
2014-09-21 13:26 - 2014-09-22 18:25 - 00000000 ____D () C:\FRST
2014-09-21 13:25 - 2014-09-21 13:25 - 00380416 _____ () C:\Users\MyName\Downloads\om9b1lo0.exe
2014-09-21 13:24 - 2014-09-21 14:55 - 00000474 _____ () C:\Users\MyName\Desktop\defogger_disable.log
2014-09-21 13:24 - 2014-09-21 13:25 - 02105856 _____ (Farbar) C:\Users\MyName\Downloads\FRST64.exe
2014-09-21 13:24 - 2014-09-21 13:24 - 00000000 _____ () C:\Users\MyName\defogger_reenable
2014-09-21 13:23 - 2014-09-21 13:23 - 00050477 _____ () C:\Users\MyName\Downloads\Defogger.exe
2014-09-21 13:14 - 2014-09-21 14:58 - 00024041 _____ () C:\Users\MyName\Desktop\ Malwarebytes Anti-Malware .txt
2014-09-21 13:00 - 2014-09-21 14:58 - 00004828 _____ () C:\Users\MyName\Desktop\AdwCleaner[S0].txt
2014-09-21 12:50 - 2014-09-21 13:02 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:18 - 2014-09-21 19:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:17 - 2014-09-21 12:17 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-21 12:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-21 12:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-09-21 12:10 - 2014-09-21 12:10 - 01373475 _____ () C:\Users\MyName\Downloads\AdwCleaner_3.310.exe
2014-09-21 12:09 - 2014-09-21 12:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MyName\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieUserList
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieSiteList
2014-09-21 10:04 - 2014-09-21 10:04 - 00003156 _____ () C:\windows\System32\Tasks\{F0DF3150-D166-46B9-9AB5-8C24B34019A2}
2014-09-19 23:43 - 2014-09-19 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 16:07 - 2014-09-19 19:20 - 00260017 _____ () C:\windows\DirectX.log
2014-09-14 14:10 - 2014-09-14 14:10 - 00000000 ____D () C:\ProgramData\Intel
2014-09-14 14:10 - 2012-05-15 07:13 - 00144896 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-09-14 14:10 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-09-14 14:05 - 2014-09-14 14:05 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:04 - 2014-09-14 14:04 - 00000000 ____D () C:\Users\MyName\SystemRequirementsLab
2014-09-14 13:54 - 2014-09-14 13:54 - 00000219 _____ () C:\Users\MyName\Desktop\Dota 2.url
2014-09-12 00:09 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-12 00:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-12 00:09 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-12 00:09 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-12 00:09 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-12 00:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-12 00:09 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-12 00:09 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-12 00:09 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-12 00:09 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-12 00:09 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-12 00:09 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-12 00:09 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-12 00:09 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-12 00:09 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-12 00:09 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-12 00:09 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-12 00:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-12 00:09 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-12 00:09 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-12 00:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-12 00:09 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 00:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-12 00:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-12 00:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-12 00:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-12 00:09 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-12 00:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-12 00:09 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-12 00:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-12 00:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-12 00:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-12 00:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-12 00:09 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-12 00:09 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-12 00:09 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-12 00:09 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-12 00:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 00:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-12 00:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-12 00:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-12 00:09 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-12 00:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-12 00:09 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-12 00:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-12 00:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-12 00:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-12 00:09 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-12 00:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-12 00:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-12 00:09 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-12 00:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-12 00:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-12 00:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 10:53 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-11 10:53 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-11 10:53 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-11 10:53 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-11 10:53 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-11 10:53 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-11 10:53 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-11 10:52 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-11 10:52 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-11 10:52 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-11 10:52 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 12:30 - 2014-09-09 12:30 - 00001151 _____ () C:\Users\User1\Desktop\INtex Hausverwaltung.lnk
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Roaming\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Local\FileMaker
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INtex Hausverwaltung 10
2014-09-09 12:29 - 2014-09-09 19:59 - 00000000 ____D () C:\Program Files (x86)\INtex Hausverwaltung 10
2014-09-09 12:28 - 2014-09-09 12:28 - 22176096 _____ (INtex Publishing ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager [1].exe
2014-09-09 12:23 - 2014-09-09 12:24 - 00816064 _____ ( ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager.exe
2014-09-07 16:30 - 2014-09-07 16:30 - 00000000 ____D () C:\ProgramData\ATI
2014-09-07 16:27 - 2014-09-07 16:27 - 00056100 _____ () C:\windows\SysWOW64\CCCInstall_201409071627426592.log
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\AMD
2014-09-07 16:15 - 2014-09-07 16:15 - 00000000 _____ () C:\windows\ativpsrm.bin
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-09-07 16:13 - 2011-09-12 17:05 - 00003917 _____ () C:\windows\SysWOW64\atipblup.dat
2014-09-07 16:13 - 2011-09-12 17:05 - 00003917 _____ () C:\windows\system32\atipblup.dat
2014-09-07 16:12 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-07 16:12 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files\ATI
2014-09-07 16:11 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-07 16:06 - 2014-09-21 12:58 - 00039234 _____ () C:\windows\PFRO.log
2014-09-07 16:05 - 2014-09-21 19:15 - 00001572 _____ () C:\windows\setupact.log
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 _____ () C:\windows\setuperr.log
2014-09-07 15:52 - 2014-09-07 15:52 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-07 15:13 - 2014-09-07 15:13 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Oracle
2014-09-07 15:08 - 2014-09-07 15:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-07 14:57 - 2014-09-07 14:57 - 00061609 _____ () C:\4ce94848-0159-4de0-a640-7fb2c9095920.dmp
2014-09-07 14:55 - 2014-09-07 14:55 - 00063761 _____ () C:\97b2af29-b4a4-4108-af20-fb688ea36072.dmp
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieUserList
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieSiteList
2014-09-06 18:47 - 2014-09-14 14:08 - 00000000 ____D () C:\Intel
2014-09-06 17:47 - 2014-09-06 17:47 - 00872152 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-09-06 17:47 - 2014-09-06 17:47 - 00074456 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-09-06 17:47 - 2014-09-06 17:47 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-06 17:46 - 2014-09-06 17:46 - 00175928 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-09-06 17:43 - 2014-09-06 17:45 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-06 17:43 - 2014-09-06 17:43 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-06 17:42 - 2014-09-06 17:42 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00722160 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00524016 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2014-09-06 17:42 - 2014-09-06 17:42 - 00421616 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo19.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00400112 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00251632 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00169712 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynTPCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00026416 _____ () C:\windows\system32\pca-manta.bin
2014-09-06 17:42 - 2014-09-06 17:42 - 00000092 _____ () C:\windows\system32\calibration.bin
2014-09-06 17:40 - 2014-09-06 17:40 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Hewlett-Packard Company
2014-09-06 17:16 - 2014-09-06 17:16 - 00000000 ____D () C:\Users\User2\AppData\Roaming\java
2014-09-06 10:28 - 2014-09-06 17:49 - 00000000 ____D () C:\ProgramData\HP
2014-09-06 10:28 - 2014-09-06 10:28 - 00000000 ____D () C:\HPSDM
2014-09-06 10:25 - 2014-09-06 10:26 - 20578280 _____ (Hewlett-Packard Company ) C:\Users\MyName\Downloads\HP_SDM_Setup.exe
2014-09-06 10:18 - 2014-09-06 10:18 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\java
2014-09-06 10:17 - 2014-09-06 10:17 - 00000000 ____D () C:\Program Files\Java
2014-09-06 10:05 - 2014-09-06 10:05 - 00675988 _____ () C:\Users\MyName\Downloads\Minecraft(1).exe
2014-08-30 09:00 - 2014-08-30 09:00 - 00803691 _____ () C:\Users\User2\Documents\transfer1.xps
2014-08-28 19:44 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 19:44 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 19:44 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 18:26 - 2014-09-22 18:25 - 00018399 _____ () C:\Users\MyName\Downloads\FRST.txt
2014-09-22 18:25 - 2014-09-21 13:26 - 00000000 ____D () C:\FRST
2014-09-22 18:22 - 2012-09-15 14:11 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 18:20 - 2014-09-22 18:20 - 00854417 _____ () C:\Users\MyName\Downloads\SecurityCheck.exe
2014-09-22 18:16 - 2012-11-01 22:07 - 00000000 ____D () C:\Users\MyName\Documents\Bluetooth Folder
2014-09-22 18:16 - 2012-04-06 13:52 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-09-22 18:16 - 2012-04-06 13:37 - 01131458 _____ () C:\windows\WindowsUpdate.log
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-21 20:30 - 2014-09-21 20:30 - 02347384 _____ (ESET) C:\Users\MyName\Downloads\esetsmartinstaller_deu.exe
2014-09-21 19:38 - 2014-09-21 19:38 - 00001557 _____ () C:\Users\MyName\Desktop\JRT.txt
2014-09-21 19:26 - 2014-09-21 19:26 - 00165713 _____ () C:\Users\MyName\Desktop\Malware_Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Trojaner-Board.htm
2014-09-21 19:26 - 2014-09-21 19:26 - 00000000 ____D () C:\windows\ERUNT
2014-09-21 19:26 - 2014-09-21 19:26 - 00000000 ____D () C:\Users\MyName\Desktop\Malware_Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Trojaner-Board-Dateien
2014-09-21 19:23 - 2009-07-14 06:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 19:23 - 2009-07-14 06:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 19:20 - 2011-12-25 06:04 - 00702388 _____ () C:\windows\system32\perfh007.dat
2014-09-21 19:20 - 2011-12-25 06:04 - 00151022 _____ () C:\windows\system32\perfc007.dat
2014-09-21 19:20 - 2009-07-14 07:13 - 01628890 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-21 19:19 - 2014-09-21 19:19 - 01027006 _____ (Thisisu) C:\Users\MyName\Downloads\JRT.exe
2014-09-21 19:18 - 2014-09-21 12:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 19:16 - 2011-12-25 07:21 - 00000000 ____D () C:\ProgramData\PDFC
2014-09-21 19:15 - 2014-09-07 16:05 - 00001572 _____ () C:\windows\setupact.log
2014-09-21 19:15 - 2014-02-08 13:41 - 00000000 ____D () C:\ProgramData\VMware
2014-09-21 19:15 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-21 15:42 - 2014-09-21 15:42 - 00019844 _____ () C:\Users\MyName\Desktop\GMER.zip
2014-09-21 14:58 - 2014-09-21 14:09 - 00041678 _____ () C:\Users\MyName\Desktop\Addition.txt
2014-09-21 14:58 - 2014-09-21 13:57 - 00053851 _____ () C:\Users\MyName\Desktop\FRST.txt
2014-09-21 14:58 - 2014-09-21 13:14 - 00024041 _____ () C:\Users\MyName\Desktop\ Malwarebytes Anti-Malware .txt
2014-09-21 14:58 - 2014-09-21 13:00 - 00004828 _____ () C:\Users\MyName\Desktop\AdwCleaner[S0].txt
2014-09-21 14:55 - 2014-09-21 14:52 - 00482910 _____ () C:\Users\MyName\Desktop\GMER.log
2014-09-21 14:55 - 2014-09-21 13:24 - 00000474 _____ () C:\Users\MyName\Desktop\defogger_disable.log
2014-09-21 13:48 - 2012-11-03 20:55 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\XnViewMP
2014-09-21 13:46 - 2012-11-01 22:06 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{791ECB16-7748-46C6-B6AA-9CC3D6972430}
2014-09-21 13:40 - 2014-01-15 14:53 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-21 13:39 - 2014-09-21 13:39 - 00279208 _____ () C:\windows\Minidump\092114-25412-01.dmp
2014-09-21 13:39 - 2013-01-07 11:59 - 00000000 ____D () C:\windows\Minidump
2014-09-21 13:38 - 2014-09-21 13:38 - 730026222 _____ () C:\windows\MEMORY.DMP
2014-09-21 13:25 - 2014-09-21 13:25 - 00380416 _____ () C:\Users\MyName\Downloads\om9b1lo0.exe
2014-09-21 13:25 - 2014-09-21 13:24 - 02105856 _____ (Farbar) C:\Users\MyName\Downloads\FRST64.exe
2014-09-21 13:24 - 2014-09-21 13:24 - 00000000 _____ () C:\Users\MyName\defogger_reenable
2014-09-21 13:24 - 2012-11-01 22:06 - 00000000 ____D () C:\Users\MyName
2014-09-21 13:23 - 2014-09-21 13:23 - 00050477 _____ () C:\Users\MyName\Downloads\Defogger.exe
2014-09-21 13:02 - 2014-09-21 12:50 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:58 - 2014-09-07 16:06 - 00039234 _____ () C:\windows\PFRO.log
2014-09-21 12:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PLA
2014-09-21 12:17 - 2014-09-21 12:17 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:10 - 2014-09-21 12:10 - 01373475 _____ () C:\Users\MyName\Downloads\AdwCleaner_3.310.exe
2014-09-21 12:10 - 2014-09-21 12:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MyName\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieUserList
2014-09-21 12:00 - 2014-09-21 12:00 - 00000000 __SHD () C:\Users\MyName\AppData\Local\EmieSiteList
2014-09-21 11:55 - 2013-02-02 23:23 - 00000000 ____D () C:\Users\MyName\AppData\Local\CrashDumps
2014-09-21 11:48 - 2012-11-03 20:32 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-21 10:05 - 2013-03-02 12:36 - 00000000 ____D () C:\Users\User2\Documents\Bluetooth Folder
2014-09-21 10:05 - 2012-11-01 22:06 - 00001425 _____ () C:\Users\MyName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-21 10:05 - 2012-09-10 20:57 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-21 10:05 - 2012-09-10 20:57 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-21 10:04 - 2014-09-21 10:04 - 00003156 _____ () C:\windows\System32\Tasks\{F0DF3150-D166-46B9-9AB5-8C24B34019A2}
2014-09-21 08:21 - 2014-01-18 21:28 - 00000000 ____D () C:\Users\User2\AppData\Roaming\.minecraft
2014-09-21 08:21 - 2013-03-02 12:35 - 00003934 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{76E34C46-0F60-4FBC-A6A1-E13060845810}
2014-09-21 08:17 - 2012-09-10 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 23:43 - 2014-09-19 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 19:20 - 2014-09-14 16:07 - 00260017 _____ () C:\windows\DirectX.log
2014-09-19 19:20 - 2014-03-18 21:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 10:44 - 2012-09-10 20:35 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{B198A42B-7342-457A-82F7-21F274254314}
2014-09-14 17:25 - 2013-05-18 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 14:18 - 2014-01-18 21:25 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\.minecraft
2014-09-14 14:10 - 2014-09-14 14:10 - 00000000 ____D () C:\ProgramData\Intel
2014-09-14 14:10 - 2011-12-25 06:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-14 14:08 - 2014-09-06 18:47 - 00000000 ____D () C:\Intel
2014-09-14 14:05 - 2014-09-14 14:05 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:04 - 2014-09-14 14:04 - 00000000 ____D () C:\Users\MyName\SystemRequirementsLab
2014-09-14 13:54 - 2014-09-14 13:54 - 00000219 _____ () C:\Users\MyName\Desktop\Dota 2.url
2014-09-14 13:54 - 2014-03-16 12:46 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-14 11:04 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-13 23:38 - 2012-09-10 22:11 - 00000000 ____D () C:\Users\User1\AppData\Roaming\XnView
2014-09-12 17:09 - 2014-07-02 18:50 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\vlc
2014-09-12 16:52 - 2014-07-02 18:47 - 00000000 ____D () C:\Users\MyName\.mediathek3
2014-09-12 00:08 - 2011-12-25 06:48 - 01603170 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 00:07 - 2013-08-14 21:46 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 00:01 - 2012-09-14 21:57 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 00:00 - 2014-05-07 19:26 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-11 14:20 - 2012-09-15 14:11 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 14:20 - 2012-09-15 14:11 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 14:20 - 2012-09-15 14:11 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 19:59 - 2014-09-09 12:29 - 00000000 ____D () C:\Program Files (x86)\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00001151 _____ () C:\Users\User1\Desktop\INtex Hausverwaltung.lnk
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Roaming\INtex Hausverwaltung 10
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\Users\User1\AppData\Local\FileMaker
2014-09-09 12:30 - 2014-09-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INtex Hausverwaltung 10
2014-09-09 12:28 - 2014-09-09 12:28 - 22176096 _____ (INtex Publishing ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager [1].exe
2014-09-09 12:24 - 2014-09-09 12:23 - 00816064 _____ ( ) C:\Users\User1\Downloads\setuphausverwaltung10_CB-DL-Manager.exe
2014-09-07 19:22 - 2012-09-15 14:42 - 00000000 ____D () C:\Users\User1\AppData\Local\CrashDumps
2014-09-07 16:30 - 2014-09-07 16:30 - 00000000 ____D () C:\ProgramData\ATI
2014-09-07 16:27 - 2014-09-07 16:27 - 00056100 _____ () C:\windows\SysWOW64\CCCInstall_201409071627426592.log
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-07 16:27 - 2014-09-07 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-07 16:27 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-07 16:27 - 2014-09-07 16:11 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-07 16:27 - 2014-08-02 10:25 - 00000000 ____D () C:\ProgramData\AMD
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\AMD
2014-09-07 16:17 - 2012-11-01 22:08 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\ATI
2014-09-07 16:17 - 2012-11-01 22:08 - 00000000 ____D () C:\Users\MyName\AppData\Local\ATI
2014-09-07 16:15 - 2014-09-07 16:15 - 00000000 _____ () C:\windows\ativpsrm.bin
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-07 16:14 - 2014-09-07 16:14 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-09-07 16:12 - 2014-09-07 16:12 - 00000000 ____D () C:\Program Files\ATI
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-07 16:05 - 2014-09-07 16:05 - 00000000 _____ () C:\windows\setuperr.log
2014-09-07 15:54 - 2011-02-11 07:14 - 00000000 ____D () C:\windows\Panther
2014-09-07 15:52 - 2014-09-07 15:52 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-07 15:52 - 2014-09-07 15:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-07 15:13 - 2014-09-07 15:13 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Oracle
2014-09-07 15:08 - 2014-09-07 15:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-09-07 15:08 - 2014-09-07 15:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-07 15:08 - 2014-09-07 15:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-07 15:08 - 2013-10-03 13:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-07 14:57 - 2014-09-07 14:57 - 00061609 _____ () C:\4ce94848-0159-4de0-a640-7fb2c9095920.dmp
2014-09-07 14:55 - 2014-09-07 14:55 - 00063761 _____ () C:\97b2af29-b4a4-4108-af20-fb688ea36072.dmp
2014-09-07 11:36 - 2013-03-13 18:24 - 00000000 ____D () C:\Users\User2\AppData\Local\CrashDumps
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieUserList
2014-09-06 20:46 - 2014-09-06 20:46 - 00000000 __SHD () C:\Users\User1\AppData\Local\EmieSiteList
2014-09-06 17:55 - 2011-12-25 06:37 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-06 17:54 - 2011-12-25 07:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-06 17:49 - 2014-09-06 10:28 - 00000000 ____D () C:\ProgramData\HP
2014-09-06 17:47 - 2014-09-06 17:47 - 00872152 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-09-06 17:47 - 2014-09-06 17:47 - 00074456 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-09-06 17:47 - 2014-09-06 17:47 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-06 17:47 - 2012-11-01 22:07 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\hpqLog
2014-09-06 17:47 - 2011-12-25 07:54 - 00108760 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RTNUninst64.dll
2014-09-06 17:47 - 2011-12-25 06:38 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-06 17:46 - 2014-09-06 17:46 - 00175928 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-09-06 17:45 - 2014-09-06 17:43 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-06 17:45 - 2012-04-06 13:45 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-09-06 17:44 - 2012-04-06 13:45 - 00000000 ____D () C:\windows\system32\nn-NO
2014-09-06 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-09-06 17:43 - 2014-09-06 17:43 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-06 17:42 - 2014-09-06 17:42 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00722160 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00524016 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2014-09-06 17:42 - 2014-09-06 17:42 - 00421616 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo19.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00400112 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00251632 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00169712 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynTPCom.dll
2014-09-06 17:42 - 2014-09-06 17:42 - 00026416 _____ () C:\windows\system32\pca-manta.bin
2014-09-06 17:42 - 2014-09-06 17:42 - 00000092 _____ () C:\windows\system32\calibration.bin
2014-09-06 17:40 - 2014-09-06 17:40 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\Hewlett-Packard Company
2014-09-06 17:40 - 2011-12-25 07:23 - 00000191 _____ () C:\windows\system32\HPPA.ini
2014-09-06 17:40 - 2011-12-25 07:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-06 17:39 - 2012-04-06 13:56 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-09-06 17:16 - 2014-09-06 17:16 - 00000000 ____D () C:\Users\User2\AppData\Roaming\java
2014-09-06 10:28 - 2014-09-06 10:28 - 00000000 ____D () C:\HPSDM
2014-09-06 10:26 - 2014-09-06 10:25 - 20578280 _____ (Hewlett-Packard Company ) C:\Users\MyName\Downloads\HP_SDM_Setup.exe
2014-09-06 10:18 - 2014-09-06 10:18 - 00000000 ____D () C:\Users\MyName\AppData\Roaming\java
2014-09-06 10:17 - 2014-09-06 10:17 - 00000000 ____D () C:\Program Files\Java
2014-09-06 10:05 - 2014-09-06 10:05 - 00675988 _____ () C:\Users\MyName\Downloads\Minecraft(1).exe
2014-09-05 04:10 - 2014-09-11 10:52 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 10:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-30 09:00 - 2014-08-30 09:00 - 00803691 _____ () C:\Users\User2\Documents\transfer1.xps
2014-08-29 08:57 - 2009-07-14 06:45 - 00413288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-26 20:02 - 2013-02-07 23:04 - 00000000 ____D () C:\windows\System32\Tasks\Games
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-23 19:04 - 2013-03-02 12:36 - 00117080 _____ () C:\Users\User2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-23 04:07 - 2014-08-28 19:44 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 19:44 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 19:44 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

Files to move or delete:
====================
C:\Users\MyName\WebVpnRegKey6-217-91-61-208.dll


Some content of TEMP:
====================
C:\Users\User2\AppData\Local\Temp\CmdLineExt.dll
C:\Users\User2\AppData\Local\Temp\drm_dialogs.dll
C:\Users\User2\AppData\Local\Temp\drm_dyndata_7300015.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 14:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Ich habe die Addition.txt vergessen...

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by MyName at 2014-09-22 19:57:23
Running from C:\Users\MyName\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Durchstarten mit Ponky - Deutsch 3+4" (HKLM-x32\...\"Durchstarten mit Ponky - Deutsch 3+4") (Version: 2.00 - Engel Edition)
"Ponky gezielt Mathe 3+4" (HKLM-x32\...\"Ponky gezielt Mathe 3+4") (Version: 2.00 - Engel Edition)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Center 2.0 (x32 Version: 2.0.0 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (x32 Version: 2.000.000 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.2 - Adobe Systems) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61013.1636 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audio-CD-Archiv v7 (HKLM-x32\...\{ACA709B7-DB00-48B3-A30C-97F50679E175}) (Version: 7.00.687 - GBelectronics)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 2(TM) (HKCU\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: 1.00.0000 - DICE)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BUG Mod 4.4 (HKLM-x32\...\BUG Mod 4.4) (Version:  - )
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help User2ish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6622 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6622 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2107 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2107 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - )
DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FlatOut2 (HKLM-x32\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FreeFileSync 5.10 (HKLM-x32\...\FreeFileSync) (Version: 5.10 - Zenju)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.30.0000 - Codemasters)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C6A49140-A2D9-4CA4-BB92-2E1C8CBB6E16}) (Version: 1.3.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{09A06482-FAF9-4DC5-9EC7-D340B394E22A}) (Version: 2.0.6.0 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{68E1C9E9-1606-49AF-9978-573148CED9E4}) (Version: 3.5.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{72E3D563-C37C-4037-9F04-B64C0DAD0EFF}) (Version: 2.2.3 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
INtex Hausverwaltung Version 10 (HKLM-x32\...\{C8F19197-739E-48C3-8A78-8C1434411F9A}_is1) (Version: 10 - INtex Publishing)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{43295475-62CA-4F25-B46C-43C59258780E}) (Version: 4.1.4.2 - The Document Foundation)
LibreOffice 4.3.0.4 (HKLM-x32\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM-x32\...\{908C5B2E-D684-425E-A54D-FE77D5C5A076}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (HKLM-x32\...\{3F380A3D-695A-4199-B026-A811A9FC6D91}) (Version: 12.0.00500 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.5.34.0 - Nokia)
Nokia Suite (x32 Version: 3.5.34.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Perspective Pilot Free 3.2.0 (HKLM\...\Perspective Pilot Free_is1) (Version: 3.2.0 - Two Pilots)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SDK (x32 Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Serif CraftArtist (HKLM-x32\...\{C1B148C9-FACF-45F1-8356-4E1C5E3DAA5B}) (Version: 1.0.5.043 - Serif (Europe) Ltd)
Serif Photo Projects (HKLM-x32\...\{D87677F6-5F58-4BB9-8D50-78A1BF9C2F33}) (Version: 1.0.2.027 - Serif (Europe) Ltd)
Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.2.012 - Serif (Europe) Ltd)
Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.19 - Firaxis Games)
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steuer 2012 (HKCU\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.9 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
test und FINANZtest Archiv CD-Rom 2011 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2011) (Version:  - )
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Ihr Firmenname)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XMedia Recode Version 3.1.2.5 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.5 - XMedia Recode)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)
XnViewMP 0.68 (HKLM\...\XnViewMP_is1) (Version: 0.68 - Gougelet Pierre-e)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-09-2014 14:06:22 DirectX wurde installiert
14-09-2014 16:04:58 DirectX wurde installiert
14-09-2014 16:08:14 DirectX wurde installiert
16-09-2014 12:19:12 Windows Update
16-09-2014 17:59:07 DirectX wurde installiert
19-09-2014 17:18:15 DirectX wurde installiert
19-09-2014 17:19:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14E9462E-AF2F-46A7-BE39-9271E4787599} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {656EFEA3-037B-4C77-B282-242798BB3DE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {8A00151D-E898-4D1F-98BC-4BEFEFC72D07} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {90779F6F-36FA-440A-9A1E-83A89A4D0B12} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-15] (AVAST Software)
Task: {A1C1248B-B6A4-4C6F-86FF-9EA5DD69F779} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {CCA38787-787F-4505-BD6E-0F1041E97EF8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-02-07 23:02 - 2013-02-09 22:57 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-11-04 02:34 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-03-09 15:32 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2012-04-06 05:09 - 2011-08-31 15:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-12 17:02 - 2011-09-12 17:02 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2014-07-15 22:48 - 2014-07-15 22:48 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-22 18:16 - 2014-09-22 18:16 - 02864640 _____ () C:\Program Files\AVAST Software\Avast\defs\14092200\algo.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-07-15 22:48 - 2014-07-15 22:48 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-12 15:52 - 2014-09-12 15:52 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\60e3de33f3b7204f87483b97989a13b6\IsdiInterop.ni.dll
2012-04-06 13:41 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-19 23:43 - 2014-09-19 23:43 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47
AlternateDataStreams: C:\ProgramData\TEMP:66633281

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2014 06:30:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2014 06:21:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2014 00:39:31 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.

Error: (09/22/2014 00:39:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Name des fehlerhaften Moduls: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002b5d6
ID des fehlerhaften Prozesses: 0x50c
Startzeit der fehlerhaften Anwendung: 0xhpqWmiEx.exe0
Pfad der fehlerhaften Anwendung: hpqWmiEx.exe1
Pfad des fehlerhaften Moduls: hpqWmiEx.exe2
Berichtskennung: hpqWmiEx.exe3

Error: (09/21/2014 10:54:39 PM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.

Error: (09/21/2014 10:54:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Name des fehlerhaften Moduls: hpqWmiEx.exe, Version: 4.6.15.1, Zeitstempel: 0x50a165a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002b5d6
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xhpqWmiEx.exe0
Pfad der fehlerhaften Anwendung: hpqWmiEx.exe1
Pfad des fehlerhaften Moduls: hpqWmiEx.exe2
Berichtskennung: hpqWmiEx.exe3


System errors:
=============
Error: (09/22/2014 06:16:08 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/22/2014 00:39:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (09/21/2014 11:38:49 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/21/2014 10:54:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/21/2014 07:53:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/22/2014 06:30:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/22/2014 06:21:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MyName\Downloads\esetsmartinstaller_deu.exe

Error: (09/22/2014 00:39:31 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: Description is: 47

Error: (09/22/2014 00:39:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqWmiEx.exe4.6.15.150a165a9hpqWmiEx.exe4.6.15.150a165a9c00000050002b5d650c01cfd5e469c58de2C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe262dc997-41e0-11e4-b531-005056c00008

Error: (09/21/2014 10:54:39 PM) (Source: Validity USDK) (EventID: 40) (User: )
Description: Description is: 47

Error: (09/21/2014 10:54:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqWmiEx.exe4.6.15.150a165a9hpqWmiEx.exe4.6.15.150a165a9c00000050002b5d6ef001cfd5bfbcf2907eC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe7e3d7c3d-41d1-11e4-b531-005056c00008


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 8126.36 MB
Available physical RAM: 5311.73 MB
Total Pagefile: 16250.9 MB
Available Pagefile: 13283.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:674.31 GB) (Free:442.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:19.03 GB) (Free:2.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:4.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E76A04A3)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=674.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End Of Log ============================
         
SecurityChecker (abgesicherter Modus):
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Mozilla Firefox (32.0.2) 
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Edit: Thunderbird habe ich inzwischen aktualisiert.
__________________

Geändert von Roger Wilco (22.09.2014 um 20:43 Uhr)

Alt 23.09.2014, 19:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Noch Probleme?

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.09.2014, 20:28   #5
Roger Wilco
 
Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Zitat:
Zitat von schrauber Beitrag anzeigen
Noch Probleme?
Nein, aber ich habe außer die hier besprochenen Aktionen kaum etwas gemacht. Ich melde mich sonst nochmal.

Zitat:
Zitat von schrauber Beitrag anzeigen
Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.
Habe ich durchgeführt.

Vielen Dank schrauber nochmals für Deine Hilfe!

Ist aus Deiner Sicht jetzt alles OK?


Alt 25.09.2014, 12:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
--> Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)

Alt 25.09.2014, 18:13   #7
Roger Wilco
 
Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Fertig :-)


Alt 26.09.2014, 13:12   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Standard

Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)
antivirus, branding, conduitsearch, conduitsearch entfernen, converter, device driver, dvdvideosoft ltd., entfernen, fehlercode 0xc0000005, fehlercode windows, flash player, iexplore.exe, igdpmd64.sys, installation, internet, internet explorer, schutz, security, services.exe, svchost.exe, symantec, tracker, win32/downware.w, win32/installcore.qh, win32/toolbar.conduit, win32/toolbar.conduit.b, win32/toolbar.conduit.h, win32/toolbar.conduit.p, win32/toolbar.conduit.y, windows



Ähnliche Themen: Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)


  1. Windows 8 Evtl Malware nach Fehlklick während eines Livestreams
    Log-Analyse und Auswertung - 29.09.2015 (13)
  2. Adware/Malware nach Jdownloader Installation
    Log-Analyse und Auswertung - 12.09.2015 (5)
  3. PC langsam nach Installation über Chip.de und istartsurf Startseite
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (12)
  4. Nach G Data Installation funktioniert Minecraft 1.8.1 nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 17.02.2015 (5)
  5. Storm Alert Adware nach Installation eines Stream-Programmes von chip.de
    Log-Analyse und Auswertung - 24.12.2014 (12)
  6. Infektion eines Windows-PC durch ein Android Smartphone?
    Diskussionsforum - 26.09.2014 (18)
  7. Nach JAVA-Update Malware auf PC...Überschreibt Browser-Startseite mit http://istart.webssearches.com
    Log-Analyse und Auswertung - 07.09.2014 (3)
  8. Windows 7: Vermutlich Malware (istartsurf.com, Search Protect, ...?) heruntergeladen
    Log-Analyse und Auswertung - 28.08.2014 (15)
  9. Nach JDownloader Malware/Adware Infektion?
    Log-Analyse und Auswertung - 03.11.2013 (7)
  10. Meldung nach Ausführung des TFC-Programm
    Plagegeister aller Art und deren Bekämpfung - 02.11.2013 (1)
  11. ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (8)
  12. APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (7)
  13. Nach Installation eines Video-Converters www.searchnu.com/413 als Startseite
    Log-Analyse und Auswertung - 23.02.2013 (3)
  14. Firefox fehler nach ausführung von .exe-Datei
    Plagegeister aller Art und deren Bekämpfung - 27.12.2010 (4)
  15. PC blockt die Ausführung von Anti-Malware-Programmen und Virenscannern
    Plagegeister aller Art und deren Bekämpfung - 12.07.2009 (34)
  16. Problem beim Setup von Malware
    Antiviren-, Firewall- und andere Schutzprogramme - 13.01.2009 (1)
  17. (Anleitund) Aktivieren der Maus und Tastatur nach ausführung eines System*****
    Plagegeister aller Art und deren Bekämpfung - 13.09.2008 (5)

Zum Thema Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) - Hallo zusammen, ich wollte heute für das Spiel Minecraft ein zusätzliches Paket (MCPatcher) installieren und habe bei der hektischen Google-Suche und Installation leider ein inoffizielles Setup-Paket heruntergeladen und installiert. Ich - Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite)...
Archiv
Du betrachtest: Malware/Adware-Infektion nach Ausführung eines Setup-Paketes für Minecraft (u.a. istartsurf.com als Startseite) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.