Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 26.10.2014, 21:46   #16
Mika_80
 
Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Trend Micro meldet sich immer noch :-(. Sonst wechsel ich einfach zu Chrome :-).
Hier die FRST log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2014
Ran by Medion (administrator) on MEDION-PC on 26-10-2014 21:29:44
Running from C:\Users\Medion\Downloads
Loaded Profiles: Medion & Miriam II (Available profiles: Medion & Finn & Miriam II)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(1&1 Mail & Media GmbH) C:\Users\Miriam II\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Medion\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Medion\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495728 2010-03-30] (IDT, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [143792 2013-10-09] (Trend Micro Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [44152 2013-07-23] (Trend Micro Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [436800 2013-07-15] (BillP Studios)
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [Allmyapps] => "C:\Users\Medion\AppData\Roaming\Allmyapps\Allmyapps.exe" startup
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [Allmyapps Update] => "C:\Users\Medion\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe" check startup
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Medion\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-634998973-2183486359-2024787897-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Run: [SpywareTerminatorUpdate] => C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\Miriam II\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [792576 2014-06-04] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Run: [1und1DispatcherCorp] => C:\Users\Miriam II\AppData\Local\1und1UpdaterCorpE\SchedDispatcher.exe [220808 2013-05-29] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\MountPoints2: {362dbb65-accf-11e1-b782-00262dbfe53b} - F:\AutoRun.exe
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\MountPoints2: {362dbb86-accf-11e1-b782-00262dbfe53b} - F:\AutoRun.exe
HKU\S-1-5-21-634998973-2183486359-2024787897-1004\...\MountPoints2: {b636cf64-b326-11e1-b7d9-00262dbfe53b} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611230547711.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611230547711.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611230547711.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611230547711.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicyUsers\S-1-5-21-634998973-2183486359-2024787897-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-634998973-2183486359-2024787897-1003\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
BHO: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe32.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\6e7oss3s.default-1414354867081
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-17]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextension [2014-09-04]
FF HKLM\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-05-14]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2014-05-15]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\q5jk1lre.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-20]
CHR Extension: (YouTube) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]
CHR Extension: (Google-Suche) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]
CHR Extension: (Google Tabellen) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
CHR Extension: (Google Mail) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-09-14] (Flexera Software LLC)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [539952 2013-10-18] (SMART Technologies)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [225382 2010-03-30] (IDT, Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [113152 2009-03-04] (Wistron Corp.) [File not signed]
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S4 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [113424 2014-03-13] (BlueStack Systems)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-07-03] (Secunia)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2013-10-18] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2013-03-07] (SMART Technologies)
S3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2013-03-07] (SMART Technologies ULC)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [103416 2013-12-03] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [290376 2013-12-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [40736 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [85280 2013-06-13] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [83864 2013-12-03] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [282272 2013-05-22] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92304 2012-05-02] (Trend Micro Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Medion\AppData\Local\Temp\catchme.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
U2 TMAgent; No ImagePath
S3 uxddrv; \??\E:\DIAGNOSE\WSTGER32\2PART\uxddrv86.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 21:29 - 2014-10-26 21:31 - 00028013 _____ () C:\Users\Medion\Downloads\FRST.txt
2014-10-26 21:29 - 2014-10-26 21:29 - 01104896 _____ (Farbar) C:\Users\Medion\Downloads\FRST.exe
2014-10-26 20:48 - 2014-10-26 20:48 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-26 20:48 - 2014-10-26 20:48 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-26 20:47 - 2014-10-26 20:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-26 20:46 - 2014-10-26 20:46 - 00244408 _____ () C:\Users\Medion\Downloads\Firefox Setup Stub 33.0.exe
2014-10-26 20:32 - 2014-10-26 20:32 - 00001226 _____ () C:\Users\Medion\Desktop\Revo Uninstaller.lnk
2014-10-26 20:30 - 2014-10-26 20:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Miriam II\Downloads\revosetup95.exe
2014-10-24 20:38 - 2014-10-24 20:38 - 00008413 _____ () C:\Users\Miriam II\Downloads\print.action
2014-10-23 13:25 - 2014-10-23 13:25 - 00854448 _____ () C:\Users\Medion\Desktop\SecurityCheck.exe
2014-10-21 22:25 - 2014-10-22 09:53 - 00000000 ____D () C:\Users\Medion\Desktop\trojaner board II
2014-10-21 21:48 - 2014-10-21 21:57 - 00000000 ____D () C:\AdwCleaner
2014-10-21 20:41 - 2014-10-21 20:41 - 00000048 _____ () C:\Users\Public\Documents\_rgpl
2014-10-21 19:31 - 2014-10-26 20:32 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-20 20:21 - 2014-10-20 20:21 - 00000000 ____D () C:\Users\Medion\AppData\Local\com
2014-10-20 20:17 - 2014-10-20 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-20 20:17 - 2014-10-20 20:17 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-10-20 19:44 - 2014-10-20 19:44 - 00007805 _____ () C:\Users\Miriam II\Desktop\GMER.txt
2014-10-20 19:36 - 2014-10-20 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-20 19:36 - 2014-10-20 19:36 - 00000000 ____D () C:\Program Files\7-Zip
2014-10-20 16:30 - 2014-10-20 16:30 - 00146376 _____ () C:\Windows\Minidump\102014-18891-01.dmp
2014-10-20 10:46 - 2014-10-26 21:29 - 00000000 ____D () C:\FRST
2014-10-20 10:41 - 2014-10-20 10:41 - 00000000 _____ () C:\Users\Medion\defogger_reenable
2014-10-16 13:10 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 13:10 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 13:10 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 13:10 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 13:09 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 13:09 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:09 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:09 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:09 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:09 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:09 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:09 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 13:09 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:09 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 13:09 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 13:09 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 13:09 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 13:09 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 13:09 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:09 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:09 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 13:09 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:09 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:09 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 13:09 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 13:09 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 13:09 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 13:09 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 13:09 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 13:09 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:09 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 13:09 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:09 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:09 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 13:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 13:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 13:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 13:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 13:08 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 13:08 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 13:08 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 13:08 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 13:08 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 13:08 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 13:08 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 13:08 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 13:08 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 13:08 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 13:08 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 13:08 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 13:08 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 13:08 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-16 13:08 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-16 13:08 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-16 13:08 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-16 13:08 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-16 13:08 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-16 13:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 13:07 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-03 06:13 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 06:54 - 2014-09-30 06:55 - 00000000 ____D () C:\Users\Medion\AppData\Local\Skyrim

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 21:31 - 2011-04-14 20:53 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\Skype
2014-10-26 21:20 - 2014-07-17 21:09 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 21:18 - 2012-03-31 15:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 21:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-10-26 20:48 - 2012-09-26 16:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-26 20:43 - 2014-07-17 21:09 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 20:28 - 2014-07-17 21:24 - 00000000 ___RD () C:\Users\Miriam II\Google Drive
2014-10-26 20:08 - 2014-07-25 14:05 - 00000000 ____D () C:\Users\Miriam II\AppData\Local\HTC MediaHub
2014-10-26 20:07 - 2011-04-06 09:26 - 01048477 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 20:05 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 20:05 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 20:02 - 2010-05-05 17:08 - 00006264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-26 19:58 - 2014-08-20 18:46 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-26 19:58 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 19:57 - 2009-07-14 05:39 - 00178187 _____ () C:\Windows\setupact.log
2014-10-25 19:30 - 2014-07-25 14:10 - 00000000 ____D () C:\Users\Medion\AppData\Local\HTC MediaHub
2014-10-25 15:10 - 2012-11-18 18:32 - 00000000 ____D () C:\Users\Finn.Medion-PC\AppData\Roaming\.minecraft
2014-10-25 14:12 - 2014-08-03 19:00 - 00000000 ____D () C:\Users\Finn.Medion-PC\AppData\Local\HTC MediaHub
2014-10-25 14:12 - 2014-07-18 19:36 - 00000000 ____D () C:\Program Files\Steam
2014-10-25 09:21 - 2013-07-18 16:46 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-24 17:44 - 2013-04-30 08:27 - 00000000 ____D () C:\Users\Medion\AppData\Local\Deployment
2014-10-24 13:29 - 2013-05-15 16:56 - 00000000 ____D () C:\Users\Finn.Medion-PC\AppData\Roaming\Skype
2014-10-23 16:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-23 16:19 - 2014-07-18 19:36 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-10-23 15:43 - 2011-05-02 15:27 - 00144760 _____ () C:\Users\Finn.Medion-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-23 15:36 - 2010-05-05 18:37 - 00341596 _____ () C:\Windows\PFRO.log
2014-10-21 21:57 - 2012-05-13 11:57 - 00000000 ____D () C:\Users\Medion\AppData\Local\CRE
2014-10-21 21:57 - 2011-04-19 17:23 - 00000000 ____D () C:\Users\Finn.Medion-PC
2014-10-21 21:57 - 2011-04-06 09:28 - 00001154 _____ () C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-21 21:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-21 21:02 - 2011-11-28 13:24 - 00000000 ____D () C:\Program Files\BFDemos
2014-10-21 20:26 - 2010-05-05 16:57 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-20 21:24 - 2014-09-19 16:09 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-20 20:17 - 2014-03-14 20:14 - 00000000 ___RD () C:\Program Files\Skype
2014-10-20 20:17 - 2011-04-14 20:52 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 18:11 - 2011-04-14 18:57 - 00144760 _____ () C:\Users\Medion\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-20 16:30 - 2014-05-17 08:08 - 355499801 _____ () C:\Windows\MEMORY.DMP
2014-10-20 16:30 - 2014-05-17 08:08 - 00000000 ____D () C:\Windows\Minidump
2014-10-20 10:41 - 2011-04-06 09:28 - 00000000 ____D () C:\Users\Medion
2014-10-20 09:56 - 2013-01-19 14:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-19 16:26 - 2011-09-05 20:15 - 00000000 ____D () C:\Users\Miriam II\Documents\Eigene Scans
2014-10-18 22:29 - 2011-04-26 13:29 - 00144760 _____ () C:\Users\Miriam II\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-18 21:13 - 2009-07-14 05:33 - 00484552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 20:45 - 2011-11-28 14:01 - 00000000 ____D () C:\ProgramData\Schreib- und Leselabor 2
2014-10-18 18:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 16:15 - 2014-07-02 16:57 - 00209432 _____ () C:\Windows\RegBootClean.exe
2014-10-17 15:42 - 2009-07-14 03:37 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 15:38 - 2014-04-30 23:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 15:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-17 01:23 - 2010-05-05 17:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 01:13 - 2013-07-27 09:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 00:10 - 2010-05-05 18:33 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 22:04 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-02 08:55 - 2012-09-30 19:29 - 00000000 ____D () C:\Users\Miriam II\AppData\Local\Deployment

Files to move or delete:
====================
C:\Users\Finn.Medion-PC\Minecraft Ram Launcher.exe


Some content of TEMP:
====================
C:\Users\Finn.Medion-PC\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel0.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel1.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel2.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel3.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel4.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\i4jdel5.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\propsys.dll
C:\Users\Finn.Medion-PC\AppData\Local\Temp\Softonic_DE_1-5-1.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Finn.Medion-PC\AppData\Local\Temp\zodr8l3a.dll
C:\Users\Medion\AppData\Local\Temp\0acncs1a.eea.exe
C:\Users\Medion\AppData\Local\Temp\1sv0noim.wxt.exe
C:\Users\Medion\AppData\Local\Temp\27353uninstall.exe
C:\Users\Medion\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Medion\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Medion\AppData\Local\Temp\APNSetup.exe
C:\Users\Medion\AppData\Local\Temp\awtcmhrt.uzg.exe
C:\Users\Medion\AppData\Local\Temp\BackupSetup.exe
C:\Users\Medion\AppData\Local\Temp\dlLogic.exe
C:\Users\Medion\AppData\Local\Temp\dltr.exe
C:\Users\Medion\AppData\Local\Temp\erb3vygz.wnz.exe
C:\Users\Medion\AppData\Local\Temp\foxy_security_games.exe
C:\Users\Medion\AppData\Local\Temp\GCVerifier.dll
C:\Users\Medion\AppData\Local\Temp\iodhz2td.rks.exe
C:\Users\Medion\AppData\Local\Temp\Quarantine.exe
C:\Users\Medion\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Medion\AppData\Local\Temp\sdapskill.exe
C:\Users\Medion\AppData\Local\Temp\sdaspwn.exe
C:\Users\Medion\AppData\Local\Temp\sdyfmtve.0ap.exe
C:\Users\Medion\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Medion\AppData\Local\Temp\Sqlite3.dll
C:\Users\Medion\AppData\Local\Temp\sweetpage_294wld.exe
C:\Users\Medion\AppData\Local\Temp\Uni000.exe
C:\Users\Medion\AppData\Local\Temp\vdoiuwkh.d1k.exe
C:\Users\Medion\AppData\Local\Temp\verifier.exe
C:\Users\Medion\AppData\Local\Temp\vfxpnvpx.lx3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-18 18:03

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-10-2014
Ran by Medion at 2014-10-26 21:32:13
Running from C:\Users\Medion\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Maximum Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Maximum Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Allmyapps (HKCU\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AudibleManager (HKLM\...\AudibleManager) (Version: 2008373984.48.56.10227058 - Audible, Inc.)
Avidemux 2.5 (HKLM\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
B110 (Version: 140.0.283.000 - Hewlett-Packard) Hidden
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force  (HKLM\...\Brick-Force) (Version:  - Infernum Productions AG)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2609 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
ElsterFormular für Privatanwender (HKLM\...\ElsterFormular für Privatanwender 12.2.1.6570p) (Version: 12.2.1.6570p - Landesfinanzdirektion Thüringen)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.4.0 - Sentelic)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Sound Recorder v9.2.7 (HKLM\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2011 FreeSoundRecorder Technologies, Inc.)
Free YouTube to MP3 Converter version 3.11.34.1015 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.34.1015 - DVDVideoSoft Ltd.)
FreeOCR v5.0 (HKLM\...\freeocr_is1) (Version:  - )
G DATA Logox4 Speechengine (HKLM\...\lgx4.lgx.server) (Version:  - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HotPotatoes v 6.3.0.5 (HKLM\...\hotpot_is1) (Version:  - HalfBaked)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC)
HUAWEI DataCard Driver 4.20.12.00 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.20.12.00 - Huawei technologies Co., Ltd.)
iCF Skin Pack (HKLM\...\iCF Skin Pack) (Version:  - )
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iColorFolder (HKLM\...\iColorFolder) (Version:  - )
IDS Intelligence and Development Scales (HKLM\...\{5093E76B-8BCB-49BA-8AC5-4018D307C771}) (Version: 1.0.0.1 - Verlag Hans Huber, Hogrefe AG, Bern)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6208.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launch Manager V1.5.0.5 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.5 - Wistron Corp.)
Lurs-Minimator (HKLM\...\Lurs-Minimator) (Version: 1.0 - LegaKids)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.24.5.3 - Marvell)
Medion Home Cinema (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1318 - CyberLink Corp.)
Medion Home Cinema (Version: 8.0.1318 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (HKLM\...\{95140000-007C-0409-0000-0000000FF1CE}) (Version: 14.0.5117.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Connection Manager (HKLM\...\o2DE) (Version:  - Mobile Connection Manager)
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 de) (HKLM\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
phase-6 2.3.4 (HKLM\...\phase-6) (Version: 2.3.4 - phase-6)
Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PS_AIO_07_B110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScarletBlade (HKLM\...\ScarletBlade) (Version:  - )
Secunia PSI (3.0.0.7011) (HKLM\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
simfy (HKLM\...\Simfy) (Version: 1.6.10 - simfy AG)
simfy (Version: 1.6.10 - simfy AG) Hidden
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SMART Common Files (HKLM\...\{BBA07B40-F7C6-44F7-BF08-767F8835685F}) (Version: 11.4.194.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM\...\{603E8F13-20D9-4367-81F2-CF6E22D05DA9}) (Version: 11.3.29.0 - SMART Technologies ULC)
SMART Ink (HKLM\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.720.0 - SMART Technologies ULC)
SMART Notebook (HKLM\...\{E57F6C8B-E159-477E-93BF-764759747BC4}) (Version: 11.3.857.0 - SMART Technologies ULC)
SMART Product Update (HKLM\...\{8D4B716A-0ABE-4238-9090-D208E5F57A5E}) (Version: 5.0.108.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM\...\{589B09F5-0768-4BE9-B8C0-DD253E6B3643}) (Version: 11.3.550.0 - SMART Technologies ULC)
SmartTools Publishing • Word Falz & Lochmarken-Assistent (HKLM\...\SmartToolsFalz & Lochmarken-Assistentv6.50) (Version: v6.50 - SmartTools Publishing)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spyware Terminator 2012 (HKLM\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TomTom HOME (HKLM\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WEB.DE Club SmartFax (HKLM\...\WEB.DE Club SmartFax) (Version: 2.00.223 - WEB.DE GmbH)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{b226c901-b163-53c9-a14c-5b55ebb03907}\InprocServer32 -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-634998973-2183486359-2024787897-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miriam II\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-10-2014 18:50:53 Revo Uninstaller's restore point - LPT System Updater Service
21-10-2014 18:58:05 Revo Uninstaller's restore point - MyPC Backup 
21-10-2014 19:04:16 Revo Uninstaller's restore point - NewPlayer
21-10-2014 19:10:43 Revo Uninstaller's restore point - Shopping App by Ask
21-10-2014 19:16:20 Revo Uninstaller's restore point - PriceSparrow
21-10-2014 19:16:34 Removed PriceSparrow
21-10-2014 19:24:04 Revo Uninstaller's restore point - Lesehaus
21-10-2014 19:24:53 Entfernt Lesehaus
21-10-2014 19:29:22 Revo Uninstaller's restore point - Securita Scout
21-10-2014 19:31:42 Revo Uninstaller's restore point - The Sea App (Internet Explorer) 
21-10-2014 19:34:04 Revo Uninstaller's restore point - Yahoo Community Smartbar
21-10-2014 19:37:05 Revo Uninstaller's restore point - CHIP Updater
21-10-2014 19:38:38 Revo Uninstaller's restore point - FastPlayer
21-10-2014 19:41:03 Revo Uninstaller's restore point - GameXN GO
21-10-2014 19:42:28 Revo Uninstaller's restore point - Call of Duty: Ghosts - Multiplayer
21-10-2014 20:07:10 Revo Uninstaller's restore point - Driver Support
21-10-2014 20:12:10 Revo Uninstaller's restore point - Yahoo Community Smartbar
21-10-2014 20:14:10 Revo Uninstaller's restore point - Yahoo Community Smartbar
21-10-2014 20:15:09 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
22-10-2014 17:41:40 TITANUIMRES
26-10-2014 19:34:43 Revo Uninstaller's restore point - Mozilla Firefox 33.0 (x86 de)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2013-07-23 12:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02113253-C3B6-4AD3-98DA-6333FB51678D} - System32\Tasks\{AA133FD6-8CE9-48DB-A8D6-487926682B37} => C:\Program Files\iTunes\iTunes.exe [2014-07-08] (Apple Inc.)
Task: {181A387B-2E82-4A5E-B80D-B65FA21278D4} - System32\Tasks\{7FE6F12C-0882-48A7-9542-25A955EBD64F} => C:\Program Files\BlueStacks\HD-StartLauncher.exe [2014-03-13] (BlueStack Systems, Inc.) <==== ATTENTION
Task: {2B5E848B-9F6C-4121-A944-1744209CD76B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-17] (Google Inc.)
Task: {3AE4090C-B204-4802-BFE2-2465DEACC9AF} - System32\Tasks\{0A1EFB71-6AAB-4854-B0E0-64B9C2F47C1C} => C:\Program Files\BlueStacks\HD-StartLauncher.exe [2014-03-13] (BlueStack Systems, Inc.) <==== ATTENTION
Task: {484E1F2F-C3CB-4C06-85B4-CE5868D74917} - System32\Tasks\{3AC444B3-C7F2-455B-B8A6-F54B69A53FC9} => C:\Program Files\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {5E25561C-6F95-41AB-9C34-587CCD63AFDB} - System32\Tasks\{B66A7B46-D706-4AF0-A76C-2B4C1DD20687} => C:\Program Files\BlueStacks\HD-StartLauncher.exe [2014-03-13] (BlueStack Systems, Inc.) <==== ATTENTION
Task: {7256A57C-E6C0-4D28-B560-20F043F46028} - System32\Tasks\{5A687B4D-7D32-4BE5-968D-3164BA43A4C3} => C:\BrickForce\BfLauncher.exe [2013-09-05] ()
Task: {94FECD8D-6BC0-4128-8A8A-129D693CB204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A14E6D8D-74BB-472A-9799-ACFEA0D42DD9} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2014-08-06] (Trend Micro Inc.)
Task: {A3462E88-782D-4EC8-8862-74909673C296} - System32\Tasks\Microsoft.NETCOM+-Systemanwendung => C:\Windows\bfsvc32.exe [2014-07-23] ()
Task: {A4FA49F8-A95B-4428-8A15-F215A529B8D3} - System32\Tasks\{26132223-C163-4CDE-9B1F-9AD84C60600D} => C:\Program Files\Steam\Steam.exe [2014-10-21] (Valve Corporation)
Task: {D40D5A6F-147A-4097-B32A-89438F14A22D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {D54A811E-A9A1-497F-87FD-C83E0EFA3B96} - System32\Tasks\{D1F608A3-2846-419C-B88E-12A74BA4FFB9} => C:\AeriaGames\ScarletBlade\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {D8E75EE5-1A23-4361-96F4-38AC798E89A6} - System32\Tasks\{7D7822AA-2017-4681-83C6-955B32558955} => C:\Program Files\BlueStacks\HD-StartLauncher.exe [2014-03-13] (BlueStack Systems, Inc.) <==== ATTENTION
Task: {E66464F2-FFA2-42F5-B949-915B8F393368} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-17] (Google Inc.)
Task: {FAF1AE4A-005E-4D2A-920D-D8212DD59D24} - System32\Tasks\{CF16E835-9C48-4BEF-A175-736AACB7201F} => C:\BrickForce\BfLauncher.exe [2013-09-05] ()
Task: {FD760EE1-BD69-475B-8CCE-FF11477D8568} - System32\Tasks\{BEA2C866-1A32-4F7E-9002-D97B178D2F1F} => C:\BrickForce\BfLauncher.exe [2013-09-05] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AllmyappsUpdateTask.job => C:\Users\Medion\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-14 20:58 - 2013-01-16 02:50 - 00039424 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2014-05-14 20:58 - 2013-04-02 05:25 - 00543744 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2014-05-14 20:58 - 2013-01-16 02:55 - 00049152 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2014-05-14 20:58 - 2012-12-18 21:04 - 01098240 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-05-14 20:58 - 2013-01-16 02:50 - 00016896 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2014-05-14 20:51 - 2013-07-23 16:28 - 00179872 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-24 10:31 - 2014-03-24 10:31 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-08-06 12:41 - 2014-08-06 12:41 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 10:34 - 2014-03-24 10:34 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 10:36 - 2014-03-24 10:36 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-10-17 16:29 - 2014-10-17 16:29 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-05-05 16:57 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-15 16:59 - 2013-12-18 14:33 - 00047784 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2014-08-13 12:30 - 2013-08-29 08:58 - 00882584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\WLMailApiCore.dll
2014-08-06 12:42 - 2014-08-06 12:42 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-10-26 20:08 - 2014-10-26 20:08 - 00098816 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32api.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00110080 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\pywintypes27.dll
2014-10-26 20:08 - 2014-10-26 20:08 - 00364544 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\pythoncom27.dll
2014-10-26 20:08 - 2014-10-26 20:08 - 00045568 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_socket.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 01160704 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_ssl.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00320512 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32com.shell.shell.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00713216 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_hashlib.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 01175040 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._core_.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00805888 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._gdi_.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00811008 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._windows_.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 01062400 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._controls_.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00735232 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._misc_.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00128512 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_elementtree.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00127488 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\pyexpat.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00557056 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\pysqlite2._sqlite.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00007168 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\hashobjs_ext.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00087552 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_ctypes.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00119808 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32file.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00108544 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32security.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00018432 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32event.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00038912 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32inet.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00070656 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._html2.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00167936 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32gui.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00011264 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32crypt.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00027136 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\_multiprocessing.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00686080 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\unicodedata.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00122368 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._wizard.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00010240 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\select.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00024064 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32pipe.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00025600 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32pdh.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00525640 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\windows._lib_cacheinvalidation.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00035840 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32process.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00017408 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32profile.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00022528 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\win32ts.pyd
2014-10-26 20:08 - 2014-10-26 20:08 - 00078336 _____ () C:\Users\Miriam II\AppData\Local\temp\_MEI48162\wx._animate.pyd
2013-07-27 13:53 - 2013-07-15 18:29 - 00620718 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-05-14 20:51 - 2013-07-23 16:28 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll
2014-05-14 20:51 - 2013-07-23 16:28 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll
2014-10-26 20:47 - 2014-10-11 13:53 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-09-11 21:18 - 2014-09-11 21:18 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: HotkeyApp => "C:\Program Files\Launch Manager\HotkeyApp.exe"
MSCONFIG\startupreg: LMgrVolOSD => "C:\Program Files\Launch Manager\OSD.exe"
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Floating Tools => "C:\Program Files\SMART Technologies\Education Software\FloatingTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART Tray Tools => "C:\Program Files\SMART Technologies\Education Software\SMARTTrayIcon.exe"
MSCONFIG\startupreg: SMARTNotification => "C:\Program Files\SMART Technologies\Education Software\SMARTNotification.exe"
MSCONFIG\startupreg: Wbutton => "C:\Program Files\Launch Manager\Wbutton.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-634998973-2183486359-2024787897-500 - Administrator - Disabled)
Finn (S-1-5-21-634998973-2183486359-2024787897-1003 - Limited - Enabled) => C:\Users\Finn.Medion-PC
Gast (S-1-5-21-634998973-2183486359-2024787897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-634998973-2183486359-2024787897-1002 - Limited - Enabled)
Medion (S-1-5-21-634998973-2183486359-2024787897-1000 - Administrator - Enabled) => C:\Users\Medion
Miriam II (S-1-5-21-634998973-2183486359-2024787897-1004 - Limited - Enabled) => C:\Users\Miriam II

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx86
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2014 08:34:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8b881f2b-3d4b-4a0f-80e9-c2b5b65ae771}

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/26/2014 07:58:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5554

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5554

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2014 09:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4462

Error: (10/25/2014 09:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4462


System errors:
=============
Error: (10/26/2014 07:58:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/25/2014 03:29:48 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.4
registriert werden. Der Computer mit IP-Adresse 192.168.1.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (10/25/2014 03:29:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/25/2014 03:29:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎10.‎2014 um 16:27:40 unerwartet heruntergefahren.

Error: (10/25/2014 02:13:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/25/2014 02:12:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Secunia PSI Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/25/2014 02:12:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Secunia PSI Agent erreicht.

Error: (10/25/2014 02:11:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎10.‎2014 um 15:10:52 unerwartet heruntergefahren.

Error: (10/25/2014 09:17:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/24/2014 09:54:58 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "MEDION-PC" auf Transport "NetBT_Tcpip_{1246FD9E-6FC8-4FDD-A385-0B". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.


Microsoft Office Sessions:
=========================
Error: (10/26/2014 08:34:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8b881f2b-3d4b-4a0f-80e9-c2b5b65ae771}

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (10/26/2014 08:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (10/26/2014 07:58:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5554

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5554

Error: (10/25/2014 09:47:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2014 09:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4462

Error: (10/25/2014 09:47:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4462


CodeIntegrity Errors:
===================================
  Date: 2013-07-08 01:02:14.997
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:14.717
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:14.447
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:14.177
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:13.907
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:13.637
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:13.367
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:02:13.097
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:00:30.441
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-08 01:00:30.181
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 3004.87 MB
Available physical RAM: 1481.88 MB
Total Pagefile: 6008.03 MB
Available Pagefile: 4148.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.28 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:266.99 GB) (Free:97.4 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:22.44 GB) NTFS
Drive g: () (Removable) (Total:27.49 GB) (Free:26.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6256C65D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=267 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: DBAE3FA1)
Partition 1: (Not Active) - (Size=27.5 GB) - (Type=0C)

==================== End Of Log ============================
         
Gruß Mika

Alt 27.10.2014, 18:21   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Kannste mir davon mal einen Screenshot machen bitte?
__________________

__________________

Alt 29.10.2014, 19:54   #18
Mika_80
 
Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Hi Schrauber,
tut mir leid, dass ich mich erst jetzt melde. Hier der Screenshot. Sieht aber genauso aus, wie die vorherigen. Tritt aber tatsächlich nur auf, wenn ich eure Seite öffne und mich in eurem Forum bewege.
LG
Mika
__________________
Angehängte Grafiken
Dateityp: jpg neuer screenshot.jpg (108,9 KB, 153x aufgerufen)

Alt 30.10.2014, 16:03   #19
schrauber
/// the machine
/// TB-Ausbilder
 

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Ich hab keinen Schimmer was Trend Micro da für einen Stress hat. Kannst Du bitte mal dazu den Support von Trend Micro anschreiben?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2014, 20:31   #20
Mika_80
 
Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Hi Schrauber, ich habe es noch nicht geschafft, den Support dazu zu befragen, habe aber jetzt No Script installiert, jetzt tritt das Trend Micro Problem nicht mehr auf. Reicht das so nicht aus oder soll ich immer noch den Support informieren?
Gruß
Mika


Alt 04.11.2014, 10:58   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Standard

Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)



Ich würd zur Sicherheit auf jeden Fall mal nachfragen.
__________________
--> Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)

Antwort

Themen zu Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)
conduit.search, conduit.search entfernen, datei anhängen, fehlercode 22, funmoods entfernen, installer entfernen, mypc backup entfernen, newplayer entfernen, pricesparrow entfernen, pup.funmoods, securita scout entfernen, sweetpage entfernen, the sea app entfernen, this device is disabled. (code 22), win32/bearshare.a, win32/downloadsponsor.a, win32/installcore.bn, win32/installcore.by, win32/packed.vmdetector.i, win32/systweak.d, win32/toolbar.crossrider.aw, win32/toolbar.inbox.f, win32/toolbar.linkury.d, win32/toolbar.searchsuite.q, win32/winloadsda.d, yahoo community smartbar entfernen



Ähnliche Themen: Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)


  1. Link Klick öffnet zunächst eine Link Fremde Seite " Casino Werbung " " Siele Werbung " "Erotik Seiten " oder ähnliches!
    Plagegeister aller Art und deren Bekämpfung - 26.08.2015 (17)
  2. Windows7: Seiten springen auf Werbung um, Seiten nich zu öffnen oder schließen "Tr.Drop.Rotbrow.K.1 " und 8 weitere Viren in Quarantäne"
    Log-Analyse und Auswertung - 21.03.2015 (9)
  3. Überall Werbung... Fenster öffnen sich automatisch mit werbung HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (5)
  4. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  5. Werbung öffnet sich im Browser automatisch - Maleware gefunden
    Log-Analyse und Auswertung - 05.01.2015 (3)
  6. Viel Werbung, Internetseiten öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (10)
  7. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  8. Befall durch die "System Care Antivirus"-Maleware
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (7)
  9. "Funmoods Search" Startseite in Chrome lässt sich nicht entfernen - möglicher Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (9)
  10. "Funmoods Search" Startseite nicht entfernbar - möglicher Virus?
    Plagegeister aller Art und deren Bekämpfung - 01.12.2012 (15)
  11. Befall mit "Programm kann Fenster nicht öffnen..:"-Trojaner: NICHTs geht mehr :(
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (7)
  12. Firefox und IE öffnen automatisch "mediashifting" / Windows-Firewall kann nicht aktiviert werden
    Plagegeister aller Art und deren Bekämpfung - 18.02.2012 (19)
  13. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (9)
  14. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 29.05.2011 (2)
  15. Würmer, Trojaner und Internetseiten die sich automatisch öffnen!
    Plagegeister aller Art und deren Bekämpfung - 22.08.2010 (1)
  16. "Ordentlicher" Befall nach Öffnen eines fremden Sticks. Wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 14.08.2009 (15)
  17. Es öffnen sich durchgehend Internetseiten/werbung
    Plagegeister aller Art und deren Bekämpfung - 01.12.2008 (3)

Zum Thema Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) - Trend Micro meldet sich immer noch :-(. Sonst wechsel ich einfach zu Chrome :-). Hier die FRST log: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery - Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods)...
Archiv
Du betrachtest: Internetseiten mit Werbung öffnen sich automatisch, "Befall" von Maleware hat sprunghaft zugenommen (u.a.: pup.funmoods) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.