Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Webseiten werden umgeleitet, oder sind nicht erreichbar.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 21.01.2015, 10:14   #1
wasserflasch
 
Webseiten werden umgeleitet, oder sind nicht erreichbar. - Standard

Webseiten werden umgeleitet, oder sind nicht erreichbar.



Guten Tag, Trojaner-Board.

Ich glaube ich habe mir irgendwelche Malware eingefangen.

Wenn ich Webseiten wie z.B Facebook oder Twitter aufrufe, sind diese nicht erreichbar, oder ich werde auf Webseiten mit irgendwelcher Werbung umgeleitet.

Könnt ihr mir bitte helfen?


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 06:53 on 21/01/2015 (Simon)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Simon (administrator) on PC on 21-01-2015 06:56:20
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available profiles: Simon)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(CartCrunch Israel Ltd.) C:\ProgramData\SecurityUtility\ColorMedia.exe
() C:\Program Files (x86)\WajaInterEnhance\WajaInterEnhance Internet Enhancer\InternetEnhancerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\WajaInterEnhance\WajaInterEnhance Internet Enhancer\InternetEnhancer.exe
() C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\prog\WTGService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(ArcSoft, Inc.) C:\prog\TMMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(TP-LINK) C:\Program Files (x86)\TP-LINK\TP-LINK 3G Client\3GUtility.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-09-29] (Razer Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-26] (DeviceVM, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2039192 2014-11-24] (APN)
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-07-19] (Google Inc.)
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2015-01-09] (Google Inc.)
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: I - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: J - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: L - L:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {1f2fc975-b18f-11e0-bcb9-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {2450b4b3-e7f8-11e1-85a8-bcaec5990524} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {8583f84e-6413-11e1-b31a-bcaec5990524} - L:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {cf2d1418-b19b-11e0-aa1a-00268310b90d} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {d0127580-b19c-11e0-8b22-bcaec5990524} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {f029b84e-34d2-11e4-ac93-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\MountPoints2: {f029b896-34d2-11e4-ac93-bcaec5990524} - E:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\prog\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinNC Launch Einzellizenz (Programmierplatz).lnk
ShortcutTarget: WinNC Launch Einzellizenz (Programmierplatz).lnk -> C:\WinNC32\BIN\emlaunch.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53264;https=127.0.0.1:53264
ProxyEnable: [S-1-5-21-4072167893-140751595-47728257-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4072167893-140751595-47728257-1000] => http=127.0.0.1:53264;https=127.0.0.1:53264
HKU\S-1-5-21-4072167893-140751595-47728257-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050&SSPV=
HKU\S-1-5-21-4072167893-140751595-47728257-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKU\S-1-5-21-4072167893-140751595-47728257-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-4072167893-140751595-47728257-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-4072167893-140751595-47728257-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-4072167893-140751595-47728257-1000 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> {5EFFA992-71AD-4f52-A04B-9DE021C38107} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> {EF8DCFEA-88B5-44a5-AA86-8C39FABB63C4} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Savings Sidekick -> {11111111-1111-1111-1111-110011501160} -> C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: mySecureSurfer -> {52EA1989-D16E-4560-9021-F0AD247DE4D1} -> C:\Users\Simon\AppData\LocalLow\mySecureSurfer\IE\mySecureSurfer.dll (Soft-Ware International Ltd.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: SpecialSavings -> {74F475FA-6C75-43BD-AAB9-ECDA6184F600} -> C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4072167893-140751595-47728257-1000 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{D030C0E7-93C5-4CA5-A2C2-6F7F199479F4}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=MD6CFBE48-CE53-4090-A2D3-ABBA9505599C&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPD2F932D9-F0A8-4717-9E68-79563F0899B8
FF DefaultSearchEngine: DVDVideoSoftTB Customized Web Search
FF SearchEngineOrder.1: appbario8 Customized Web Search
FF SelectedSearchEngine: DVDVideoSoftTB Customized Web Search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=MD6CFBE48-CE53-4090-A2D3-ABBA9505599C&SearchSource=55&CUI=&UM=8&UP=SPD2F932D9-F0A8-4717-9E68-79563F0899B8&SSPV=
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4072167893-140751595-47728257-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\user.js
FF SearchPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\searchplugins\dvdvideosofttb-customized-web-search-1.xml
FF SearchPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\searchplugins\dvdvideosofttb-customized-web-search-2.xml
FF SearchPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\searchplugins\dvdvideosofttb-customized-web-search.xml
FF Extension: Savings Sidekick - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\crossriderapp5060@crossrider.com [2012-11-20]
FF Extension: SpecialSavings - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\specialsavings@superfish.com [2012-08-19]
FF Extension: PriceGong - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-02-20]
FF Extension: mySecureSurfer - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\{d64e478d-4dee-4bfb-afe4-30b84e6a3157} [2015-01-19]
FF Extension: DivX Web Player - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-10-02]
FF Extension: Yontoo - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\plugin@yontoo.com.xpi [2013-02-21]
FF Extension: Research Word - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\researchword@scott.xpi [2014-01-05]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Adblock Plus - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\x9g3ccbs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-28]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-12-26]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-12-26]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-10]
FF HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles/x9g3ccbs.default\extensions\specialsavings@superfish.com
FF Extension: SpecialSavings - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles/x9g3ccbs.default\extensions\specialsavings@superfish.com [2012-08-19]
FF HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\PC Performer Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2014-12-29]
CHR Extension: (Google Docs) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-04]
CHR Extension: (Google Drive) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (PriceGong) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2013-10-04]
CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-04]
CHR Extension: (Google-Suche) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-10-11]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Google Mail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-04]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-11-24]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-11-24]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Simon\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Simon\AppData\Local\Temp\YontooLayers.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-11-24] (APN LLC.)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 ColorMedia; C:\ProgramData\SecurityUtility\ColorMedia.exe [1398304 2015-01-07] (CartCrunch Israel Ltd.) [File not signed]
R2 Internet Enhancer Service; C:\Program Files (x86)\WajaInterEnhance\WajaInterEnhance Internet Enhancer\InternetEnhancerService.exe [463872 2015-01-14] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe [539648 2015-01-19] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\prog\WTGService.exe [312784 2009-10-12] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbilisT; C:\Windows\System32\Drivers\AbilisBdaTuner.sys [121224 2009-02-03] (ABILIS Systems)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2011-07-23] ()
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2011-07-19] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\SysWOW64\DRIVERS\ewusbdev.sys [114560 2011-07-19] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-11] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-07-21] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-05] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc)
S3 tpfiltdev; C:\Windows\System32\DRIVERS\tpfiltdev.sys [7424 2012-02-08] ()
S3 tpfiltdev; C:\Windows\SysWOW64\DRIVERS\tpfiltdev.sys [7424 2012-02-08] ()
R3 tpusbnet; C:\Windows\System32\DRIVERS\tpusbnet.sys [154112 2011-12-08] (QUALCOMM Incorporated)
R3 tpusbser; C:\Windows\System32\DRIVERS\tpusbser.sys [123648 2011-12-08] (QUALCOMM Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 06:56 - 2015-01-21 06:57 - 00033087 _____ () C:\Users\Simon\Desktop\FRST.txt
2015-01-21 06:56 - 2015-01-21 06:56 - 00000000 ____D () C:\FRST
2015-01-21 06:55 - 2015-01-21 06:55 - 02126848 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2015-01-21 06:53 - 2015-01-21 06:53 - 00000472 _____ () C:\Users\Simon\Desktop\defogger_disable.log
2015-01-21 06:53 - 2015-01-21 06:53 - 00000000 _____ () C:\Users\Simon\defogger_reenable
2015-01-21 06:52 - 2015-01-21 06:52 - 00050477 _____ () C:\Users\Simon\Desktop\Defogger.exe
2015-01-21 06:34 - 2015-01-21 06:34 - 00000000 ____D () C:\Users\Simon\Documents\Simply Super Software
2015-01-20 21:21 - 2015-01-20 21:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TrojanHunter
2015-01-20 21:14 - 2015-01-20 21:14 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2015-01-20 20:30 - 2015-01-21 06:33 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-20 20:30 - 2015-01-20 20:30 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-19 15:21 - 2015-01-19 15:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixCreations
2015-01-19 15:21 - 2015-01-19 15:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\dlg
2015-01-19 15:21 - 2015-01-19 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PixCreations
2015-01-19 15:21 - 2015-01-19 15:21 - 00000000 ____D () C:\Program Files (x86)\PixCreations
2015-01-19 15:02 - 2015-01-21 06:45 - 00005248 _____ () C:\Windows\SysWOW64\ColorMedia.ini
2015-01-19 15:02 - 2015-01-21 06:45 - 00002848 _____ () C:\Windows\SysWOW64\ColorMediaOff.ini
2015-01-19 15:02 - 2015-01-21 06:45 - 00002848 _____ () C:\Windows\system32\ColorMediaOff.ini
2015-01-19 15:02 - 2015-01-19 15:02 - 00000000 ____D () C:\ProgramData\SecurityUtilityData
2015-01-19 15:02 - 2015-01-19 15:02 - 00000000 ____D () C:\ProgramData\SecurityUtility
2015-01-19 15:02 - 2015-01-07 20:54 - 00370688 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia64.dll
2015-01-19 15:02 - 2015-01-07 20:54 - 00324776 _____ (CartCrunch Israel Ltd.) C:\Windows\SysWOW64\ColorMedia.dll
2015-01-19 15:01 - 2015-01-20 16:53 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-01-19 15:01 - 2015-01-19 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInterEnhance
2015-01-19 15:01 - 2015-01-19 15:01 - 00000000 ____D () C:\Program Files (x86)\WajaInterEnhance
2015-01-18 19:44 - 2015-01-18 19:44 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2015-01-18 19:44 - 2015-01-18 19:44 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Abelssoft
2015-01-18 19:44 - 2015-01-18 19:44 - 00000000 ____D () C:\Users\Simon\AppData\Local\Abelssoft
2015-01-18 19:44 - 2015-01-18 19:44 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2015-01-18 19:43 - 2015-01-18 19:43 - 00000000 ____D () C:\Users\Simon\IsoBuster_0.99.9
2015-01-18 19:43 - 2015-01-18 19:43 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\DesktopIconGoodgame
2015-01-18 19:03 - 2015-01-18 19:03 - 00000000 ____D () C:\Program Files\offic
2015-01-18 18:54 - 2015-01-18 19:42 - 00000000 ____D () C:\Program Files (x86)\Smart Projects
2015-01-13 21:18 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 21:18 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 21:18 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 21:18 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 21:18 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 21:18 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 21:18 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 21:18 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 21:18 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 21:18 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 21:18 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 21:18 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 21:18 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-05 01:15 - 2015-01-05 01:16 - 00000000 ____D () C:\Program Files (x86)\HDPlayer
2015-01-05 01:15 - 2015-01-05 01:15 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer
2015-01-01 18:08 - 2015-01-01 18:08 - 00000000 ____D () C:\Users\Simon\AppData\Local\cache
2015-01-01 17:11 - 2015-01-01 17:11 - 00000203 _____ () C:\Users\Simon\Documents\debug.log
2015-01-01 16:48 - 2015-01-01 16:48 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-01 16:44 - 2015-01-01 16:44 - 00002039 _____ () C:\Users\Public\Desktop\Autodesk ReCap.lnk
2015-01-01 16:44 - 2015-01-01 16:44 - 00000000 ____D () C:\ProgramData\FARO
2015-01-01 16:43 - 2015-01-01 16:43 - 00002003 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk
2015-01-01 16:43 - 2015-01-01 16:43 - 00000000 ____D () C:\Users\Simon\Documents\Inventor Server SDK ACAD 2014
2015-01-01 16:41 - 2015-01-01 16:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Autodesk
2015-01-01 16:41 - 2015-01-01 16:41 - 00002100 _____ () C:\Users\Public\Desktop\AutoCAD 2014 - Deutsch (German).lnk
2015-01-01 16:41 - 2015-01-01 16:41 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-01-01 16:40 - 2015-01-01 17:04 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2015-01-01 16:40 - 2015-01-01 16:44 - 00000000 ____D () C:\Program Files\Autodesk
2015-01-01 16:40 - 2015-01-01 16:42 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-01-01 16:38 - 2015-01-01 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-01-01 16:38 - 2015-01-01 16:38 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-01-01 16:35 - 2015-01-01 18:08 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Autodesk
2015-01-01 16:35 - 2015-01-01 18:08 - 00000000 ____D () C:\ProgramData\Autodesk
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieBrowserModeList
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\AskPartnerNetwork
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-12-29 16:43 - 2014-12-29 16:43 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-12-29 16:41 - 2014-12-29 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-29 16:41 - 2014-12-29 16:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 16:40 - 2014-12-29 16:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-26 12:04 - 2015-01-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 06:53 - 2011-07-19 00:50 - 00000000 ____D () C:\Users\Simon
2015-01-21 06:52 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 06:52 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 06:51 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 06:51 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 06:51 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 06:48 - 2012-09-01 15:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-21 06:48 - 2011-07-18 23:49 - 02069008 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 06:46 - 2012-05-01 17:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 06:45 - 2014-10-10 22:21 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-21 06:45 - 2011-07-19 01:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 06:44 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 06:44 - 2009-07-14 05:51 - 00326837 _____ () C:\Windows\setupact.log
2015-01-21 06:36 - 2013-10-27 10:31 - 00000000 ____D () C:\Users\Simon\Schule
2015-01-21 06:32 - 2011-07-19 01:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 22:58 - 2010-11-21 04:47 - 00754774 _____ () C:\Windows\PFRO.log
2015-01-20 22:54 - 2011-12-28 02:50 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 22:27 - 2013-08-01 13:51 - 00000000 ____D () C:\Users\Simon\AppData\Local\HP
2015-01-20 22:27 - 2013-04-06 20:08 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-20 22:27 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-20 22:23 - 2014-09-02 06:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\Battle.net
2015-01-20 22:17 - 2014-09-02 06:43 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-20 20:58 - 2013-05-17 21:52 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2015-01-20 20:33 - 2012-12-28 03:18 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2015-01-20 16:53 - 2012-04-11 03:46 - 00000000 ____D () C:\Program Files (x86)\Conduit
2015-01-20 16:23 - 2012-05-03 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-19 15:22 - 2012-08-19 15:44 - 00000000 _____ () C:\END
2015-01-19 07:04 - 2013-05-18 01:59 - 00102952 _____ () C:\Users\Simon\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-19 07:02 - 2009-07-14 05:45 - 00390520 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 21:32 - 2013-10-04 06:44 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-13 23:19 - 2013-08-02 16:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:16 - 2011-07-19 01:43 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:46 - 2012-05-01 17:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 22:46 - 2012-05-01 17:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 22:46 - 2011-07-19 01:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-01 16:37 - 2011-07-22 15:24 - 00359830 _____ () C:\Windows\DirectX.log
2014-12-29 23:23 - 2014-03-05 22:11 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-12-29 16:40 - 2014-03-02 13:53 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 07:49

==================== End Of Log ============================
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Simon at 2015-01-21 06:57:13
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DataManager (HKLM-x32\...\3DataManager) (Version: 2.2 - 3DataManager) <==== ATTENTION!
Abilis Systems WinXP64 Vista64 BDA driver (x64) 1.3.1.6370 (HKLM\...\{31415CE5-9526-4450-9433-DF8667D2C7F3}) (Version: 1.3.1.6370 - Abilis Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version:  - ArcSoft)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Blender (HKLM\...\Blender) (Version: 2.70 - Blender Foundation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Browser Configuration Utility (HKLM-x32\...\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}) (Version: 1.0.10.0 - DeviceVM Inc.) <==== ATTENTION
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.8.5.1 - DVDVideoSoftTB)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
GameRanger (HKU\S-1-5-21-4072167893-140751595-47728257-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDPlayer (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - HDPlayer) <==== ATTENTION
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Legends of Pegasus (HKLM-x32\...\Steam App 205590) (Version:  - )
LibreOffice 3.5 (HKLM-x32\...\{09D72100-CAC9-42BF-AD52-47F784C92DB6}) (Version: 3.5.2.202 - The Document Foundation)
marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Pandora - First Contact (HKLM-x32\...\Pandora - First Contact1.1.2) (Version: 1.1.2 - Slitherine)
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 1.00.0000 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22533 - Razer Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Savings Sidekick (HKLM-x32\...\Savings Sidekick) (Version: 1.20.150.150 - 215 Apps)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1500}) (Version: 12.21.0.114 - APN, LLC) <==== ATTENTION
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: 1.0.0.1936 - )
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version:  - ) <==== ATTENTION
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Starpoint Gemini Gold Version 1.013 (HKLM-x32\...\{BE885917-A3C1-458F-AF3A-8AFF9FC2792C}_is1) (Version: 1.013 - Iceberg Interactive)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{F76D4E7F-4AC6-48DC-9ABB-E9769DD24977}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TP-LINK 3G Client (HKLM-x32\...\{3B9617DC-074C-44A6-A906-FC4CFA954404}) (Version: 1.0 - TP-LINK)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
Warlock 2: the Exiled (HKLM-x32\...\Steam App 205990) (Version:  - Ino-Co Plus)
WinNC-Sie840d (HKLM-x32\...\{E54D59F5-B350-4E20-9AEC-E77C1E05B8AF}) (Version: 21.06.0001 - EMCO Maier Ges.m.b.H.)
XCom Long War EW Mod version Beta 14i (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: Beta 14i - JohnnyLump)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4072167893-140751595-47728257-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4072167893-140751595-47728257-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4072167893-140751595-47728257-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4072167893-140751595-47728257-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4072167893-140751595-47728257-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)

==================== Restore Points  =========================

01-01-2015 16:37:13 DirectX wurde installiert
10-01-2015 15:08:38 Geplanter Prüfpunkt
13-01-2015 23:15:51 Windows Update
20-01-2015 16:51:13 Software Removal Tool
20-01-2015 22:26:17 Removed HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät
20-01-2015 22:51:55 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {158DD508-2125-400C-AB80-37C5B2C58E0D} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {3609B8D8-239D-49E9-A03F-F02719387EF1} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {378B621C-9674-4A41-AA5A-C81DDD2C8B60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {3AC7FF90-D6F1-44AC-B51A-F41982476AAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {432D91B8-126F-40B4-AAE4-5687A688DA6A} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {51322703-FD8C-4F77-B59F-ABFFB00EF7B2} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {5AF7FF87-8189-4696-A501-BCBD33E2097E} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {70FD289C-B63B-499E-9DFC-0C8C3A59C70B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {A216175B-5139-413B-A35A-B4460DC6767A} - System32\Tasks\{81A8AC43-FC20-4EAD-912E-EB936202ABE6} => pcalua.exe -a D:\winnc32_27082008\3DViewInst.exe -d D:\winnc32_27082008
Task: {BC022404-BC1E-451F-A5AD-959C21BE5E83} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {D6B7AE08-B2DE-45DC-B862-EDA72D22A312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {E45463B0-8F38-407D-A506-165A07088851} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {FD51CE79-FA95-4A24-9546-6733D276FAFD} - System32\Tasks\{7AA6C713-B288-41C6-8A61-42B36960967C} => pcalua.exe -a D:\winnc32_27082008\SIE840DEVAL.exe -d D:\winnc32_27082008
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-16 01:41 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-14 16:41 - 2015-01-14 16:41 - 00463872 _____ () C:\Program Files (x86)\WajaInterEnhance\WajaInterEnhance Internet Enhancer\InternetEnhancerService.exe
2015-01-14 16:41 - 2015-01-14 16:41 - 00083456 _____ () C:\Program Files (x86)\WajaInterEnhance\WajaInterEnhance Internet Enhancer\InternetEnhancer.exe
2015-01-19 15:02 - 2015-01-19 06:07 - 00539648 _____ () C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
2014-01-28 09:37 - 2014-01-28 09:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2011-07-19 01:18 - 2009-10-12 09:45 - 00312784 ____N () C:\prog\WTGService.exe
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2014-03-06 14:00 - 2014-03-06 14:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-05-23 21:18 - 2010-11-04 10:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2009-06-27 09:11 - 2009-06-27 09:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-10-17 07:41 - 2014-10-17 07:41 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-07-19 01:02 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-01-14 21:32 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-14 21:32 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-14 21:32 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-14 21:32 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4072167893-140751595-47728257-500 - Administrator - Disabled)
Gast (S-1-5-21-4072167893-140751595-47728257-501 - Limited - Disabled)
Simon (S-1-5-21-4072167893-140751595-47728257-1000 - Administrator - Enabled) => C:\Users\Simon

==================== Faulty Device Manager Devices =============

Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 06:45:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 06:41:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 06:28:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 10:59:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 10:27:24 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PC)
Description: Die Anwendung oder der Dienst "WebRegistrationApp" konnte nicht heruntergefahren werden.

Error: (01/20/2015 08:58:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17496, Zeitstempel: 0x546fddcc
Name des fehlerhaften Moduls: ie_virtual_keyboard_plugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x541c3347
Ausnahmecode: 0xc0000005
Fehleroffset: 0x55c78220
ID des fehlerhaften Prozesses: 0x1b98
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (01/20/2015 08:57:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 08:40:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 04:54:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 04:23:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/21/2015 06:44:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/21/2015 06:44:44 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (01/21/2015 06:40:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/21/2015 06:40:51 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (01/21/2015 06:29:14 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "ColorMedia" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/21/2015 06:29:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "ColorMedia" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 200 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/21/2015 06:28:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/21/2015 06:28:10 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (01/20/2015 10:58:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/20/2015 10:58:28 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.


Microsoft Office Sessions:
=========================
Error: (01/21/2015 06:45:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 06:41:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 06:28:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 10:59:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 10:27:24 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PC)
Description: 1C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\hpwebreg.exeWebRegistrationApp0111731320

Error: (01/20/2015 08:58:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccie_virtual_keyboard_plugin.dll_unloaded0.0.0.0541c3347c000000555c782201b9801d034eb6759b155C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEie_virtual_keyboard_plugin.dllaa85e43d-a0de-11e4-bcb8-bcaec5990524

Error: (01/20/2015 08:57:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 08:40:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 04:54:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2015 04:23:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-01-20 20:33:44.473
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:44.380
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:44.302
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:44.224
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:43.335
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:43.241
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:43.163
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:43.085
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:42.173
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-20 20:33:42.095
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Simon\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 54%
Total physical RAM: 4076.16 MB
Available physical RAM: 1848.6 MB
Total Pagefile: 8150.5 MB
Available Pagefile: 5405.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:759.88 GB) NTFS
Drive e: (cdrom) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (STICK) (Removable) (Total:29.93 GB) (Free:29.92 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E9E1348E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.9 GB) - (Type=0C)

==================== End Of Log ============================
         

 

Themen zu Webseiten werden umgeleitet, oder sind nicht erreichbar.
bingbar, browser, ebanking, flash player, google, helper, home, homepage, iexplore.exe, kaspersky, launch, malware, mozilla, mp3, newtab, popup, realtek, registry, scan, security, securityutility, software, stick, svchost.exe, system, usb, vista, werbung, windows, windows xp




Ähnliche Themen: Webseiten werden umgeleitet, oder sind nicht erreichbar.


  1. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 19.08.2015 (11)
  2. Windows 7: Webseiten werden auf Werbung umgeleitet, Chrome startet nicht mehr
    Log-Analyse und Auswertung - 03.06.2015 (3)
  3. Webseiten werden umgeleitet - iStartSurf und mehr
    Log-Analyse und Auswertung - 07.04.2015 (20)
  4. Windows 7 : Webseiten sind von werbe adds besetzt und werden ständig zu pop ups umgeleitet
    Log-Analyse und Auswertung - 31.03.2015 (17)
  5. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 23.01.2015 (17)
  6. Windows 8.1: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 13.01.2015 (8)
  7. Windows 7: es öffnet ständig Werbefenster, Webseiten werden auf Werbung umgeleitet, Wörter sind z.T unterstrichen.
    Log-Analyse und Auswertung - 13.11.2014 (11)
  8. manchmal werden webseiten auf suchseiten umgeleitet + ich bin mir nicht sicher ob ich ein trojaner oder backdoor programm habe
    Plagegeister aller Art und deren Bekämpfung - 09.08.2014 (17)
  9. Windows 8: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 01.08.2014 (5)
  10. Webseiten werden auf Werbung umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (49)
  11. Windows 7: Webseiten werden auf Werbung umgeleitet, Textstellen sind unterstrichen...
    Log-Analyse und Auswertung - 28.04.2014 (17)
  12. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (4)
  13. Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 13.04.2014 (5)
  14. Webseiten nicht erreichbar
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (15)
  15. Bestimmte Webseiten (z.B. chip.de, imdb.com, tumblr.com) sind nicht erreichbar.
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (2)
  16. Verschiedene Webseiten sind nicht erreichbar
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (1)
  17. Links werden umgeleitet, AV Webseiten und Programme funktionieren nicht mehr, Homepage gehackt
    Plagegeister aller Art und deren Bekämpfung - 13.07.2010 (12)

Zum Thema Webseiten werden umgeleitet, oder sind nicht erreichbar. - Guten Tag, Trojaner-Board. Ich glaube ich habe mir irgendwelche Malware eingefangen. Wenn ich Webseiten wie z.B Facebook oder Twitter aufrufe, sind diese nicht erreichbar, oder ich werde auf Webseiten mit - Webseiten werden umgeleitet, oder sind nicht erreichbar....
Archiv
Du betrachtest: Webseiten werden umgeleitet, oder sind nicht erreichbar. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.