Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mein Rechner braucht ewig

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.01.2015, 13:45   #1
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Hallo zusammen

ich glaube das ich mir irgendwo was eingefangen hab, mein rechner braucht ewig um irgendwelche seiten aufzubauen bzw. hängt er sich auch manchmal einfach auf dann.

ich hoffe das mir hier jemand helfen kann


vielen dank im vorraus schon

Alt 25.01.2015, 14:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.01.2015, 14:15   #3
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Hallo danke für deine schnelle antwort
wenn ich das programm runterladen will kommt
Fehler: Verbindung unterbrochen

Die Verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde.

Die Website könnte vorübergehend nicht erreichbar sein, versuchen Sie es bitte später nochmals.
Wenn Sie auch keine andere Website aufrufen können, überprüfen Sie bitte die Netzwerk-/Internetverbindung.
Wenn Ihr Computer oder Netzwerk von einer Firewall oder einem Proxy geschützt wird, stellen Sie bitte sicher, dass Firefox auf das Internet zugreifen darf.

was muss ich machen?


die für 64bit konnte ich runterladen aber die bringt mir ja nix
__________________

Geändert von keksi28 (25.01.2015 um 14:23 Uhr)

Alt 25.01.2015, 15:27   #4
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



so hat doch irgendwann geklappt

nur wie bekomm ich das hier rein?

Geändert von keksi28 (25.01.2015 um 15:38 Uhr)

Alt 25.01.2015, 15:37   #5
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Medion (administrator) on MEDION-PC on 25-01-2015 15:13:21
Running from C:\Users\Medion\Downloads
Loaded Profiles: Medion (Available profiles: Medion)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxczcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-16] (AVAST Software)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Run: [Google Update] => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-22] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCtAzy0B0E0EyD0DtC0AzztN0D0Tzu0SzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtAzy0FtCyC0CtDtG0E0F0B0CtGyDtDzztDtGtBzztAzytGyB0CzytBzzzyyB0EzztAyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0E0E0AzzyByCzytG0EyByC0DtGzzyD0C0BtGyD0EzztAtGyB0D0FtB0EyCtCyByE0AyEyD2Q&cr=465694263&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E23B1C4BD639BEE5&affID=121963&tsp=4985
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {4F039617-AA05-4419-A46D-BB3D43CAE2BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {617388A8-9570-40B9-9E36-4A13F2791695} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCtAzy0B0E0EyD0DtC0AzztN0D0Tzu0SzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtAzy0FtCyC0CtDtG0E0F0B0CtGyDtDzztDtGtBzztAzytGyB0CzytBzzzyyB0EzztAyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0E0E0AzzyByCzytG0EyByC0DtGzzyD0C0BtGyD0EzztAtGyB0D0FtB0EyCtCyByE0AyEyD2Q&cr=465694263&ir=
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default
FF DefaultSearchEngine: V9
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/iggweb3dupdater -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/joyconnectshell -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\user.js
FF SearchPlugin: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\searchplugins\V9.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-11]
FF HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR DefaultSearchKeyword: Default -> v9
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Google-Suche) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (Google Wallet) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-27]
CHR Extension: (Google Mail) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-16]
CHR HKLM\...\Chrome\Extension: [ifhnbninbdeplfbaagcfmfphbacpbnic] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode13\ch\MediaBuzzV1mode13.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [liamjncanoflcnblkbfmbhdcflijepmf] - C:\Program Files\MediaWatchV1\MediaWatchV1home748\ch\MediaWatchV1home748.crx [Not Found]
StartMenuInternet: Google Chrome.4MPJAAHFJIATME5R6ZLQH6C2V4 - C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-16] (AVAST Software)
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-19] (Elex do Brasil Participações Ltda)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [537520 2007-04-19] ( )
R2 MSSQL$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 SQLAgent$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-08-11] (DT Soft Ltd)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-01-19] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83112 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-01-03] (Elex do Brasil Participações Ltda)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-08-05] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Medion\AppData\Local\Temp\ALSysIO.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Medion\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 HWiNFO32; \??\E:\DIAGNOSE\HWiNFO32\HWiNFO32.SYS [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 uxddrv; \??\F:\uxddrv86.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:13 - 2015-01-25 15:14 - 00021297 _____ () C:\Users\Medion\Downloads\FRST.txt
2015-01-25 15:13 - 2015-01-25 15:13 - 00000000 ____D () C:\FRST
2015-01-25 15:12 - 2015-01-25 15:12 - 01120768 _____ (Farbar) C:\Users\Medion\Downloads\FRST.exe
2015-01-25 14:20 - 2015-01-25 14:21 - 02129920 _____ (Farbar) C:\Users\Medion\Downloads\FRST64.exe
2015-01-19 14:26 - 2015-01-19 14:26 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\Elex-tech
2015-01-19 14:26 - 2015-01-19 14:26 - 00000000 ____D () C:\Program Files\Elex-tech
2015-01-19 14:26 - 2015-01-19 12:04 - 00040744 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-01-19 14:26 - 2015-01-03 09:56 - 00044712 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-01-16 13:11 - 2015-01-16 13:11 - 00002009 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-16 13:10 - 2015-01-16 13:10 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-16 13:10 - 2015-01-16 13:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-14 16:28 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:28 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:27 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-12-27 18:35 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:07 - 2011-10-28 19:34 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 15:01 - 2013-01-22 18:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job
2015-01-25 14:58 - 2014-05-10 15:28 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9}.job
2015-01-25 14:47 - 2011-06-21 10:34 - 01631113 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 14:39 - 2012-11-27 12:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 14:14 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 14:14 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 14:01 - 2013-01-22 18:14 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job
2015-01-25 13:35 - 2014-05-20 09:27 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 13:34 - 2013-08-13 14:43 - 00000000 ____D () C:\Program Files\WinZipper
2015-01-25 13:32 - 2011-10-28 19:34 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 13:31 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 13:31 - 2009-07-14 05:39 - 00149053 _____ () C:\Windows\setupact.log
2015-01-25 13:30 - 2010-01-05 10:18 - 00795188 _____ () C:\Windows\PFRO.log
2015-01-25 10:20 - 2011-06-21 10:36 - 00000000 ____D () C:\Users\Medion
2015-01-25 10:19 - 2014-05-18 19:16 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-24 13:32 - 2012-11-27 13:00 - 00000843 _____ () C:\Windows\Lexstat.ini
2015-01-23 16:39 - 2012-11-27 12:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-23 16:39 - 2011-07-24 21:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-22 20:41 - 2012-11-27 13:08 - 00000000 ____D () C:\temp
2015-01-19 13:53 - 2013-08-13 14:43 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\WinZipper
2015-01-19 09:23 - 2014-03-22 16:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-16 13:11 - 2012-03-11 11:23 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-16 13:11 - 2012-03-11 11:23 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-16 13:10 - 2014-05-10 15:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-16 13:10 - 2014-02-20 13:27 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-15 10:11 - 2012-02-22 16:28 - 00000000 ____D () C:\Users\Medion\Documents\WBFS Manager Covers
2015-01-14 21:51 - 2013-08-15 19:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:45 - 2010-01-05 11:07 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 10:36 - 2010-01-05 09:00 - 01806882 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 10:13 - 2014-05-18 17:48 - 00000000 ____D () C:\Users\Medion\Downloads Wii
2015-01-12 10:12 - 2014-08-03 13:51 - 00000000 ____D () C:\Users\Medion\Documents\Stega Security
2015-01-12 10:06 - 2014-08-25 19:08 - 00000000 ____D () C:\Users\Medion\Documents\Firma Hillius
2015-01-06 15:27 - 2012-08-06 20:04 - 00000000 ____D () C:\Users\Medion\Documents\tsg
2015-01-06 04:36 - 2010-01-05 10:57 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 14:40 - 2011-10-09 12:44 - 00000000 ____D () C:\Program Files\CDBurnerXP

==================== Files in the root of some directories =======

2014-05-18 18:25 - 2014-05-18 18:25 - 0000046 _____ () C:\Users\Medion\AppData\Roaming\WB.CFG
2012-02-21 12:02 - 2014-10-28 20:41 - 0000452 _____ () C:\Users\Medion\AppData\Roaming\wklnhst.dat
2013-12-25 10:38 - 2013-12-25 10:47 - 0000791 _____ () C:\Users\Medion\AppData\Local\cookies.ini
2014-11-27 13:53 - 2014-11-27 13:53 - 0003347 _____ () C:\Users\Medion\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\Medion\AppData\Local\temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 13:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Medion at 2015-01-25 15:15:23
Running from C:\Users\Medion\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
AION Free-To-Play (HKLM\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (Version: 2.70.0000 - Gameforge) Hidden
Airline Tycoon Evolution (HKLM\...\{16E43D5F-5296-4D53-B303-9D951AFE510F}) (Version:  - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Battlefield 2: Deluxe (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
BCL easyConverter Desktop 3 (Word Version) (HKLM\...\{8C5845B5-729F-40E3-A945-4454E67F65F4}) (Version: 3.0.18 - BCL Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2128 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Daily Cost Monitor (HKLM\...\{4119CAD7-C607-4FF2-82ED-9B3C1EDB4643}) (Version: 2.0.0.001 - Customer in Focus)
Dance eJay 5 - Deinstallation (HKLM\...\Dance eJay 5) (Version:  - )
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Der Planer 4 1.0 (HKLM\...\{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1) (Version:  - rondomedia Marketing & Vertriebs GmbH)
Der Planer 5 (remove only) (HKLM\...\Der Planer 5) (Version: 1.0.0.33 - rondomedia)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Empire: Total War (HKLM\...\Steam App 10500) (Version:  - The Creative Assembly)
Fahr-Simulator 2012 Version 1.62 (HKLM\...\Fahr-Simulator 2012_is1) (Version: 1.62 - astragon Software GmbH)
Finger-sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.4.2.8 - FSP)
Foxlink Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.51000.202_WHQL - Sonix)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
German Truck Simulator 1.00 (HKLM\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Media Watch (HKLM\...\MediaWatchV1home748) (Version: 1.1 - Media Watch) <==== ATTENTION
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM\...\{901C0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Access Runtime 2010 (HKLM\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM\...\{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.8 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PdfEditor (32bit) (HKLM\...\{D31DAB50-15BD-404E-8CEB-FCEE95F33D59}) (Version: 1.0 - PixelPlanet)
PixelPlanet PdfPrinter 6 (32bit) (HKLM\...\{B8E88489-A304-45F1-9717-242035DE167D}) (Version: 6.03.23 - PixelPlanet)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.40 - Activision, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001C-0000-0000-0000000FF1CE}_Office14.AccessRT_{54846D1D-E5D5-4A28-AA6D-7208259007EA}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Steam(TM) (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Unity Web Player (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
WAV to MP3 (HKLM\...\WAV to MP3) (Version:  - )
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZipper (HKLM\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{316AB005-10AA-4B8D-B7C8-60965DF020A4}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5F387297-4BDB-48CD-8DB0-ACAD1415FABA}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.129\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EED35E4B-2023-4680-A85C-C654515D97B8}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

14-01-2015 21:44:05 Windows Update
16-01-2015 13:09:12 avast! antivirus system restore point
21-01-2015 10:52:53 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2012-10-23 17:06 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D7B4186-45F1-46E7-B186-0CF9DD568067} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {1C0ADE8D-589B-4BDB-AB78-98D9E2F3C44B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {273710B8-5DAB-4CAC-927B-02ED323E1204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {3CBF6DEE-BC4D-431F-B314-ADAF503AE66C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {41D27031-0E5A-43C4-AECC-5B479BA7F845} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {6DC18694-07E3-429C-A9A5-F3C7047637BE} - System32\Tasks\{316B02D3-9092-4485-8295-E639415BF1CF} => pcalua.exe -a E:\Dance5.exe -d E:\
Task: {6E86A0C3-CF84-494C-A428-F5A63BD947C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {6FE04E7B-ACF4-4C4E-9020-7570BCB7165F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D2FA78F-147C-48C1-B3F9-967E161B2F14} - System32\Tasks\{13BB190D-66BB-4285-9D3C-78250CF9E55E} => pcalua.exe -a C:\eJay\Dance5\Dance5.exe -d C:\eJay\Dance5
Task: {8FB650A4-0536-4C53-AC23-147A8E1F2418} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-16] (AVAST Software)
Task: {956F6B63-468B-4F1F-8136-127427222480} - System32\Tasks\4785 => Wscript.exe C:\Users\Medion\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9E66BFCA-65D6-401F-AB01-418BCA487490} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {A215C470-B6E7-457A-9858-AAC8FE28B377} - System32\Tasks\FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9} => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: {A86BF0FE-3A34-441B-A6BF-1D6F93B1A98A} - System32\Tasks\{5478E5FE-158D-46D6-9AF4-B7DB671D88D0} => pcalua.exe -a "C:\Program Files\Steam\bin\steamservice.exe" -d "C:\Program Files\Steam" -c /installscript "C:\Program Files\Steam\steamapps\common\raceroom racing experience\runasadmin.vdf" 211500
Task: {C898D756-EF95-4D13-AAD8-E178AE8E5A2A} - System32\Tasks\{98CF616F-956B-4C6D-8A2E-9E010FB592AB} => pcalua.exe -a C:\Users\Medion\Downloads\mp3gain-win-full-1_3_4.exe -d C:\Users\Medion\Downloads
Task: {F2ACC979-A61A-4B07-B03A-DF0ADF6A06C4} - System32\Tasks\{E53BA3EF-8835-4A71-B437-0F1192D1773B} => pcalua.exe -a C:\Users\Medion\Documents\WindowsPhone.exe -d C:\Users\Medion\Documents
Task: {F5ADFCCF-6DC7-45AF-8441-1DFFCFD92680} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-19 14:26 - 2015-01-19 12:00 - 00065696 _____ () C:\Program Files\Elex-tech\YAC\zlib1.dll
2015-01-25 14:13 - 2015-01-25 14:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012500\algo.dll
2013-08-13 14:43 - 2013-08-13 14:43 - 00612520 _____ () C:\Program Files\WinZipper\sqlite3.dll
2006-03-07 12:59 - 2006-03-07 12:59 - 00061440 _____ () C:\Windows\system32\lxczcnv6.dll
2015-01-19 14:26 - 2015-01-19 12:00 - 00185656 _____ () C:\Program Files\Elex-tech\YAC\libpng.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-01-16 13:10 - 2015-01-16 13:10 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 01117512 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 00211272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 09171272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CLPSLS => 2
MSCONFIG\Services: cmdagent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk => C:\Windows\pss\Biet-O-Matic.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Logitech Vid => "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Program Files\MyDrive Connect\MyDriveConnect.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: PixelPlanet PdfPrinter-Monitor => "C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: tsnp2uvc => C:\Windows\tsnp2uvc.exe
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-3733337927-542603657-4020581419-500 - Administrator - Disabled)
Gast (S-1-5-21-3733337927-542603657-4020581419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3733337927-542603657-4020581419-1003 - Limited - Enabled)
Medion (S-1-5-21-3733337927-542603657-4020581419-1000 - Administrator - Enabled) => C:\Users\Medion

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HWiNFO32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2015 01:09:07 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9e138b66-e4ca-4768-99e5-08004efac028}

Error: (12/19/2014 03:59:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AT.EXE, Version: 1.0.2.0, Zeitstempel: 0x3d355a17
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052ca9
ID des fehlerhaften Prozesses: 0xf58
Startzeit der fehlerhaften Anwendung: 0xAT.EXE0
Pfad der fehlerhaften Anwendung: AT.EXE1
Pfad des fehlerhaften Moduls: AT.EXE2
Berichtskennung: AT.EXE3

Error: (12/05/2014 05:36:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007881
ID des fehlerhaften Prozesses: 0xca8
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (12/05/2014 03:03:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: QtGui4.dll, Version: 4.5.0.0, Zeitstempel: 0x4a11779a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003f8d0c
ID des fehlerhaften Prozesses: 0xfdc
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (12/04/2014 03:47:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007881
ID des fehlerhaften Prozesses: 0xe6c
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (11/28/2014 04:47:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007881
ID des fehlerhaften Prozesses: 0xff0
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (11/28/2014 01:16:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007881
ID des fehlerhaften Prozesses: 0xc28
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (11/27/2014 02:48:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000077a1
ID des fehlerhaften Prozesses: 0xb44
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (11/27/2014 02:47:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000077a1
ID des fehlerhaften Prozesses: 0x208
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3

Error: (11/27/2014 02:18:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Name des fehlerhaften Moduls: Planer4.exe, Version: 0.0.0.0, Zeitstempel: 0x4b7960d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007881
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xPlaner4.exe0
Pfad der fehlerhaften Anwendung: Planer4.exe1
Pfad des fehlerhaften Moduls: Planer4.exe2
Berichtskennung: Planer4.exe3


System errors:
=============
Error: (01/25/2015 01:31:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/24/2015 00:57:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/23/2015 01:44:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/22/2015 02:18:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/21/2015 10:46:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/19/2015 08:31:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (01/19/2015 07:56:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/19/2015 07:56:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "avast! Antivirus" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/19/2015 07:56:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2015 07:55:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32


Microsoft Office Sessions:
=========================
Error: (01/16/2015 01:09:07 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9e138b66-e4ca-4768-99e5-08004efac028}

Error: (12/19/2014 03:59:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AT.EXE1.0.2.03d355a17ntdll.dll6.1.7601.18247521ea91cc000000500052ca9f5801d01b11234f7bf9C:\Program Files\Monte Cristo\Airline Tycoon Evolution\AT.EXEC:\Windows\SYSTEM32\ntdll.dll192c3fbe-872b-11e4-81f4-001f1639b71f

Error: (12/05/2014 05:36:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c000000500007881ca801d0102fc01998cbC:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exe3f8bf313-7c38-11e4-81f0-001f1639b71f

Error: (12/05/2014 03:03:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3QtGui4.dll4.5.0.04a11779ac0000005003f8d0cfdc01d01016f2e2148aC:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\QtGui4.dllf8113d8f-7c22-11e4-81f0-001f1639b71f

Error: (12/04/2014 03:47:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c000000500007881e6c01d00f4922c15f04C:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exedc2bda54-7b5f-11e4-81ce-001f1639b71f

Error: (11/28/2014 04:47:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c000000500007881ff001d00aa09840701fC:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exe51537aac-76b1-11e4-81c0-001f1639b71f

Error: (11/28/2014 01:16:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c000000500007881c2801d00a97c0d23c77C:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exed1197781-7693-11e4-81c0-001f1639b71f

Error: (11/27/2014 02:48:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c0000005000077a1b4401d009e41c6a2945C:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exe8045cc8f-75d7-11e4-9edd-001f1639b71f

Error: (11/27/2014 02:47:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c0000005000077a120801d009e009be7a30C:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exe5544de5d-75d7-11e4-9edd-001f1639b71f

Error: (11/27/2014 02:18:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Planer4.exe0.0.0.04b7960d3Planer4.exe0.0.0.04b7960d3c00000050000788153401d009c8f58c50d5C:\Program Files\Der Planer 4\Planer4.exeC:\Program Files\Der Planer 4\Planer4.exe4042da76-75d3-11e4-9edd-001f1639b71f


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 3066.88 MB
Available physical RAM: 1713.12 MB
Total Pagefile: 6132.04 MB
Available Pagefile: 4498.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.97 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:434.66 GB) (Free:232.65 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:20.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DB515DCE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=434.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         


Alt 25.01.2015, 18:49   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Media Watch

    WinZipper

    YAC


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Mein Rechner braucht ewig

Alt 25.01.2015, 20:03   #7
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



so hoffe ich hab es richtig gemacht

Code:
ATTFilter
ComboFix 15-01-22.02 - Medion 25.01.2015  19:36:23.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3067.1399 [GMT 1:00]
ausgeführt von:: c:\users\Medion\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 6
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Zugriff verweigert
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files\MediaBuzzV1
c:\program files\MediaWatchV1
c:\programdata\ntuser.pol
c:\windows\system32\Tasks\FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9}
c:\windows\Tasks\FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9}.job
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-25 bis 2015-01-25  ))))))))))))))))))))))))))))))
.
.
2015-01-25 18:54 . 2015-01-25 18:54	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-01-25 18:54 . 2015-01-25 18:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-01-25 18:29 . 2015-01-25 18:29	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE3156A3-BA68-4E90-AFF3-4D532D115EBD}\offreg.dll
2015-01-25 18:17 . 2015-01-25 18:17	--------	d-----w-	c:\program files\VS Revo Group
2015-01-25 14:13 . 2015-01-25 14:17	--------	d-----w-	C:\FRST
2015-01-23 12:50 . 2014-12-02 11:01	9054624	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE3156A3-BA68-4E90-AFF3-4D532D115EBD}\mpengine.dll
2015-01-19 13:26 . 2015-01-19 11:04	40744	----a-w-	c:\windows\system32\drivers\iSafeKrnlBoot.sys
2015-01-19 13:26 . 2015-01-03 08:56	44712	----a-w-	c:\windows\system32\drivers\iSafeNetFilter.sys
2015-01-19 13:26 . 2015-01-19 13:26	--------	d-----w-	c:\users\Medion\AppData\Roaming\Elex-tech
2015-01-19 13:26 . 2015-01-19 13:26	--------	d-----w-	c:\program files\Elex-tech
2015-01-16 12:10 . 2015-01-16 12:10	291352	----a-w-	c:\windows\system32\aswBoot.exe
2015-01-16 12:10 . 2015-01-16 12:10	43152	----a-w-	c:\windows\avastSS.scr
2015-01-14 15:28 . 2014-12-12 05:11	3971512	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-01-14 15:28 . 2014-12-12 05:11	3916728	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-01-14 15:28 . 2014-12-11 17:47	46592	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-01-14 15:28 . 2014-12-19 02:43	164864	----a-w-	c:\windows\system32\profsvc.dll
2015-01-14 15:27 . 2014-12-19 01:34	116224	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-01-14 15:27 . 2014-12-06 03:50	242688	----a-w-	c:\windows\system32\nlasvc.dll
2014-12-27 17:35 . 2014-12-13 03:33	115712	----a-w-	c:\windows\system32\ieUnatt.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 12:35 . 2014-05-20 08:27	107736	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-23 15:39 . 2012-11-27 11:52	701616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-01-23 15:39 . 2011-07-24 20:46	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-16 12:11 . 2012-03-11 10:23	787800	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2015-01-16 12:11 . 2012-03-11 10:23	423784	----a-w-	c:\windows\system32\drivers\aswsp.sys
2015-01-16 12:10 . 2014-05-10 14:33	24184	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-01-16 12:10 . 2014-02-20 12:27	91496	----a-w-	c:\windows\system32\drivers\aswstm.sys
2015-01-16 12:10 . 2013-03-19 16:25	206248	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-01-16 12:10 . 2013-03-19 16:25	49944	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-01-16 12:10 . 2012-03-11 10:23	81768	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-01-16 12:10 . 2012-03-11 10:23	70384	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-01-06 03:36 . 2010-01-05 09:57	249488	------w-	c:\windows\system32\MpSigStub.exe
2014-12-04 04:38 . 2014-12-12 10:21	337920	----a-w-	c:\windows\system32\generaltel.dll
2014-12-04 04:38 . 2014-12-12 10:21	610304	----a-w-	c:\windows\system32\invagent.dll
2014-12-04 04:38 . 2014-12-12 10:21	315392	----a-w-	c:\windows\system32\devinv.dll
2014-12-04 04:38 . 2014-12-12 10:21	728576	----a-w-	c:\windows\system32\appraiser.dll
2014-12-04 04:38 . 2014-12-12 10:21	159744	----a-w-	c:\windows\system32\aepic.dll
2014-12-04 04:38 . 2014-12-12 10:21	202752	----a-w-	c:\windows\system32\aepdu.dll
2014-12-04 04:34 . 2014-12-12 10:21	873984	----a-w-	c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-12 10:21	1160872	----a-w-	c:\windows\system32\aitstatic.exe
2014-11-22 02:20 . 2014-12-12 10:20	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-12 10:21	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-12 10:21	501248	----a-w-	c:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-12 10:20	62464	----a-w-	c:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-12 10:21	47616	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-12 10:20	64000	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-12 10:21	102912	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-12 10:21	620032	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-12 10:21	667648	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-12 10:21	60416	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-12 10:20	4299264	----a-w-	c:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-12 10:20	2052096	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-12 10:20	1155072	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-12 10:21	1888256	----a-w-	c:\windows\system32\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31	1217192	----a-w-	c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-12-12 10:16	1230336	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 08:04	186880	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 08:04	550912	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 01:32 . 2014-12-12 10:21	74752	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45 . 2014-12-12 10:20	2048	----a-w-	c:\windows\system32\tzres.dll
2014-10-30 01:45 . 2014-12-12 10:20	155136	----a-w-	c:\windows\system32\charmap.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-17 17:29	222832	----a-w-	c:\users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-17 17:29	222832	----a-w-	c:\users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-17 17:29	222832	----a-w-	c:\users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-16 12:10	723976	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"lxczbmgr.exe"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2009-04-27 74408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AgentMonitor"="c:\program files\VTech\DownloadManager\System\AgentMonitor.exe" [2013-06-20 391040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-16 5227112]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2014-07-04 191528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk
backup=c:\windows\pss\Biet-O-Matic.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk]
path=c:\users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
backup=c:\windows\pss\Logitech . Produktregistrierung.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-12-19 07:48	1022152	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2009-08-05 21:59	75048	------w-	c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-10-14 11:36	2793304	----a-w-	c:\program files\Logitech\Logitech WebCam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 16:50	4280184	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2014-07-04 10:40	191528	----a-w-	c:\program files\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
2009-04-27 16:50	50472	------w-	c:\program files\CyberLink\PowerDVD9\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PixelPlanet PdfPrinter-Monitor]
2011-11-04 12:45	2233912	----a-w-	c:\program files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
2013-08-17 17:29	257136	----a-w-	c:\users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-15 09:58	20588704	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-05-21 17:39	1775808	----a-w-	c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
2008-08-28 14:03	233472	----a-w-	c:\windows\tsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
2009-09-28 17:31	167008	------w-	c:\program files\CyberLink\YouCam\YouCamTray.exe
.
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;e:\diagnose\HWiNFO32\HWiNFO32.SYS [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 ALSysIO;ALSysIO;c:\users\Medion\AppData\Local\Temp\ALSysIO.sys [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [2012-12-03 78960]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [2012-12-03 18800]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2013-12-26 12400]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [2015-01-19 40744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-04 166912]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 uxddrv;Dynamically loaded UxdDrv;F:\uxddrv86.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
R4 SQLAgent$CIFDCM;SQL Server-Agent (CIFDCM);c:\program files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-01-16 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-01-16 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-11 218688]
S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files\Elex-tech\YAC\iSafeKrnl.sys [2015-01-19 215336]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files\Elex-tech\YAC\iSafeKrnlKit.sys [2015-01-19 83112]
S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files\Elex-tech\YAC\iSafeKrnlMon.sys [2015-01-19 34856]
S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files\Elex-tech\YAC\iSafeKrnlR3.sys [2015-01-19 63400]
S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter.sys [2015-01-03 44712]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/05 12:51];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-08-05 21:58 87536]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-01-16 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-01-16 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-01-16 91496]
S2 iSafeService;YAC Service;c:\program files\Elex-tech\YAC\iSafeSvc.exe [2015-01-19 120128]
S2 MSSQL$CIFDCM;SQL Server (CIFDCM);c:\program files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
S2 winzipersvc;WinZiper service;c:\program files\WinZipper\winzipersvc.exe [2015-01-12 424624]
S3 fspad_wlh32;Finger-sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-06-17 41984]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-08-04 616960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 15:39]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-28 11:56]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-28 11:56]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job
- c:\users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22 17:14]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job
- c:\users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22 17:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: browser.search.selectedEngine - V9
user_pref(extensions.autoDisableScopes,14);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
MSConfigStartUp-Logitech Vid - c:\program files\Logitech\Logitech Vid\vid.exe
MSConfigStartUp-MyDriveConnect - c:\program files\MyDrive Connect\MyDriveConnect.exe
MSConfigStartUp-Sony Ericsson PC Companion - c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
AddRemove-Activeris AntiMalware_is1 - c:\program files\Activeris AntiMalware\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3733337927-542603657-4020581419-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-25  20:00:17
ComboFix-quarantined-files.txt  2015-01-25 19:00
ComboFix2.txt  2012-10-23 16:09
.
Vor Suchlauf: 21 Verzeichnis(se), 256.042.446.848 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 256.495.992.832 Bytes frei
.
- - End Of File - - FA6EBC12149BB6595C89B1FD607C0A63
8A1C59E4DFEF87510470928550466632
         

Alt 26.01.2015, 09:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.01.2015, 10:59   #9
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



hallo schrauber hier die sachen


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.01.2015
Suchlauf-Zeit: 10:00:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.26.04
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Medion

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332412
Verstrichene Zeit: 19 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 10
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [9567ea1148417bbb0ab1c72c3ec44bb5], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [68941cdfacdd2214008d7f74a26030d0], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [2bd1b54695f41620ead22cc761a1e020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Löschen bei Neustart, [2bd1b54695f41620ead22cc761a1e020], 
PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\free_soft_today, In Quarantäne, [08f436c5e1a8b383a419e90f40c460a0], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\supWPM, In Quarantäne, [df1dde1d4049191da035058cdb2819e7], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, In Quarantäne, [ab51c635216891a540947c156f942cd4], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, In Quarantäne, [1be1ad4ec0c9b3839df69ce754af758b], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [17e53bc0c8c147ef3546ceb2ef148d73], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, In Quarantäne, [4bb131cad3b6c670f81711e9ff05926e], 

Registrierungswerte: 3
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files\Mysearchdial\1.8.29.0\, In Quarantäne, [3ac2e3187f0ae45275c8f303a75d19e7]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, tugs, In Quarantäne, [ab51c635216891a540947c156f942cd4]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-3733337927-542603657-4020581419-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, In Quarantäne, [7f7d4dae1d6c9d99ffd71b847a89847c]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 5
PUP.Optional.SoftwareUpdater.A, C:\Users\Medion\AppData\Local\SwvUpdater, In Quarantäne, [28d4cf2ca3e6c96dd2e3e8b1679c4bb5], 
PUP.Optional.SearchProtect.A, C:\Users\Medion\AppData\Local\SearchProtect, In Quarantäne, [1fdd23d820699e98f174a2b45ea5b14f], 
PUP.Optional.SearchProtect.A, C:\Users\Medion\AppData\Local\SearchProtect\Logs, In Quarantäne, [1fdd23d820699e98f174a2b45ea5b14f], 
PUP.Optional.Vbates.A, C:\Program Files\V-bates, In Quarantäne, [54a85f9cc4c54ceac45d67f335cead53], 
PUP.Optional.SupTab.A, C:\Users\Medion\AppData\Roaming\SupTab, In Quarantäne, [9c6073880386f83e6368d18d8b7852ae], 

Dateien: 8
PUP.Optional.Desk365.A, C:\Windows\System32\Tasks\Desk 365 RunAsStdUser, In Quarantäne, [1ddf7d7ed0b91f1707153a4615ee5ca4], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Medion\AppData\Local\SwvUpdater\Updater.xml, In Quarantäne, [28d4cf2ca3e6c96dd2e3e8b1679c4bb5], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Medion\AppData\Local\SwvUpdater\status.cfg, In Quarantäne, [28d4cf2ca3e6c96dd2e3e8b1679c4bb5], 
PUP.Optional.Vbates.A, C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, In Quarantäne, [c53785766722ce68bc0be2b8c241f50b], 
PUP.Optional.Vbates.A, C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage-journal, In Quarantäne, [66962bd0bccd5ed8c3047426e71c8b75], 
PUP.Optional.V9.A, C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\searchplugins\V9.xml, Löschen bei Neustart, [f30935c609802e0826a5f2aeda294bb5], 
PUP.Optional.MindSpark.A, C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, In Quarantäne, [24d800fb3059270f911c06a6768d7e82], 
PUP.Optional.MindSpark.A, C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [39c373887f0acb6b0ca12e7e867d09f7], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 26/01/2015 um 10:29:44
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Medion - MEDION-PC
# Gestartet von : C:\Users\Medion\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : winzipersvc
Dienst Gelöscht : iSafeKrnlMon

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\Mobogenie
Ordner Gelöscht : C:\Program Files\predm
Ordner Gelöscht : C:\Program Files\WinZipper
[!] Ordner Gelöscht : C:\Program Files\Elex-tech
Ordner Gelöscht : C:\Users\Medion\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Medion\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Medion\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\awesomehp
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\SeeSimilar
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\WinZipper
[!] Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\Elex-tech
Ordner Gelöscht : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\6aju918k.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Datei Gelöscht : C:\Windows\system32\drivers\iSafeKrnlBoot.sys
Datei Gelöscht : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\6aju918k.default\user.js
Datei Gelöscht : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\user.js
Datei Gelöscht : C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : Desk 365 RunAsStdUser

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gelöscht : HKLM\SOFTWARE\e4dd8be03dbd49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Schlüssel Gelöscht : HKCU\Software\Blabbers       
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\holasearch LTD
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\TubeSaver
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaWatchV1
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v32.0.3 (x86 de)

[6aju918k.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
[pw9zsjhd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "ir_14_20_ch");
[pw9zsjhd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutC0CyE0B0DyCtAzy0B0E0EyD0DtC0AzztN0D0Tzu0SzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtAzy0FtCyC0CtDtG0E0F0B0[...]
[pw9zsjhd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.cr", "465694263");
[pw9zsjhd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");

-\\ Google Chrome v

[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==
[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==

-\\ Chromium v

[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==
[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==

-\\ Opera v0.0.0.0

[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==
[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==

*************************

AdwCleaner[R0].txt - [8456 octets] - [23/08/2013 13:40:46]
AdwCleaner[R1].txt - [38587 octets] - [15/03/2014 23:53:49]
AdwCleaner[R2].txt - [12542 octets] - [26/01/2015 10:27:10]
AdwCleaner[S0].txt - [6199 octets] - [23/08/2013 13:41:18]
AdwCleaner[S1].txt - [13256 octets] - [26/01/2015 10:29:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [13317 octets] ##########
         

Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 26/01/2015 um 10:27:10
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Medion - MEDION-PC
# Gestartet von : C:\Users\Medion\Downloads\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : iSafeKrnl
Dienst Gefunden : iSafeKrnlBoot
Dienst Gefunden : iSafeKrnlKit
Dienst Gefunden : iSafeKrnlR3
Dienst Gefunden : iSafeNetFilter
Dienst Gefunden : iSafeService
Dienst Gefunden : winzipersvc
Dienst Gefunden : iSafeKrnlMon

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Datei Gefunden : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\6aju918k.default\user.js
Datei Gefunden : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\user.js
Datei Gefunden : C:\Windows\system32\drivers\iSafeKrnlBoot.sys
Ordner Gefunden : C:\Program Files\Elex-tech
Ordner Gefunden : C:\Program Files\Mobogenie
Ordner Gefunden : C:\Program Files\predm
Ordner Gefunden : C:\Program Files\WinZipper
Ordner Gefunden : C:\ProgramData\simplitec
Ordner Gefunden : C:\ProgramData\WPM
Ordner Gefunden : C:\Users\Medion\AppData\Local\DownloadGuide
Ordner Gefunden : C:\Users\Medion\AppData\Local\genienext
Ordner Gefunden : C:\Users\Medion\AppData\Local\Mobogenie
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\Activeris
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\awesomehp
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\Elex-tech
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\6aju918k.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\SeeSimilar
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\simplitec
Ordner Gefunden : C:\Users\Medion\AppData\Roaming\WinZipper

***** [ Tasks ] *****

Task Gefunden : Desk 365 RunAsStdUser

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\TubeSaver
Schlüssel Gefunden : HKCU\Software\Blabbers       
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : HKCU\Software\holasearch LTD
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Schlüssel Gefunden : HKCU\Software\Mozilla\Extends
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\V9
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\e4dd8be03dbd49
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\MediaWatchV1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\SOFTWARE\Taronja
Schlüssel Gefunden : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\V9
Schlüssel Gefunden : HKLM\SOFTWARE\winzipersvc
Schlüssel Gefunden : HKLM\SOFTWARE\Wpm
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v32.0.3 (x86 de)

[6aju918k.default] - Zeile gefunden : user_pref("browser.search.selectedEngine", "Mysearchdial");
[pw9zsjhd.default] - Zeile gefunden : user_pref("extensions.irmysearch.aflt", "ir_14_20_ch");
[pw9zsjhd.default] - Zeile gefunden : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutC0CyE0B0DyCtAzy0B0E0EyD0DtC0AzztN0D0Tzu0SzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtAzy0FtCyC0CtDtG0E0F0B0[...]
[pw9zsjhd.default] - Zeile gefunden : user_pref("extensions.irmysearch.cr", "465694263");
[pw9zsjhd.default] - Zeile gefunden : user_pref("extensions.irmysearch.instlRef", "140305_a");

-\\ Google Chrome v

[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==
[C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}&ref=d3d3LnY5LmNvbQ==

-\\ Chromium v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [8456 octets] - [23/08/2013 13:40:46]
AdwCleaner[R1].txt - [38587 octets] - [15/03/2014 23:53:49]
AdwCleaner[R2].txt - [12340 octets] - [26/01/2015 10:27:10]
AdwCleaner[S0].txt - [6199 octets] - [23/08/2013 13:41:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [12461 octets] ##########
         

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x86
Ran by Medion on 26.01.2015 at 10:37:21,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Failed to stop: [Service] isafekrnl 
Failed to stop: [Service] isafekrnlkit 
Failed to stop: [Service] isafekrnlr3 
Failed to stop: [Service] isafenetfilter 
Failed to stop: [Service] isafeservice 



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webget
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webget
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Medion\AppData\Roaming\elex-tech"
Failed to delete: [Folder] "C:\Program Files\elex-tech"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yac"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0070355C-C128-495D-AC11-3F190E48E80A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{02AFE061-E8A5-48FA-9FED-08BB2064539D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{02DA56F8-25B4-4BEE-960A-9E3567E46065}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{030BFFA7-F985-41F2-B838-C2330C700229}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{03150D7E-637A-49EE-8DCF-59FC45DBBA4A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{035CB8B0-7477-4B9F-A23E-CF05180B4B34}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0397E7AC-6338-4AD7-A1F4-2CA9FB8ABB6D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{03AA392B-498E-46D9-846D-B20B8B384C75}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{04BC5525-E953-402B-915D-410566D68E7B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{04D095A9-2AEE-469E-8E2C-834AAC0388FB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{05884C39-9B34-412E-ADC6-2DE72C7F09CB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{061BD938-568F-497D-BD76-06CBDD913980}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0723360B-336C-410F-96CE-39958C901E05}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{07737C85-62E6-4C3E-B658-64ACF14766FB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0B8E301A-1364-4B7E-8E06-8D7699B5424D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0C20957C-0510-4802-AF27-715E27980413}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0DDA7C00-9AE4-4C77-968F-6195D17116B7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0DEA2AE8-01E0-41FC-B005-F08472883238}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0E25ABB6-EBC0-41DF-8A19-009F2BDD7272}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0F2BE271-797D-4341-8411-B59AF4675C85}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0F421B9A-3CDE-483F-B3E8-B9C041FE96DC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0F839C67-B5E6-4E8E-B08F-2B8080087F4A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{0FEA6C7D-3F7B-4E3F-A2BA-F0AC9360F10C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{108385C8-060F-4BB8-8038-8BD9E6BB3F45}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{10F46F86-7561-42A6-A80B-473A5FAF3811}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{120D68CD-31CC-456A-B0A6-FB6C9742A7F3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{14747CA7-5966-497F-9B72-0D07B657740B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{162B2C6A-710E-4186-BD5B-2B5652D40ADA}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{16414D05-4ABF-40F8-B2BD-992BF7FF62AF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{16EF43C6-A73B-46C6-98BB-57DF18B3B47B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{170E6FCC-4122-42B9-85E3-22522587DEC0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{174EFC7F-FCEC-4E3E-9EE1-8E2A60A9D3C2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{1782A71B-946F-42AC-9C36-3F95326E7F2D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{1824A8F3-D9FF-418E-9752-9AFA1133F599}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{1A2F847F-3A5C-4979-884C-400CD36FECB0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{1B5958D8-8DE0-4707-9488-BD747129E960}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{1F557221-8C1A-4F7C-B5E4-1CF2E8DDE0BE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{21A332B3-FAF9-4FA3-9512-54FA75FDE128}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{22097057-8206-48B1-BF53-5E7181179810}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{22259C0C-11BC-4DD6-B0D4-34E53FFD552A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{22428E13-FADC-4588-BFB3-B467C0D938F1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{236011AF-8976-4E05-A283-9FF73BC7E14C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{24A903D8-BD87-48C9-9BAB-1A79AE835390}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{24E0DAF4-917A-40FA-ABD6-C5BB28E23DD3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{25D4ECFF-B26C-4D4A-8A51-0C52E678B9A4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{26AFA29B-E089-4423-8F02-2403B8B0834D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{274699B2-D959-4EC4-BD2B-6A62F084798F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{277B20B1-B486-41C4-94CB-1936ADD25F6C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{278C80A8-7F6E-41AB-94E5-9DD1D596C48C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{27D6A390-5CD6-4445-B079-EB06933AB86C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2929DF1E-B7F1-4985-92E0-4350DB72875B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2960D02D-8447-4ACC-9E9D-94C6B17F2E6D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2A319419-CB7B-494D-8610-99858B0294D3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2A6437AD-8C88-4042-81DE-293590680CEB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2B8D54EF-A8AE-41CB-8C2D-46C4CBB976F4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2C37E4FA-37D6-4C68-8E66-69107BFFDF86}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2CC86250-CAAD-43B1-8CC4-78690E9DBE46}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2CD79630-68CA-4B8B-978F-E4FBBF75D651}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2CFC7BF8-29E2-47C2-BF87-BC6AF38E4F49}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2E0682DE-5CFE-43F8-B228-BB6849622E06}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2E699D98-AFBC-4052-BBCB-82D8564D01F3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2EB6A3A3-585A-4296-9C21-E07582A886DE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2EC3D7ED-0260-4AA6-A73E-6B58E27C972F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2F0858A8-F571-4550-B034-16DAAE284922}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2F2A17E7-0C74-4C11-B3D4-1B40D2D44347}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{2F61F757-23AE-4C93-8748-D59234C7361C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{32B27D73-C1B0-4ACF-8FA5-A6A5B5680A7A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{33151FB6-C36B-4291-B8AF-3C16AFB42E95}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{3366E55A-C516-4702-AE1D-0155890F910D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{356848BB-8563-4582-8F6B-9051AE46AE61}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{3592AA76-ADFE-45D5-A05C-AC6228CC6AD9}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{35D19619-2541-442D-A96C-29DDF6D52E1A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{37646B0A-62C3-46AC-B7ED-931B34C17647}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{37C1EBC0-3D12-43A9-B901-01122070EC88}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{37DF6742-452E-479D-8F7E-D2317D46D195}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{38160E84-0F1D-4F75-B9B0-4ED2B25AF220}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{38D2477D-A8C0-4FC1-9115-B7DE5A28E479}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{39A08851-F385-4545-833D-745C42C27638}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{39A4C9F9-90FB-4E99-84FE-1245EA5EC256}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{3D9C254E-74F3-45FF-8521-7577DBF1979C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{3FA57B70-11FD-4916-927C-9F27E2DC3E11}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4134FFF0-1BA4-4C02-AB6A-B1BD0DB8C574}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{41776B94-667F-432D-A6E6-8696C1FC082E}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{41C61C1D-9056-47B4-AA66-3166964F96DE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{424205A2-6E5F-43DF-BC5E-36494C1B8631}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{42616DF2-E07D-442C-8B3C-2D72FE6BF2B4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{428175C0-9823-4FB1-A174-00EFABAD66A5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{441CEBB1-D35A-45C0-A2C3-E613B36C0151}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{44BA7288-5396-4088-9F19-17BE2448484D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{459E73C5-33E7-4C55-841E-361C67F2B319}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{45AD07CD-6A45-42F4-B121-35FA57BA7040}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4622C0FA-F6AB-4DF5-92F6-415DDB2A12C7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4874257B-EF8C-433A-BAE2-4CCDFFA120EC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{48A108AD-B5DA-476D-9AA2-26EBF9C3C9E5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4A1353F4-7CE2-4678-83D8-35F69E07CDA0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4BAB8BF2-6576-4912-AC03-45AC196DDD90}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4CFC26D2-93D3-4E94-84B4-926B26727485}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4D8DA67A-BC98-4BC9-AE1F-C9C31F1125CB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4DD32B97-FBC4-4435-975E-10133C6470D1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4EAA460D-E849-4FE6-B770-E9788D12D493}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4EC7062A-4C43-4C1E-B820-47F084E5B6A6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{4FD64988-2909-487B-8931-9882AC1C3830}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{503D0DB2-0D42-4379-8242-97C8D382C577}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5289E743-ABFF-46C2-A4BB-9F4BD7D3DC6A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{52AA5699-47EF-4136-8BE7-411A1BFEA60C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{532A0A4C-CE67-493B-BE47-D079965C9085}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5507249B-1CC4-46FE-B47A-0C370E211847}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5675EFB5-BA68-4F07-A1FB-6FC226095DD0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{56E32B12-0D41-493C-8DEC-13359681A0C8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{56E4CA8A-798B-4B47-B1A0-1FEFEFB8B511}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5704B325-271A-4189-B6FD-C9B9038D7B3B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{574189CD-82FA-4EAA-BCC8-69514AEF6E93}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{57ED9D08-0210-4121-8AE3-FB66EBC94EBE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{588F00AD-3B5A-4244-A209-F9077087D1FD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5974D269-180D-447A-8E13-7D7CEB449B20}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{598DFB7E-C9BB-4591-AB63-7BA1FCE3DCE3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5A1AFA1B-ED39-49D2-91A2-B58BC387D616}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5A4089C4-5F97-439E-9E5F-6B9AC62B4E5B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5A63FEE8-690E-4830-AF5E-9AC2135A0634}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5AA79B3A-23E9-432D-A82C-81C1A4085C11}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5BE730C8-5875-43D0-94DF-6BD67F531D46}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5CAE962A-9E60-4329-8AF9-70467B862E88}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5D246F87-BB57-4D2A-B0D8-5D18EA6EBB87}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5D71F58B-EB95-4E5C-8044-7EC2A68CFBDC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5EAA28C4-D88F-407F-B8BE-6CF45F8840AB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{5F0799A1-5EF2-4999-AF40-931577E7D1E2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{600B545A-420A-43C4-8D84-7B7477C03BA6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{60A92927-6A7D-4E58-AFFD-AF3EDEAE3D65}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6280BE46-CEBA-414F-92E5-7BC37F211A4B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{68D4EB53-B992-4472-AB7B-5999B66D6227}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{68EDE7E8-57B6-45B4-88AB-67CEFA323E89}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{69C12D42-285C-4A97-8AE9-88669DBC1FD4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6B261307-272B-4334-B628-7E34C7CF2AFB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6CF24AFD-3E7D-45C5-B3D2-5D256CED46B6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6D4E7E3C-B302-457A-8E0B-655ADAF97BE4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6DA4FC09-2E76-4DED-9859-3711E404FCB0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6EA92F65-8475-4391-A4DA-CF95A75B2550}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6EDD1A7C-426B-4AF2-AA0C-CB38DDA5009D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6F1A99E3-CFB6-40F4-B7AA-818BAE25CCBB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{6FF182CA-1655-404C-B3EE-B63933765ED1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{70479842-92C9-43E3-849B-480670E0E619}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7093CBA7-3583-4EBA-BC1C-3691F37455E3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{711BB4CA-74BD-47F7-BB0A-0AA30202AADB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{715D4178-8857-487D-9548-4707BF518BC3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{717065E6-20D1-48B0-8C6A-600FE588A638}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{735050AC-DA32-4239-9400-D3877AF81B36}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{73BDE15F-07DD-4CAA-83E2-AE96F9D75EE8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{73F4D9EC-632D-425F-B5BE-A58F529DC36E}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{74B5188F-868F-48C5-B498-E8935F941D53}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{75CE2475-11B7-4448-A3F5-D835A7C8AA25}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{75D24792-8DF2-4113-9EC6-8053C61AF369}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{774AB9B8-A625-48B7-9961-012261A77739}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7A4125EC-493C-4B21-8DEE-80526DC35657}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7A4C3CAD-5C18-46EB-8BCD-FEE69E6D954D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7A8F8847-B7DE-4F10-8281-0770C6ED7494}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7B4CFDE0-282D-48F2-83EB-F114B75BF503}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7B5EE596-FE73-46FD-8F21-25DEA87B5471}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7BA075F7-6473-4E4D-8D12-B08A1EF1122A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7C384EE9-A68B-4F35-A77F-E4A479671EF7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7C605A5F-95E3-4DB9-98C6-FB6FC1AE5AF5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7C95E995-C3EA-41BA-B341-4952FB814A45}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7D591F3D-CD0C-4353-A16C-A93B18F07198}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{7E6DA782-5863-4ED7-8C64-FD5A6A717F16}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{806028CF-9606-45F9-B4B0-D96C7358448C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{817A91E9-44E5-4327-9011-F8A1DF9D55B7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{81A1CECF-B117-49E5-B605-39C321618ABF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{81D0D2EC-4677-47F2-9C4B-8DB539B04209}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8266427F-B018-4DCD-95B3-4E3B2E7CC999}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8297A31A-BFDA-41D1-AC07-66FBAE5C52C6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{832D58B9-BF50-48C2-A3F7-327051A2AF97}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{84853BE2-11D8-4CB8-AE01-3B54CDD15599}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{851A0F16-1410-41FC-9E49-72CA911FE645}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{85807611-7AAA-42DB-88AF-879A06E3B25C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{85F187D6-47A1-4B8B-843C-901E688C9C19}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{875ED2E8-D284-43D5-B986-31F1C3D0E21D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{877BE716-C805-4747-8D54-37BD7D256895}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8866DA97-2770-4CF9-A929-C80506C7EAEE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{89EFF70A-4C7C-4EDA-8897-9AC25D3C7CFD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8A2A5D38-764C-4643-929E-89677282DF5C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8A645FB2-F0DB-4F81-9EFC-766B59B9FC9D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8B55CDEC-70A8-4FAD-9957-F720B354A8ED}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8B6CD62D-9D45-4CA0-9E53-656FDBB9368C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8B9BD42C-148A-465D-A61D-0ED7DCD712CF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8C920E8A-8818-45D6-AFF2-21E2C3D2753A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8EFA8900-78A4-489F-A682-67EFD2BF7FB6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{8F179CB4-95EE-4D17-97AB-0BC7933F23F2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{908255F6-0016-439C-B03F-D8A68F78888B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{9187A131-7807-4BD5-8990-29E329B8287F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{923AF29F-2E62-4838-B135-AF5C593A74EC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{92B4827C-10B5-44F5-8307-4A8A048BB0ED}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{930FC0E3-027E-4E96-B2C2-F98A18BB81BA}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{93F710CE-7AA0-42E8-98FA-5F5F94EC82B7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{96FE62EF-7A82-433D-847C-C94B4972BB30}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{971F3EA5-8CC3-4660-87B5-068146690C0C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{981B8206-EEBE-4C4A-9665-DB77EC73D6DB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{98414EF3-0902-4BB4-AD0F-E5A01D491287}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{99A4DB13-F2B5-46F4-814F-1A754568BBA0}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{99FBB381-BC7D-4AA7-A4F1-E9E308FD00AF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{9A9F09FC-F146-4161-9347-FA8985730A38}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{9B9909DF-2418-4496-9FF7-36DD23CEFFC6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{9BECF4E5-5B78-41F0-97D9-7167CFB657E1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{9CBDDF9C-CCE9-48CA-BF75-047B7196558F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A019F3FF-FB8D-4CF9-B3B5-9A8BDFBA8432}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A04DC07B-9DB3-4B65-A599-BA98F9A43CBD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A0FC5AFC-6E96-4882-B8EE-2CFDB8F3A406}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A103C5D9-7987-4110-99B5-EC9B70828855}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A1174F9E-A355-47E9-9784-C05226C03973}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A2524D9C-5716-4356-8578-6DF208160461}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A2917F0E-2BE9-42C0-B7AC-F773A80F176F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A3518CAA-2C30-49C7-B5AF-D877080008D4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A37B710F-A6AB-4E8E-8986-57EACAC61118}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A629C94B-1DCA-42FD-852C-D600802382E6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A8163BED-8709-4C7C-895B-25ED53A2745E}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A8B400A0-9225-48D8-A45F-AB477F4D2CC1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A8CD019D-229D-47FC-87D3-027196476EA5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A8E1D391-0F50-4098-8EF0-9E7C62BF7AAE}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{A934F31F-4E09-48CF-ADD8-D08B38AC0537}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AA4631FC-CA7A-48BA-9BDA-A4E4D283EB9F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AA484611-7013-46B6-B3A8-1480AF08A0DD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AAB50D8E-3FD4-4A17-8C9F-5F8D9B1CDFD9}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AC105D9A-198C-4F6F-97CF-7113A835F13F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AC5890C3-140B-4563-8A07-B0163DEF2EB8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AC91A425-4EAA-4B0B-94E2-8A94AD55806A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AE5C3095-F803-49C3-8BB6-016694426B9C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AED58115-38DB-4BAF-A2CE-276E724D52DF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{AF9838C7-6210-4D83-96B1-58A01DBD6BBC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B02BFB68-7C29-4044-B09E-560C4185084D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B1A3CAA8-9C2C-407D-B428-2B9B54172002}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B1E13543-0C3B-4078-97B2-202F4EC0AF43}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B1EA3533-0D01-4F97-8644-E5709A7AB127}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B25BF8EF-6668-407F-9DAC-816BB5734B5D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B37FCC8A-C09E-474B-971E-0620FCF98817}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B3FF4A22-B54B-422A-A4E7-825D98426248}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B49B37C8-1A8F-46C2-86E7-9E5C7A04DA50}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B4C174DC-87A4-4111-A5CC-0240B57E767D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B50A8C40-34DE-465E-B088-299F8C4C1016}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B5253069-BC52-43F5-A5F3-A6C9418274E7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B5651653-CF6E-4E86-B2DF-DC12237EDAF5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B57F8939-A137-45B5-AE0E-9BFABA7DE5BA}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B5B8BFB1-BB76-4BD9-9460-F26F34E19409}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B699223F-410F-4D63-86CC-80A064C84183}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B6F9BEC0-4F11-44BE-B9C5-8A865A0DD810}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B776E16D-FFF7-434B-B23F-6C24D9379CBD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B868BBB9-0C2E-4EF2-B6B9-47855D902F98}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B8F4EBB9-DD65-4BC0-8CFE-F760199306D2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{B93D812A-DC65-474E-A348-E8D76216845F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BA4569F7-F5EF-4EED-B58F-D8499DC9AA43}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BABC5414-30CD-4C9A-B1F1-51B97D2CD79A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BBED3368-7F81-4D7E-AA4D-6E54994A82DD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BC080C49-9C19-46CE-9ECA-6398A815C711}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BCB68A18-4C84-46E7-B269-24937505EB4F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BD14F6DF-D20A-4ED1-8323-11C449E3E6E8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BD62D383-41A2-4228-ABE1-DB92CBD3963D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BD9B9215-1DD4-4789-8A0C-C88DD28D061B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{BE229F06-D784-4B62-8E04-CC88766BD08F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C04F2A68-6AC7-4308-A9D0-08FD8E8B0524}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C0806589-FF07-4E74-A2E4-7DB072846634}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C0F446CB-E8BF-4DE3-B757-278430AF5A2B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C156322A-52E3-4FE7-9137-4AD421C4F830}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C1C67C36-7E1A-4139-A807-0E6AACF0B955}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C1F6C79F-F0AE-4586-A50D-C9E7DF53B6AA}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C20B23FB-364F-4FD2-B9E4-A98CEF6BA757}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C2311DE6-0E46-408D-9D69-E007210DA622}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C2C7DCF6-FD18-4DC4-8E9B-059D81DF2FB6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C4477CEE-2171-43EC-84E2-AB3492DEA66A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C4BCC547-2321-49B1-94EA-A579BF488744}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C56ACFAB-492C-4B19-A0B9-F94340B5CAC3}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C5D4F050-1E56-4FBE-B165-46CFA9EADBC4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C6C17D6D-FC01-44B8-ACCB-0B1FB7EBBA2B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C701BCCE-2886-442A-A854-559A88B24388}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C7CB9DC0-43E4-4479-B5EC-EFD69EA9957A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C7D08A9B-4FD6-4528-9C4C-8BAC2428F9DC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C87894F6-E60B-481C-8806-43E888DD03BF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C8B1E4EE-5364-45AB-ABDF-42AC50C6F2D8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{C98CF9D5-7205-416D-863D-ACEF0126449F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CABC124F-A006-4D0D-B5BC-10C7F8689ADF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CD710750-0E73-4A1C-9CCD-E8738AF657BD}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CD92D999-D8B0-4B82-8B5A-EE555EAA136F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CDA1C3B9-57D9-4152-87AF-68A0B3C761E2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CDF355A2-706D-43EB-A1E9-F4544C1D1E56}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CE2C68C8-5DB2-4061-BA07-379020C11C64}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{CF4E64F7-3122-42D5-9B68-14DFA5DF106C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D1F72BFE-E435-4C17-BC15-FFBFB8C82C6A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D2832DD2-F8A1-49CF-B23C-73F8A2B75634}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D3637DF0-3E8A-4900-A581-AF73D2C6647F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D4033AE8-88A2-48F8-B1B9-B4466EF0DF08}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D43DED3E-A5F4-4BE7-B2FD-C82AF39F9D7F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D4FE8692-EEB8-4564-8F1F-9A2A76CADAFF}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D52AD439-4938-4B31-A9F9-7D5DF46F7B02}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D58B89B8-47EB-446C-938A-D9ADE843395D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D5D2823C-73AD-4BEB-B3BD-B951CC5A8AD8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D60CC642-6E7E-4172-A523-2F13BAB4DD4A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D6535095-113E-4668-9C4C-C27A1D533957}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D6D4838D-4318-4D12-972E-538BA5336F6C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D718147D-B13F-422D-9AB1-AD8D65644238}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D775893F-3520-4F3A-ABA4-B6359993DAD2}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{D9973E98-6D46-41B7-8B25-C8B57772C321}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DB0FBC72-317B-4CFF-9B38-C7DD3979CE38}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DB14B50F-F070-4D8F-9ABE-14EE9B8D2F34}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DB3CA193-9A4D-4169-A23D-891AE6D7DBC1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DBF64BAE-4063-4A0F-BE7A-5E5DC41BD494}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DC410D59-A6C6-4797-931A-2845620AA69B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DC7BB2E8-D404-45BD-AB33-7929201143B6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DE8D2EC4-79D7-483B-9203-D7725029FB0E}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{DF4DC3E8-A624-454D-B781-1A1314289704}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E072F3F8-2B73-4C97-9F90-23AEFECF68C5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E082C122-AA6D-42CB-8AA5-4E824D8BC0F8}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E09C1D2A-C04B-4C7D-B2E9-924DA9414AC1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E101A9E4-5403-41F3-9FC7-607E8B359B42}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E103CF81-A5A1-4279-AF32-54AAD9F9C1A4}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E3B2E100-3C6F-49D4-94D0-E33A68636C5F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E3F23C14-EF54-463B-A8A0-D92BFDE489AB}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E49AE3C0-3252-46FB-AF01-7E82AE93F54B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E536A5B2-E591-40E7-8400-8998C53FA4F6}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E5E6FB41-F095-4370-8817-68F7A512A704}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E68AE9E0-8315-4657-98E1-5ECEC47B7915}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E6EABEDC-D2DA-4FB3-8355-A9A8D0C56B8E}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E755982A-A872-4374-A788-442B278F97FA}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E778DFC0-D296-4CD1-B48B-7412D210F18D}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E7C6322B-6FB9-48CE-9A05-E0A8D3D18182}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E7D1618D-FBDA-44F9-BB0F-FEA2D9BC7101}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E8BCE909-CFBE-4534-AEBC-469A207F5C4A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E9E697CC-C033-4899-8F72-315C22DF3E87}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{E9F136A7-9B9A-4C12-A0F8-4C6EE0921E42}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{EA28795C-2178-4AEA-95BD-7EF015C9C41C}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{EA702627-0E66-4A8B-81E8-8B5036FADF22}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{EB979AE7-9668-4CF7-B0DC-A62C9E0D2C3A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{ECA1D6D1-774C-4E30-8F0B-146866ACB7F5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{ED323A14-9308-4876-97EB-0464B3E8B531}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{EDD341B0-7FC0-4103-80D0-6C98684E1025}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{EFA18528-82AA-4444-8670-3DE3387838B7}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F087CF23-BDC2-45CA-905F-649EDA858B6B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F47DA62D-BDE9-4743-B4B9-F3EEB4F6F540}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F4D160C1-A5ED-46FE-9A6B-40D170EA689B}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F55E57C4-1501-4378-8D7B-0EE7A3541E2F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F5FBBD6B-D7EB-44A5-A0EB-9C3E5A073B3A}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F65FC1A2-5473-4F66-A08E-72936B6460C5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F6E42DBF-4E0D-4EBE-B127-47FD80BAA55F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F7413B8C-DD77-4A8A-B1FB-86F1EC019816}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F7BB5F69-E945-45B8-B224-1BE18BE3FDAC}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F7F4907E-4DA5-478B-9BE0-FE2E21D26014}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F88976ED-9527-428A-AD19-8813F9A44FB5}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F944B275-DDB3-41EF-BCE0-F533F5966A52}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{F9E4083C-3869-465A-80A9-DE4F9FDBFC51}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FA074E31-EA68-4FF0-B4E9-049753B77DC1}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FA915617-110C-43BA-B59E-233C6A1D6E81}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FCA5BD68-4CB3-455E-A4B3-637F15B1FE47}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FCC49B8B-4FA0-4AC8-92C5-FF72124F7312}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FD317481-E45C-457A-8CFC-74166A3E4E4F}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FD414F64-5279-4CB5-A8A7-7ED50AD6A494}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FDC65862-0E36-4DBC-AC76-C84B754C66C9}
Successfully deleted: [Empty Folder] C:\Users\Medion\appdata\local\{FE190B77-974D-4682-BE62-7CD6E5852EDC}



~~~ FireFox

Failed to delete: [File] C:\Users\Medion\AppData\Roaming\mozilla\firefox\profiles\pw9zsjhd.default\searchplugins\v9.xml
Successfully deleted the following from C:\Users\Medion\AppData\Roaming\mozilla\firefox\profiles\pw9zsjhd.default\prefs.js

user_pref("extensions.irmysearch.aflt", "ir_14_20_ch");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutC0CyE0B0DyCtAzy0B0E0EyD0DtC0AzztN0D0Tzu0SzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2S
user_pref("extensions.irmysearch.cr", "465694263");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("browser.search.defaultenginename", "V9");
user_pref("browser.search.order.1", "V9");
user_pref("browser.search.selectedEngine", "V9");
Emptied folder: C:\Users\Medion\AppData\Roaming\mozilla\firefox\profiles\pw9zsjhd.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2015 at 10:45:54,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Medion (administrator) on MEDION-PC on 26-01-2015 10:51:13
Running from C:\Users\Medion\Downloads
Loaded Profiles: Medion (Available profiles: Medion)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxczcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-16] (AVAST Software)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3733337927-542603657-4020581419-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {4F039617-AA05-4419-A46D-BB3D43CAE2BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {617388A8-9570-40B9-9E36-4A13F2791695} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default
FF Homepage: hxxp://www.google.de/
FF DefaultSearchEngine: V9
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/iggweb3dupdater -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/joyconnectshell -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\searchplugins\V9.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-11]
FF HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR DefaultSearchKeyword: Default -> v9
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Google-Suche) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (Google Wallet) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-27]
CHR Extension: (Google Mail) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-16]
CHR HKLM\...\Chrome\Extension: [ifhnbninbdeplfbaagcfmfphbacpbnic] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode13\ch\MediaBuzzV1mode13.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [liamjncanoflcnblkbfmbhdcflijepmf] - C:\Program Files\MediaWatchV1\MediaWatchV1home748\ch\MediaWatchV1home748.crx [Not Found]
StartMenuInternet: Google Chrome.4MPJAAHFJIATME5R6ZLQH6C2V4 - C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-16] (AVAST Software)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [537520 2007-04-19] ( )
R2 MSSQL$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 SQLAgent$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-08-11] (DT Soft Ltd)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-08-05] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Medion\AppData\Local\Temp\ALSysIO.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Medion\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 HWiNFO32; \??\E:\DIAGNOSE\HWiNFO32\HWiNFO32.SYS [X]
S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 uxddrv; \??\F:\uxddrv86.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 10:51 - 2015-01-26 10:51 - 00017917 _____ () C:\Users\Medion\Downloads\FRST.txt
2015-01-26 10:50 - 2015-01-26 10:50 - 01120768 _____ (Farbar) C:\Users\Medion\Downloads\FRST.exe
2015-01-26 10:45 - 2015-01-26 10:46 - 00040197 _____ () C:\Users\Medion\Desktop\JRT.txt
2015-01-26 10:37 - 2015-01-26 10:37 - 00000000 ____D () C:\Windows\ERUNT
2015-01-26 10:36 - 2015-01-26 10:37 - 01707939 _____ (Thisisu) C:\Users\Medion\Downloads\JRT.exe
2015-01-26 10:35 - 2015-01-26 10:35 - 00013398 _____ () C:\Users\Medion\Desktop\AdwCleaner[S1].txt
2015-01-26 10:26 - 2015-01-26 10:26 - 02194432 _____ () C:\Users\Medion\Downloads\AdwCleaner_4.109.exe
2015-01-26 10:26 - 2015-01-26 10:26 - 00005447 _____ () C:\Users\Medion\Desktop\mbam.txt
2015-01-26 09:50 - 2015-01-26 09:50 - 00269312 _____ () C:\Users\Medion\Downloads\betriebswirtschaftliche-planung.xls
2015-01-25 23:00 - 2015-01-25 23:01 - 00000000 ____D () C:\Users\Medion\Documents\Tickets Freiwild
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieUserList
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieSiteList
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieBrowserModeList
2015-01-25 20:00 - 2015-01-25 20:00 - 00021405 _____ () C:\ComboFix.txt
2015-01-25 19:31 - 2015-01-25 19:31 - 05609462 ____R (Swearware) C:\Users\Medion\Downloads\ComboFix.exe
2015-01-25 19:17 - 2015-01-25 19:17 - 00001186 _____ () C:\Users\Medion\Desktop\Revo Uninstaller.lnk
2015-01-25 19:17 - 2015-01-25 19:17 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-25 19:16 - 2015-01-25 19:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Medion\Downloads\revosetup95.exe
2015-01-25 15:13 - 2015-01-26 10:51 - 00000000 ____D () C:\FRST
2015-01-16 13:11 - 2015-01-16 13:11 - 00002009 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-16 13:10 - 2015-01-16 13:10 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-16 13:10 - 2015-01-16 13:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-14 16:28 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:28 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:27 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-12-27 18:35 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 10:41 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 10:41 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 10:39 - 2012-11-27 12:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 10:39 - 2011-06-21 10:34 - 01713969 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 10:34 - 2011-10-28 19:34 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 10:34 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 10:34 - 2009-07-14 05:39 - 00149277 _____ () C:\Windows\setupact.log
2015-01-26 10:33 - 2010-01-05 10:18 - 01619580 _____ () C:\Windows\PFRO.log
2015-01-26 10:32 - 2013-08-23 13:40 - 00000000 ____D () C:\AdwCleaner
2015-01-26 10:24 - 2014-05-20 09:27 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 10:07 - 2011-10-28 19:34 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 10:01 - 2013-01-22 18:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job
2015-01-26 09:58 - 2014-05-20 09:27 - 00001024 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-26 09:58 - 2014-05-20 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-26 09:58 - 2014-05-20 09:27 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-01-26 09:58 - 2012-11-27 13:08 - 00000000 ____D () C:\temp
2015-01-26 09:58 - 2012-11-27 13:00 - 00000843 _____ () C:\Windows\Lexstat.ini
2015-01-25 23:41 - 2014-08-25 19:08 - 00000000 ____D () C:\Users\Medion\Documents\Firma Hillius
2015-01-25 20:00 - 2012-10-23 16:55 - 00000000 ____D () C:\Qoobox
2015-01-25 19:56 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 14:01 - 2013-01-22 18:14 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job
2015-01-25 10:20 - 2011-06-21 10:36 - 00000000 ____D () C:\Users\Medion
2015-01-25 10:19 - 2014-05-18 19:16 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-23 16:39 - 2012-11-27 12:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-23 16:39 - 2011-07-24 21:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-16 13:11 - 2012-03-11 11:23 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-16 13:11 - 2012-03-11 11:23 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-16 13:10 - 2014-05-10 15:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-16 13:10 - 2014-02-20 13:27 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-15 10:11 - 2012-02-22 16:28 - 00000000 ____D () C:\Users\Medion\Documents\WBFS Manager Covers
2015-01-14 21:51 - 2013-08-15 19:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:45 - 2010-01-05 11:07 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 10:36 - 2010-01-05 09:00 - 01806882 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 10:13 - 2014-05-18 17:48 - 00000000 ____D () C:\Users\Medion\Downloads Wii
2015-01-12 10:12 - 2014-08-03 13:51 - 00000000 ____D () C:\Users\Medion\Documents\Stega Security
2015-01-06 15:27 - 2012-08-06 20:04 - 00000000 ____D () C:\Users\Medion\Documents\tsg
2015-01-06 04:36 - 2010-01-05 10:57 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 14:40 - 2011-10-09 12:44 - 00000000 ____D () C:\Program Files\CDBurnerXP

==================== Files in the root of some directories =======

2014-05-18 18:25 - 2014-05-18 18:25 - 0000046 _____ () C:\Users\Medion\AppData\Roaming\WB.CFG
2012-02-21 12:02 - 2014-10-28 20:41 - 0000452 _____ () C:\Users\Medion\AppData\Roaming\wklnhst.dat
2013-12-25 10:38 - 2013-12-25 10:47 - 0000791 _____ () C:\Users\Medion\AppData\Local\cookies.ini
2014-11-27 13:53 - 2014-11-27 13:53 - 0003347 _____ () C:\Users\Medion\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\Medion\AppData\Local\temp\Quarantine.exe
C:\Users\Medion\AppData\Local\temp\rtdrvmon.exe
C:\Users\Medion\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 13:56

==================== End Of Log ============================
         
--- --- ---

Alt 26.01.2015, 11:00   #10
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



hat nicht alles in eins gepasst

Code:
ATTFilter
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Medion at 2015-01-26 10:52:02
Running from C:\Users\Medion\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
AION Free-To-Play (HKLM\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (Version: 2.70.0000 - Gameforge) Hidden
Airline Tycoon Evolution (HKLM\...\{16E43D5F-5296-4D53-B303-9D951AFE510F}) (Version:  - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Battlefield 2: Deluxe (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
BCL easyConverter Desktop 3 (Word Version) (HKLM\...\{8C5845B5-729F-40E3-A945-4454E67F65F4}) (Version: 3.0.18 - BCL Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2128 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Daily Cost Monitor (HKLM\...\{4119CAD7-C607-4FF2-82ED-9B3C1EDB4643}) (Version: 2.0.0.001 - Customer in Focus)
Dance eJay 5 - Deinstallation (HKLM\...\Dance eJay 5) (Version:  - )
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Der Planer 4 1.0 (HKLM\...\{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1) (Version:  - rondomedia Marketing & Vertriebs GmbH)
Der Planer 5 (remove only) (HKLM\...\Der Planer 5) (Version: 1.0.0.33 - rondomedia)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Empire: Total War (HKLM\...\Steam App 10500) (Version:  - The Creative Assembly)
Fahr-Simulator 2012 Version 1.62 (HKLM\...\Fahr-Simulator 2012_is1) (Version: 1.62 - astragon Software GmbH)
Finger-sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.4.2.8 - FSP)
Foxlink Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.51000.202_WHQL - Sonix)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
German Truck Simulator 1.00 (HKLM\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM\...\{901C0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Access Runtime 2010 (HKLM\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM\...\{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.8 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PdfEditor (32bit) (HKLM\...\{D31DAB50-15BD-404E-8CEB-FCEE95F33D59}) (Version: 1.0 - PixelPlanet)
PixelPlanet PdfPrinter 6 (32bit) (HKLM\...\{B8E88489-A304-45F1-9717-242035DE167D}) (Version: 6.03.23 - PixelPlanet)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.40 - Activision, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001C-0000-0000-0000000FF1CE}_Office14.AccessRT_{54846D1D-E5D5-4A28-AA6D-7208259007EA}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Steam(TM) (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Unity Web Player (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
WAV to MP3 (HKLM\...\WAV to MP3) (Version:  - )
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{316AB005-10AA-4B8D-B7C8-60965DF020A4}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5F387297-4BDB-48CD-8DB0-ACAD1415FABA}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.129\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EED35E4B-2023-4680-A85C-C654515D97B8}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

16-01-2015 13:09:12 avast! antivirus system restore point
21-01-2015 10:52:53 Windows Update
25-01-2015 19:18:54 Revo Uninstaller's restore point - WinZipper
25-01-2015 19:21:34 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
25-01-2015 19:24:51 Revo Uninstaller's restore point - Media Watch

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-01-25 19:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D7B4186-45F1-46E7-B186-0CF9DD568067} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {1C0ADE8D-589B-4BDB-AB78-98D9E2F3C44B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {273710B8-5DAB-4CAC-927B-02ED323E1204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {3CBF6DEE-BC4D-431F-B314-ADAF503AE66C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6DC18694-07E3-429C-A9A5-F3C7047637BE} - System32\Tasks\{316B02D3-9092-4485-8295-E639415BF1CF} => pcalua.exe -a E:\Dance5.exe -d E:\
Task: {6E86A0C3-CF84-494C-A428-F5A63BD947C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {6FE04E7B-ACF4-4C4E-9020-7570BCB7165F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D2FA78F-147C-48C1-B3F9-967E161B2F14} - System32\Tasks\{13BB190D-66BB-4285-9D3C-78250CF9E55E} => pcalua.exe -a C:\eJay\Dance5\Dance5.exe -d C:\eJay\Dance5
Task: {8FB650A4-0536-4C53-AC23-147A8E1F2418} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-16] (AVAST Software)
Task: {956F6B63-468B-4F1F-8136-127427222480} - System32\Tasks\4785 => Wscript.exe C:\Users\Medion\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9E66BFCA-65D6-401F-AB01-418BCA487490} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {A215C470-B6E7-457A-9858-AAC8FE28B377} - \FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9} No Task File <==== ATTENTION
Task: {A86BF0FE-3A34-441B-A6BF-1D6F93B1A98A} - System32\Tasks\{5478E5FE-158D-46D6-9AF4-B7DB671D88D0} => pcalua.exe -a "C:\Program Files\Steam\bin\steamservice.exe" -d "C:\Program Files\Steam" -c /installscript "C:\Program Files\Steam\steamapps\common\raceroom racing experience\runasadmin.vdf" 211500
Task: {C898D756-EF95-4D13-AAD8-E178AE8E5A2A} - System32\Tasks\{98CF616F-956B-4C6D-8A2E-9E010FB592AB} => pcalua.exe -a C:\Users\Medion\Downloads\mp3gain-win-full-1_3_4.exe -d C:\Users\Medion\Downloads
Task: {F2ACC979-A61A-4B07-B03A-DF0ADF6A06C4} - System32\Tasks\{E53BA3EF-8835-4A71-B437-0F1192D1773B} => pcalua.exe -a C:\Users\Medion\Documents\WindowsPhone.exe -d C:\Users\Medion\Documents
Task: {F5ADFCCF-6DC7-45AF-8441-1DFFCFD92680} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-25 23:28 - 2015-01-25 23:28 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012501\algo.dll
2006-03-07 12:59 - 2006-03-07 12:59 - 00061440 _____ () C:\Windows\system32\lxczcnv6.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-01-16 13:10 - 2015-01-16 13:10 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 01117512 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 00211272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 09171272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\pdf.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 14913352 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CLPSLS => 2
MSCONFIG\Services: cmdagent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk => C:\Windows\pss\Biet-O-Matic.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: PixelPlanet PdfPrinter-Monitor => "C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: tsnp2uvc => C:\Windows\tsnp2uvc.exe
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-3733337927-542603657-4020581419-500 - Administrator - Disabled)
Gast (S-1-5-21-3733337927-542603657-4020581419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3733337927-542603657-4020581419-1003 - Limited - Enabled)
Medion (S-1-5-21-3733337927-542603657-4020581419-1000 - Administrator - Enabled) => C:\Users\Medion

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HWiNFO32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 3066.88 MB
Available physical RAM: 1795.15 MB
Total Pagefile: 6132.04 MB
Available Pagefile: 4648.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.11 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:434.66 GB) (Free:238.55 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:20.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DB515DCE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=434.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
So müsste alles sein

Alt 26.01.2015, 11:59   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.01.2015, 18:11   #12
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0c9c43d3b4ef3f4ca40934c1ce736e08
# engine=22150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-26 02:43:20
# local_time=2015-01-26 03:43:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 876589 186703890 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 22061 173914591 0 0
# scanned=223831
# found=11
# cleaned=0
# scan_time=9305
sh=BEC6B95D047100118D70D9504479C36A797B9B06 ft=1 fh=e155e3de02881385 vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZipper\TrayDownloader.exe.vir"
sh=0147937D9077F226E60DF191DA2175A4AC9EE45E ft=1 fh=88de78e712e5bb20 vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZipper\winzipersvc.exe.vir"
sh=E7CF4AEAAD0373AD0C421F7767F428D78D826DD7 ft=1 fh=37eb20297dc7762d vn="Variante von Win32/ELEX.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir"
sh=A416ACC21756868987F275190BD1033BF74E180C ft=1 fh=d3699c00a2c5c199 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Medion\AppData\Local\DownloadGuide\Offers\protegere.exe.vir"
sh=95D1E596ACC1912879100C54027750C1772027C7 ft=1 fh=212faf0536ad9d68 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Medion\AppData\Local\DownloadGuide\Offers\ResultsAlphaSetup.exe.vir"
sh=C0FC80178E1F71E53955029DBD9B9CBEE7FE0667 ft=1 fh=1649b459995e0e22 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Medion\AppData\Local\DownloadGuide\Offers\vis-freeware.exe.vir"
sh=B7A67A65D2429BC2CB5FE9C081943F3E46E62299 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Medion\AppData\Local\Mobogenie\Version\CacheVersion\Mobogenie2.2.0.zip.vir"
sh=75AF025EA0E962FDD4AC3D939166FC092B9B510B ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\YontooLayers.crx"
sh=F074C932D8081C74F6A220D885567DA41DA23196 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\CRX_INSTALL\background.html"
sh=C829B87C111F25A928A56230F1C6D5F60FE304CA ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\CRX_INSTALL\yl.js"
sh=9A3475327FC02A2434383C1FF3B41C90FA27E2FE ft=1 fh=53854597d8020bfc vn="Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Medion\Local Settings\Application Data\Bundled software uninstaller\biclient.exe"
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Medion at 2015-01-26 18:07:07
Running from C:\Users\Medion\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
AION Free-To-Play (HKLM\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (Version: 2.70.0000 - Gameforge) Hidden
Airline Tycoon Evolution (HKLM\...\{16E43D5F-5296-4D53-B303-9D951AFE510F}) (Version:  - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Battlefield 2: Deluxe (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
BCL easyConverter Desktop 3 (Word Version) (HKLM\...\{8C5845B5-729F-40E3-A945-4454E67F65F4}) (Version: 3.0.18 - BCL Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2128 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Daily Cost Monitor (HKLM\...\{4119CAD7-C607-4FF2-82ED-9B3C1EDB4643}) (Version: 2.0.0.001 - Customer in Focus)
Dance eJay 5 - Deinstallation (HKLM\...\Dance eJay 5) (Version:  - )
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Der Planer 4 1.0 (HKLM\...\{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1) (Version:  - rondomedia Marketing & Vertriebs GmbH)
Der Planer 5 (remove only) (HKLM\...\Der Planer 5) (Version: 1.0.0.33 - rondomedia)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Empire: Total War (HKLM\...\Steam App 10500) (Version:  - The Creative Assembly)
Fahr-Simulator 2012 Version 1.62 (HKLM\...\Fahr-Simulator 2012_is1) (Version: 1.62 - astragon Software GmbH)
Finger-sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.4.2.8 - FSP)
Foxlink Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.51000.202_WHQL - Sonix)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
German Truck Simulator 1.00 (HKLM\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM\...\{901C0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Access Runtime 2010 (HKLM\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM\...\{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.8 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PdfEditor (32bit) (HKLM\...\{D31DAB50-15BD-404E-8CEB-FCEE95F33D59}) (Version: 1.0 - PixelPlanet)
PixelPlanet PdfPrinter 6 (32bit) (HKLM\...\{B8E88489-A304-45F1-9717-242035DE167D}) (Version: 6.03.23 - PixelPlanet)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.40 - Activision, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001C-0000-0000-0000000FF1CE}_Office14.AccessRT_{54846D1D-E5D5-4A28-AA6D-7208259007EA}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Steam(TM) (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Unity Web Player (HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
WAV to MP3 (HKLM\...\WAV to MP3) (Version:  - )
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{316AB005-10AA-4B8D-B7C8-60965DF020A4}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{5F387297-4BDB-48CD-8DB0-ACAD1415FABA}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.129\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{EED35E4B-2023-4680-A85C-C654515D97B8}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3733337927-542603657-4020581419-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

16-01-2015 13:09:12 avast! antivirus system restore point
21-01-2015 10:52:53 Windows Update
25-01-2015 19:18:54 Revo Uninstaller's restore point - WinZipper
25-01-2015 19:21:34 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
25-01-2015 19:24:51 Revo Uninstaller's restore point - Media Watch

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-01-25 19:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D7B4186-45F1-46E7-B186-0CF9DD568067} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {1C0ADE8D-589B-4BDB-AB78-98D9E2F3C44B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {273710B8-5DAB-4CAC-927B-02ED323E1204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {3CBF6DEE-BC4D-431F-B314-ADAF503AE66C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6DC18694-07E3-429C-A9A5-F3C7047637BE} - System32\Tasks\{316B02D3-9092-4485-8295-E639415BF1CF} => pcalua.exe -a E:\Dance5.exe -d E:\
Task: {6E86A0C3-CF84-494C-A428-F5A63BD947C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {6FE04E7B-ACF4-4C4E-9020-7570BCB7165F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D2FA78F-147C-48C1-B3F9-967E161B2F14} - System32\Tasks\{13BB190D-66BB-4285-9D3C-78250CF9E55E} => pcalua.exe -a C:\eJay\Dance5\Dance5.exe -d C:\eJay\Dance5
Task: {8FB650A4-0536-4C53-AC23-147A8E1F2418} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-16] (AVAST Software)
Task: {956F6B63-468B-4F1F-8136-127427222480} - System32\Tasks\4785 => Wscript.exe C:\Users\Medion\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9E66BFCA-65D6-401F-AB01-418BCA487490} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {A215C470-B6E7-457A-9858-AAC8FE28B377} - \FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9} No Task File <==== ATTENTION
Task: {A86BF0FE-3A34-441B-A6BF-1D6F93B1A98A} - System32\Tasks\{5478E5FE-158D-46D6-9AF4-B7DB671D88D0} => pcalua.exe -a "C:\Program Files\Steam\bin\steamservice.exe" -d "C:\Program Files\Steam" -c /installscript "C:\Program Files\Steam\steamapps\common\raceroom racing experience\runasadmin.vdf" 211500
Task: {C898D756-EF95-4D13-AAD8-E178AE8E5A2A} - System32\Tasks\{98CF616F-956B-4C6D-8A2E-9E010FB592AB} => pcalua.exe -a C:\Users\Medion\Downloads\mp3gain-win-full-1_3_4.exe -d C:\Users\Medion\Downloads
Task: {F2ACC979-A61A-4B07-B03A-DF0ADF6A06C4} - System32\Tasks\{E53BA3EF-8835-4A71-B437-0F1192D1773B} => pcalua.exe -a C:\Users\Medion\Documents\WindowsPhone.exe -d C:\Users\Medion\Documents
Task: {F5ADFCCF-6DC7-45AF-8441-1DFFCFD92680} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job => C:\Users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-25 23:28 - 2015-01-25 23:28 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012501\algo.dll
2015-01-26 13:09 - 2015-01-26 13:09 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012600\algo.dll
2006-03-07 12:59 - 2006-03-07 12:59 - 00061440 _____ () C:\Windows\system32\lxczcnv6.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-01-16 13:10 - 2015-01-16 13:10 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 01117512 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 00211272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-24 13:08 - 2015-01-21 04:50 - 09171272 _____ () C:\Users\Medion\AppData\Local\Google\Chrome\Application\40.0.2214.91\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CLPSLS => 2
MSCONFIG\Services: cmdagent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk => C:\Windows\pss\Biet-O-Matic.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: PixelPlanet PdfPrinter-Monitor => "C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Medion\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: tsnp2uvc => C:\Windows\tsnp2uvc.exe
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-3733337927-542603657-4020581419-500 - Administrator - Disabled)
Gast (S-1-5-21-3733337927-542603657-4020581419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3733337927-542603657-4020581419-1003 - Limited - Enabled)
Medion (S-1-5-21-3733337927-542603657-4020581419-1000 - Administrator - Enabled) => C:\Users\Medion

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HWiNFO32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 3066.88 MB
Available physical RAM: 1628.91 MB
Total Pagefile: 6132.04 MB
Available Pagefile: 4624.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.11 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:434.66 GB) (Free:236.36 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:20.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DB515DCE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=434.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Medion (administrator) on MEDION-PC on 26-01-2015 18:06:17
Running from C:\Users\Medion\Downloads
Loaded Profiles: Medion (Available profiles: Medion)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxczcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-16] (AVAST Software)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3733337927-542603657-4020581419-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422017728&from=zbd1&uid=st9500325as_5vef2j0sxxxx5vef2j0s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {4F039617-AA05-4419-A46D-BB3D43CAE2BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> {617388A8-9570-40B9-9E36-4A13F2791695} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-3733337927-542603657-4020581419-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default
FF Homepage: hxxp://www.google.de/
FF DefaultSearchEngine: V9
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/iggweb3dupdater -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @g2.com/joyconnectshell -> C:\Users\Medion\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll No File
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Medion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3733337927-542603657-4020581419-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Medion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\pw9zsjhd.default\searchplugins\V9.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-11]
FF HKU\S-1-5-21-3733337927-542603657-4020581419-1000\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR DefaultSearchKeyword: Default -> v9
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Google-Suche) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (Google Wallet) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-27]
CHR Extension: (Google Mail) - C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-16]
CHR HKLM\...\Chrome\Extension: [ifhnbninbdeplfbaagcfmfphbacpbnic] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode13\ch\MediaBuzzV1mode13.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [liamjncanoflcnblkbfmbhdcflijepmf] - C:\Program Files\MediaWatchV1\MediaWatchV1home748\ch\MediaWatchV1home748.crx [Not Found]
StartMenuInternet: Google Chrome.4MPJAAHFJIATME5R6ZLQH6C2V4 - C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-16] (AVAST Software)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [537520 2007-04-19] ( )
R2 MSSQL$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 SQLAgent$CIFDCM; c:\Program Files\Microsoft SQL Server\MSSQL10.CIFDCM\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-08-11] (DT Soft Ltd)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-08-05] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Medion\AppData\Local\Temp\ALSysIO.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Medion\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 HWiNFO32; \??\E:\DIAGNOSE\HWiNFO32\HWiNFO32.SYS [X]
S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 uxddrv; \??\F:\uxddrv86.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:02 - 2015-01-26 18:02 - 00852504 _____ () C:\Users\Medion\Downloads\SecurityCheck.exe
2015-01-26 13:05 - 2015-01-26 13:05 - 02347384 _____ (ESET) C:\Users\Medion\Downloads\esetsmartinstaller_deu.exe
2015-01-26 11:02 - 2015-01-26 11:03 - 00000000 ____D () C:\Users\Medion\Desktop\carpeo
2015-01-26 10:51 - 2015-01-26 18:06 - 00017835 _____ () C:\Users\Medion\Downloads\FRST.txt
2015-01-26 10:50 - 2015-01-26 10:50 - 01120768 _____ (Farbar) C:\Users\Medion\Downloads\FRST.exe
2015-01-26 10:37 - 2015-01-26 10:37 - 00000000 ____D () C:\Windows\ERUNT
2015-01-26 10:36 - 2015-01-26 10:37 - 01707939 _____ (Thisisu) C:\Users\Medion\Downloads\JRT.exe
2015-01-26 10:26 - 2015-01-26 10:26 - 02194432 _____ () C:\Users\Medion\Downloads\AdwCleaner_4.109.exe
2015-01-26 09:50 - 2015-01-26 09:50 - 00269312 _____ () C:\Users\Medion\Downloads\betriebswirtschaftliche-planung.xls
2015-01-25 23:00 - 2015-01-25 23:01 - 00000000 ____D () C:\Users\Medion\Documents\Tickets Freiwild
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieUserList
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieSiteList
2015-01-25 21:16 - 2015-01-25 21:16 - 00000000 __SHD () C:\Users\Medion\AppData\Local\EmieBrowserModeList
2015-01-25 20:00 - 2015-01-25 20:00 - 00021405 _____ () C:\ComboFix.txt
2015-01-25 19:31 - 2015-01-25 19:31 - 05609462 ____R (Swearware) C:\Users\Medion\Downloads\ComboFix.exe
2015-01-25 19:17 - 2015-01-25 19:17 - 00001186 _____ () C:\Users\Medion\Desktop\Revo Uninstaller.lnk
2015-01-25 19:17 - 2015-01-25 19:17 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-25 19:16 - 2015-01-25 19:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Medion\Downloads\revosetup95.exe
2015-01-25 15:13 - 2015-01-26 18:06 - 00000000 ____D () C:\FRST
2015-01-16 13:11 - 2015-01-16 13:11 - 00002009 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-16 13:10 - 2015-01-16 13:10 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-16 13:10 - 2015-01-16 13:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-14 16:28 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:28 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:27 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-12-27 18:35 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:07 - 2011-10-28 19:34 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 18:01 - 2013-01-22 18:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000UA.job
2015-01-26 17:39 - 2012-11-27 12:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 17:21 - 2011-06-21 10:34 - 01727626 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 14:02 - 2013-01-22 18:14 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3733337927-542603657-4020581419-1000Core.job
2015-01-26 10:41 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 10:41 - 2009-07-14 05:34 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 10:34 - 2011-10-28 19:34 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 10:34 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 10:34 - 2009-07-14 05:39 - 00149277 _____ () C:\Windows\setupact.log
2015-01-26 10:33 - 2010-01-05 10:18 - 01619580 _____ () C:\Windows\PFRO.log
2015-01-26 10:32 - 2013-08-23 13:40 - 00000000 ____D () C:\AdwCleaner
2015-01-26 10:24 - 2014-05-20 09:27 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 09:58 - 2014-05-20 09:27 - 00001024 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-26 09:58 - 2014-05-20 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-26 09:58 - 2014-05-20 09:27 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-01-26 09:58 - 2012-11-27 13:08 - 00000000 ____D () C:\temp
2015-01-26 09:58 - 2012-11-27 13:00 - 00000843 _____ () C:\Windows\Lexstat.ini
2015-01-25 23:41 - 2014-08-25 19:08 - 00000000 ____D () C:\Users\Medion\Documents\Firma Hillius
2015-01-25 20:00 - 2012-10-23 16:55 - 00000000 ____D () C:\Qoobox
2015-01-25 19:56 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 10:20 - 2011-06-21 10:36 - 00000000 ____D () C:\Users\Medion
2015-01-25 10:19 - 2014-05-18 19:16 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-23 16:39 - 2012-11-27 12:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-23 16:39 - 2011-07-24 21:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-16 13:11 - 2012-03-11 11:23 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-16 13:11 - 2012-03-11 11:23 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-16 13:10 - 2014-05-10 15:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-16 13:10 - 2014-02-20 13:27 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-16 13:10 - 2013-03-19 17:25 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-16 13:10 - 2012-03-11 11:23 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-15 10:11 - 2012-02-22 16:28 - 00000000 ____D () C:\Users\Medion\Documents\WBFS Manager Covers
2015-01-14 21:51 - 2013-08-15 19:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:45 - 2010-01-05 11:07 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 10:36 - 2010-01-05 09:00 - 01806882 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 10:13 - 2014-05-18 17:48 - 00000000 ____D () C:\Users\Medion\Downloads Wii
2015-01-12 10:12 - 2014-08-03 13:51 - 00000000 ____D () C:\Users\Medion\Documents\Stega Security
2015-01-06 15:27 - 2012-08-06 20:04 - 00000000 ____D () C:\Users\Medion\Documents\tsg
2015-01-06 04:36 - 2010-01-05 10:57 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 14:40 - 2011-10-09 12:44 - 00000000 ____D () C:\Program Files\CDBurnerXP

==================== Files in the root of some directories =======

2014-05-18 18:25 - 2014-05-18 18:25 - 0000046 _____ () C:\Users\Medion\AppData\Roaming\WB.CFG
2012-02-21 12:02 - 2014-10-28 20:41 - 0000452 _____ () C:\Users\Medion\AppData\Roaming\wklnhst.dat
2013-12-25 10:38 - 2013-12-25 10:47 - 0000791 _____ () C:\Users\Medion\AppData\Local\cookies.ini
2014-11-27 13:53 - 2014-11-27 13:53 - 0003347 _____ () C:\Users\Medion\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\Medion\AppData\Local\temp\Quarantine.exe
C:\Users\Medion\AppData\Local\temp\rtdrvmon.exe
C:\Users\Medion\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 13:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 26.01.2015, 22:36   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\YontooLayers.crx

C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\CRX_INSTALL\background.html

C:\Users\Medion\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3453\CRX_INSTALL\yl.js

C:\Users\Medion\Local Settings\Application Data\Bundled software uninstaller\biclient.exe
Task: {956F6B63-468B-4F1F-8136-127427222480} - System32\Tasks\4785 => Wscript.exe C:\Users\Medion\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION

Task: {9E66BFCA-65D6-401F-AB01-418BCA487490} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION

Task: {A215C470-B6E7-457A-9858-AAC8FE28B377} - \FF Watcher {C379C26D-0061-4921-8664-1C9CAD724EB9} No Task File <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKU\S-1-5-21-3733337927-542603657-4020581419-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR DefaultSearchKeyword: Default -> v9
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.01.2015, 23:26   #14
keksi28
 
Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



muss ich den text aus dem gelben fenster hier kopieren?

Alt 27.01.2015, 11:39   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Rechner braucht ewig - Standard

Mein Rechner braucht ewig



Meinen Fix oben oder meinst du das Ergebnis des Fxlogs?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Mein Rechner braucht ewig
brauch, einfach, eingefangen, gefangen, glaube, hoffe, hängt, rechner, seite, seiten




Ähnliche Themen: Mein Rechner braucht ewig


  1. Rechner braucht ewig zum booten...
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (9)
  2. relativ neuer Laptop der Marke hp braucht 5 - 15 Min. um hochzufahren und er hängt sich oft, je nach Gebrauch, auf oder braucht ewig.
    Plagegeister aller Art und deren Bekämpfung - 07.04.2015 (11)
  3. Mein Rechner macht Mätzchen (lädt ewig etc.)
    Log-Analyse und Auswertung - 21.10.2014 (7)
  4. PC extrem lahm - braucht ewig fürs hochfahren...
    Plagegeister aller Art und deren Bekämpfung - 22.08.2014 (9)
  5. Laptop braucht ewig zum starten, friert plötzlich ein, braucht für jede Aktion ewig
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (16)
  6. Displaybeleuchtung braucht ewig, bis sie anspringt
    Alles rund um Windows - 02.01.2014 (3)
  7. Lap Win7 braucht ewig zum Seitenaufbau
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (11)
  8. Rechner (Laptop) braucht ewig zum Runterfahren
    Log-Analyse und Auswertung - 08.10.2012 (22)
  9. google braucht ewig um sucanfragen zu bearbeiten
    Überwachung, Datenschutz und Spam - 21.02.2011 (1)
  10. Firefox braucht ewig lange zum Öffnen von Seiten
    Log-Analyse und Auswertung - 14.12.2010 (6)
  11. Mein Rechner braucht unednlich lange zum laden einer Seite e.t.c.
    Log-Analyse und Auswertung - 08.12.2010 (8)
  12. WinXP braucht ewig zum Starten + keine I-Net Verbindung
    Log-Analyse und Auswertung - 20.12.2009 (3)
  13. Windows XP | Rechner braucht ewig hochzufahren :(
    Alles rund um Windows - 22.10.2009 (1)
  14. Virus Programm braucht ewig zum laden
    Log-Analyse und Auswertung - 08.01.2009 (20)
  15. Firefox braucht ewig um Seite aufzubaun
    Log-Analyse und Auswertung - 13.06.2008 (10)
  16. Brauche eure Hilfe! Mein Rechner braucht sehr lange um alle Windowsanwendungen...
    Log-Analyse und Auswertung - 08.10.2006 (19)
  17. hilfe mein rechner braucht ewig bis er hochgefahren ist,und die Festplatte ist laut
    Log-Analyse und Auswertung - 26.02.2006 (1)

Zum Thema Mein Rechner braucht ewig - Hallo zusammen ich glaube das ich mir irgendwo was eingefangen hab, mein rechner braucht ewig um irgendwelche seiten aufzubauen bzw. hängt er sich auch manchmal einfach auf dann. ich hoffe - Mein Rechner braucht ewig...
Archiv
Du betrachtest: Mein Rechner braucht ewig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.