Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Computer hakt und ist langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.05.2015, 14:02   #1
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Hallo,

FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by *** (administrator) on WKSADMIN-HP on 17-05-2015 14:59:33
Running from C:\Users\***\Desktop
Loaded Profiles: *** (Available profiles: WKSAdmin & ***)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Smith Micro Software, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-04] (ActivIdentity)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-04] (ActivIdentity)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Connection Manager.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe [1119048 2010-03-13] (Smith Micro Software, Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-07] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-07] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-87322475-1675513697-3500870398-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-87322475-1675513697-3500870398-1006 -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = 
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-01-19] (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-04-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-04-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myRmProt5.1.0.325.dll [2010-02-17] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\adkwsaxe.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-26] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-04-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-04-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\adkwsaxe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-04] (ActivIdentity)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-07] (Avast Software s.r.o.)
S4 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-31] (AVerMedia) [File not signed]
S4 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-07] () [File not signed]
S4 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-02] (McAfee, Inc.) [File not signed]
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S4 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S4 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-06-14] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2010-01-19] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
S4 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-02-04] (McAfee, Inc.)
S4 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [149032 2010-02-08] (McAfee, Inc.)
S3 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [893112 2009-05-09] (McAfee, Inc.)
S3 myAgtSvc; C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [282824 2010-02-17] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
S4 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [331000 2010-03-16] (QUALCOMM, Inc.)
R2 SMManager; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe [82760 2010-03-13] (Smith Micro Software, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-17] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] ()
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (AVerMedia TECHNOLOGIES, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-30] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121760 2010-02-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-02-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [527592 2010-02-08] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94224 2010-02-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [280008 2010-02-08] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-04-09] (McAfee, Inc.)
S3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [242176 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [121600 2010-03-15] (QUALCOMM Incorporated)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-28] (Research in Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-02] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89344 2010-01-30] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-02] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-02] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 14:59 - 2015-05-17 15:00 - 00020553 _____ () C:\Users\***\Desktop\FRST.txt
2015-05-17 14:59 - 2015-05-17 14:59 - 00000000 ____D () C:\FRST
2015-05-17 14:58 - 2015-05-17 14:58 - 02107392 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2015-05-17 14:40 - 2015-05-17 14:46 - 00000000 ____D () C:\Users\***\Documents\Schule
2015-05-17 13:34 - 2015-05-17 13:34 - 01623373 _____ () C:\Users\***\Downloads\SunshineLive(1).apk
2015-05-17 13:31 - 2015-05-17 13:31 - 01751368 _____ () C:\Users\***\Downloads\OstseewelleHitradioMV.apk
2015-05-17 13:24 - 2015-05-17 13:24 - 00001204 _____ () C:\Users\***\Downloads - Verknüpfung.lnk
2015-05-17 13:19 - 2015-05-17 13:19 - 01396194 _____ () C:\Users\***\Downloads\RadioNeandertal.apk
2015-05-17 13:16 - 2015-05-17 13:16 - 00033564 _____ () C:\Users\***\Downloads\OstseewelleHitradioMV.aia
2015-05-17 13:16 - 2015-05-17 13:16 - 00005787 _____ () C:\Users\***\Downloads\Taschenrechner.aia
2015-05-17 13:13 - 2015-05-17 13:13 - 01412123 _____ () C:\Users\***\Downloads\SunshineLive.apk
2015-05-17 13:00 - 2015-05-17 13:00 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-05-17 13:00 - 2015-05-17 13:00 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-05-17 13:00 - 2015-04-07 14:06 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswFF56.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw728.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00271200 _____ () C:\windows\system32\Drivers\asw861.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw8EF.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw225.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw5EE.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00065736 _____ () C:\windows\system32\Drivers\asw65C.tmp
2015-05-17 13:00 - 2015-04-07 14:06 - 00029168 _____ () C:\windows\system32\Drivers\asw32F.tmp
2015-05-14 20:14 - 2015-05-14 20:14 - 00000000 ____D () C:\Users\***\Downloads\adb-tools_treiber
2015-05-14 20:13 - 2015-05-14 20:14 - 15902044 _____ () C:\Users\***\Downloads\adb-tools_treiber.zip
2015-05-14 20:06 - 2015-05-14 20:06 - 05102203 _____ () C:\Users\***\Downloads\kernel.zip
2015-05-14 20:05 - 2015-05-14 20:05 - 02219125 _____ ( ) C:\Users\***\Downloads\Minimal_ADB_and_Fastboot_1.0(1).exe
2015-05-13 12:27 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:27 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:24 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 12:24 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 12:24 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 12:24 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 12:24 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 12:24 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 12:24 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 12:24 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 12:24 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 12:24 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 12:24 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 12:24 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 12:24 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 12:24 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 12:24 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 12:24 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 12:24 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 12:24 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 12:24 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 12:24 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 12:24 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 12:24 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 12:24 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 12:24 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 12:24 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 12:24 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 12:24 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 12:24 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 12:24 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 12:24 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 12:24 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 12:24 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 12:24 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 12:24 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 12:24 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 12:24 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 12:24 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 12:24 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 12:24 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 12:24 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 12:24 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 12:24 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 12:24 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 12:24 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 12:24 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 12:24 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 12:24 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 12:24 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 12:24 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 12:24 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 12:24 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 12:24 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 12:24 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 12:24 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 12:24 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 12:24 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 12:24 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 12:24 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 12:24 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 12:24 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 12:23 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 12:23 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 12:23 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 12:23 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 12:23 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 12:23 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 12:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 12:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 12:23 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 12:19 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 12:19 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 12:19 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 10:56 - 2015-05-13 10:56 - 00000000 ____D () C:\Users\***\Documents\1&1 Kündigung
2015-05-13 09:29 - 2015-05-13 09:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-13 09:29 - 2015-05-13 09:29 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-13 09:29 - 2015-05-13 09:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 09:20 - 2015-05-13 09:20 - 00243664 _____ () C:\Users\***\Downloads\Firefox Setup Stub 38.0.exe
2015-05-09 17:15 - 2015-05-09 17:16 - 00000000 ____D () C:\Users\***\Downloads\Universal_ADB-Helper_2.6
2015-05-09 17:15 - 2015-05-09 17:15 - 01385976 _____ () C:\Users\***\Downloads\Universal_ADB-Helper_2.6.zip
2015-05-09 17:13 - 2015-05-09 17:32 - 00000000 ____D () C:\Users\***\AppData\Roaming\Notepad++
2015-05-09 17:12 - 2015-05-09 17:12 - 08254766 _____ () C:\Users\***\Downloads\npp.6.7.7.Installer.exe
2015-05-08 06:43 - 2015-05-17 14:30 - 00000000 ____D () C:\Users\***\Documents\Redaktion
2015-05-07 13:49 - 2015-05-07 13:49 - 04000946 _____ () C:\Users\***\Downloads\rcsetup1.5.2_slim.zip
2015-05-06 16:56 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-06 16:56 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-06 16:56 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-06 16:56 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-06 16:56 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-06 16:56 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-06 16:56 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-06 16:56 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-06 16:56 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-06 16:56 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-06 16:56 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-06 16:56 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-06 16:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-06 16:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-06 16:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-06 16:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-06 16:55 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-06 16:55 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-06 16:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-06 16:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-06 16:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-06 16:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-06 16:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-06 16:55 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-06 16:55 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-06 16:55 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-06 16:55 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-06 16:54 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-05-06 16:54 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-05-06 16:54 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-05-06 16:54 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-05-06 16:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-06 16:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-06 16:46 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-06 16:46 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-06 16:45 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-06 16:45 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-06 16:45 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-06 16:45 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-06 16:38 - 2015-05-06 16:38 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-05-06 16:37 - 2015-05-06 16:37 - 00000000 ____D () C:\Program Files\Java
2015-05-06 16:34 - 2015-05-06 16:35 - 43159464 _____ (Oracle Corporation) C:\Users\***\Downloads\jre-8u45-windows-x64.exe
2015-05-05 14:44 - 2015-05-05 14:44 - 09208320 _____ () C:\Users\***\Downloads\UniversalAdbDriverSetup6.msi
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\***\Downloads\usb_driver
2015-05-05 14:42 - 2015-05-05 14:43 - 08682859 _____ () C:\Users\***\Downloads\latest_usb_driver_windows.zip
2015-05-05 14:37 - 2015-05-05 14:38 - 02219125 _____ ( ) C:\Users\***\Downloads\Minimal_ADB_and_Fastboot_1.0.exe
2015-05-05 14:37 - 2015-05-03 19:44 - 01895541 _____ () C:\Users\***\Downloads\Wuerfel(1) - Kopie.apk
2015-05-05 14:37 - 2015-05-03 16:15 - 01982660 _____ () C:\Users\***\Downloads\Wuerfel - Kopie.apk
2015-05-05 14:35 - 2015-05-05 14:41 - 225312652 _____ () C:\Users\***\Downloads\cm-12.1-20150505-NIGHTLY-grouper.zip
2015-05-03 19:44 - 2015-05-03 19:44 - 01895541 _____ () C:\Users\***\Downloads\Wuerfel(1).apk
2015-05-03 16:15 - 2015-05-03 16:15 - 01982660 _____ () C:\Users\***\Downloads\Wuerfel.apk
2015-05-03 16:11 - 2015-05-03 16:11 - 00474201 _____ () C:\Users\***\Downloads\Wuerfel.aia
2015-05-03 16:08 - 2015-05-17 12:59 - 00000000 ____D () C:\Users\***\Documents\App
2015-04-30 13:31 - 2015-04-30 13:31 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Local\Macromedia
2015-04-30 13:30 - 2015-04-30 13:30 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\Mozilla
2015-04-30 13:30 - 2015-04-30 13:30 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Local\Mozilla
2015-04-30 07:07 - 2015-04-30 07:07 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\AVAST Software
2015-04-26 07:50 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-26 07:50 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-26 07:50 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-26 07:50 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-26 07:50 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-26 07:50 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-26 07:50 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-26 07:50 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-26 07:49 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-26 07:49 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-26 07:49 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-26 07:49 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-26 07:49 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-26 07:49 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-26 07:49 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-26 07:49 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-26 07:46 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-26 07:45 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-26 07:45 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-26 07:45 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 14:57 - 2014-02-11 00:49 - 00000000 ____D () C:\Users\***\AppData\Roaming\OpenOffice
2015-05-17 14:54 - 2011-11-03 20:29 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job
2015-05-17 14:39 - 2015-04-07 13:54 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-17 14:20 - 2011-11-03 20:15 - 00001132 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA.job
2015-05-17 13:43 - 2011-04-20 22:02 - 01545580 _____ () C:\windows\WindowsUpdate.log
2015-05-17 13:24 - 2014-02-10 20:46 - 00000000 ____D () C:\Users\***
2015-05-17 13:05 - 2009-07-14 06:45 - 00020720 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 13:05 - 2009-07-14 06:45 - 00020720 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 13:00 - 2014-05-27 14:38 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-17 13:00 - 2010-09-12 22:06 - 00701576 _____ () C:\windows\system32\perfh007.dat
2015-05-17 13:00 - 2010-09-12 22:06 - 00150444 _____ () C:\windows\system32\perfc007.dat
2015-05-17 13:00 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-17 12:59 - 2014-02-28 10:13 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-05-17 12:53 - 2014-05-27 15:24 - 00021892 _____ () C:\windows\setupact.log
2015-05-17 12:53 - 2010-09-12 22:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2015-05-17 12:53 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-15 09:04 - 2012-06-05 20:54 - 00001142 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job
2015-05-15 07:20 - 2011-11-03 20:15 - 00001080 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core.job
2015-05-15 03:04 - 2012-06-05 20:54 - 00001120 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job
2015-05-14 20:54 - 2011-11-03 20:29 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job
2015-05-14 18:49 - 2011-06-08 19:49 - 00000000 ____D () C:\windows\rescache
2015-05-14 17:59 - 2009-07-14 06:45 - 00460976 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-14 17:58 - 2013-03-21 19:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 17:58 - 2013-03-21 19:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 17:58 - 2010-09-12 22:43 - 00242644 _____ () C:\windows\PFRO.log
2015-05-14 17:54 - 2009-07-27 16:36 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 12:39 - 2013-08-15 05:51 - 00000000 ____D () C:\windows\system32\MRT
2015-05-13 12:31 - 2012-11-20 21:04 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 12:27 - 2013-03-21 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 09:29 - 2014-12-30 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 18:09 - 2014-06-10 07:49 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2015-05-06 17:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-06 17:20 - 2010-09-12 22:05 - 00044004 _____ () C:\windows\DPINST.LOG
2015-05-06 17:18 - 2014-03-02 10:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-06 17:11 - 2011-06-08 10:56 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-06 16:59 - 2011-06-09 09:06 - 01598708 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-05-06 16:46 - 2011-11-25 16:39 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-06 16:36 - 2014-02-12 21:51 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-06 16:33 - 2014-05-27 15:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-06 16:29 - 2015-04-08 07:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-05 14:40 - 2014-02-10 20:46 - 00000000 ____D () C:\Users\***\AppData\Roaming\Adobe
2015-05-05 14:39 - 2014-07-06 14:24 - 00000000 ____D () C:\Users\***\AppData\Local\Adobe
2015-05-03 13:36 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-30 14:26 - 2014-12-23 10:29 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-30 14:26 - 2014-09-11 15:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-30 07:34 - 2011-11-03 20:19 - 00002374 _____ () C:\Users\WKSAdmin\Desktop\Google Chrome.lnk
2015-04-30 07:15 - 2011-11-03 20:15 - 00004108 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA
2015-04-30 07:15 - 2011-11-03 20:15 - 00003712 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core
2015-04-30 07:14 - 2011-06-08 11:02 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\Hewlett-Packard
2015-04-30 07:07 - 2011-06-08 11:03 - 00131304 _____ () C:\Users\WKSAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-30 07:06 - 2011-06-08 11:04 - 00001381 _____ () C:\Users\WKSAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-30 07:06 - 2011-06-08 11:04 - 00000000 ___RD () C:\Users\WKSAdmin\Virtual Machines
2015-04-30 07:04 - 2011-11-03 19:19 - 00000008 __RSH () C:\Users\WKSAdmin\ntuser.pol
2015-04-30 07:04 - 2011-06-08 10:55 - 00000000 ____D () C:\Users\WKSAdmin
2015-04-26 07:39 - 2015-04-07 13:54 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-26 07:39 - 2015-04-07 13:54 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-26 07:39 - 2015-04-07 13:54 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 16:33

==================== End Of Log ============================
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by *** at 2015-05-17 15:00:36
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-87322475-1675513697-3500870398-500 - Administrator - Disabled)
*** (S-1-5-21-87322475-1675513697-3500870398-1006 - Administrator - Enabled) => C:\Users\***
Gast (S-1-5-21-87322475-1675513697-3500870398-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-87322475-1675513697-3500870398-1005 - Limited - Enabled)
McAfeeMVSUser (S-1-5-21-87322475-1675513697-3500870398-1000 - Limited - Enabled)
WKSAdmin (S-1-5-21-87322475-1675513697-3500870398-1002 - Administrator - Enabled) => C:\Users\WKSAdmin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee® Total Protection™ Service (Disabled - Out of date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee® Total Protection™ Service (Disabled - Out of date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee® Total Protection™ Service (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActivClient x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVerMedia A850 USB DMB-TH 1.0.64.28 (HKLM-x32\...\AVerMedia A850 USB DMB-TH) (Version: 1.0.64.28 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
CSI - Tödliche Verschwörung (HKLM-x32\...\CSI - Tödliche Verschwörung) (Version: 1.0.0.0 - Ubisoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.6 - Hewlett-Packard)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.20141009 - Landesfinanzdirektion Thüringen)
Elsword_DE (HKLM-x32\...\Elsword_DE_is1) (Version:  - )
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.3 - Hewlett-Packard)
GS-Sport Training Gym Pro (HKLM-x32\...\GS-Sport Training Gym Pro) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{DE637160-7A1C-4F73-B1AB-4300AE2C2DDE}) (Version: 3.1.3 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3C33FD2E-6B21-4CD3-B41A-A7331D467617}) (Version: 1.0.6.0 - Hewlett-Packard)
HP Power Data (HKLM\...\{42DBA167-C25D-49CE-BBAF-DEC25E737DA8}) (Version: 1.0.21.158 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.13.766 - Hewlett-Packard Company)
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.4 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F4877}) (Version: 1.0.1.62 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{18F4179A-385F-40EE-AE2D-FA0E1BE62753}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.19.5 - Roxio)
HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.8 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)
King’s Bounty – Gold Edition (HKLM-x32\...\King’s Bounty – Gold Edition_is1) (Version:  - dtp)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
MAGIX Video Pro X6 (HKLM\...\MX.{CBC84EDA-E830-4240-9392-325C3E6D5DCA}) (Version: 13.0.4.2 - MAGIX Software GmbH)
MAGIX Video Pro X6 (Version: 13.0.4.2 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Firewall Protection Service (HKLM-x32\...\McAfee Managed Firewall) (Version: 5.1.0.325 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 de)) (Version: 38.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{46DD6CB5-C129-40A5-9427-2E67A400888E}) (Version: 1.1.130 - QUALCOMM)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.21 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.21 - Hewlett-Packard) Hidden
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-04-2015 11:00:07 Ende der Bereinigung
26-04-2015 07:49:56 Windows Update
30-04-2015 07:09:56 Windows Update
30-04-2015 14:24:35 Windows Update
05-05-2015 13:22:28 Windows Update
05-05-2015 14:45:07 Installed Universal Adb Driver
06-05-2015 16:25:13 Revo Uninstaller's restore point - 7-Zip 9.20
06-05-2015 16:28:35 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
06-05-2015 16:30:30 Revo Uninstaller's restore point - Telegram Desktop Version 0.8.11
06-05-2015 16:31:42 Revo Uninstaller's restore point - Java 8 Update 45
06-05-2015 16:32:05 Removed Java 8 Update 45
06-05-2015 16:33:42 Revo Uninstaller's restore point - Universal Adb Driver
06-05-2015 16:34:18 Removed Universal Adb Driver
06-05-2015 16:35:29 Revo Uninstaller's restore point - Google Earth
06-05-2015 16:35:54 Removed Google Earth.
06-05-2015 16:37:20 Revo Uninstaller's restore point - Minimal ADB and Fastboot version 1.1.3
06-05-2015 16:39:06 Revo Uninstaller's restore point - Microsoft Office 2010
06-05-2015 16:40:30 Microsoft Office 2010 wird entfernt
06-05-2015 16:42:34 Revo Uninstaller's restore point - Windows Live Essentials
06-05-2015 16:43:51 Revo Uninstaller's restore point - VLC media player 2.1.3
06-05-2015 16:46:30 Revo Uninstaller's restore point - Citrix Receiver (Enterprise)
06-05-2015 16:53:42 Revo Uninstaller's restore point - WinHTTrack Website Copier 3.48-13
06-05-2015 16:56:28 Windows Update
06-05-2015 17:05:11 Removed 7-Zip 9.20 (x64 edition)
06-05-2015 17:09:18 WinZip 18.0 wird entfernt
06-05-2015 17:13:08 Removed Bonjour
06-05-2015 17:15:04 Removed iTunes
06-05-2015 17:19:11 PC Connectivity Solution wird entfernt
06-05-2015 17:20:41 Removed Apple Mobile Device Support
09-05-2015 17:17:41 Revo Uninstaller's restore point - Notepad++
12-05-2015 18:02:32 Windows Update
13-05-2015 09:21:54 Revo Uninstaller's restore point - Mozilla Firefox 37.0.2 (x86 de)
13-05-2015 12:24:34 Windows Update
17-05-2015 12:58:02 avast! antivirus system restore point
17-05-2015 13:07:15 Windows Update
17-05-2015 14:44:52 Revo Uninstaller's restore point - Minimal ADB and Fastboot version 1.1.3
17-05-2015 14:46:57 Revo Uninstaller's restore point - OpenOffice 4.0.1

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-23 12:52 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0572EB59-D14D-494C-B6F1-3B1DD91F7864} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.)
Task: {1B18370D-9C96-48F1-81E1-79B0AEEBA6D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1DA27B49-CF89-442C-9E37-D7CFDF569200} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-05-05] (Microsoft)
Task: {1E902841-3181-47D0-B6C9-7D8DE929BC58} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {337C83A4-664C-404E-A04F-D85FAC37F0EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-17] (Avast Software s.r.o.)
Task: {3D9A956D-29D9-4E8F-9BEA-EC454D51331C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {429DF5D7-E424-4AE4-86DF-9B7E354C1CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {5D8E2B55-66B6-4C0D-830F-20FFC2547290} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.)
Task: {5E7D3017-6EA8-4844-BEB3-21DB7821AAF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {6C115F72-B819-4A72-A2A0-DB2459E919CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03] (Google Inc.)
Task: {7B6DAE41-A0FD-4623-ABAC-55FE4726B479} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-26] (Adobe Systems Incorporated)
Task: {7FBA0FCA-4E43-4749-A4A4-3C9940B20C2B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A63ECA4B-4883-402F-A1E8-9B8277026CEA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C7B7642E-026A-447D-8C7F-ACDD50521771} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E7AC1466-6CEE-4F73-B9A7-A50EA1A602A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03] (Google Inc.)
Task: {EC5EF820-4A59-49FA-A579-308D4E9D72A4} - System32\Tasks\avastBCLRestartS-1-5-21-87322475-1675513697-3500870398-1006 => Firefox.exe 
Task: {F3DEAB73-205C-4DF2-B669-E9CBA503E279} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {FE9B86CE-79B6-4AB0-9181-B5D522674FF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core.job => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA.job => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-02-11 01:57 - 2006-02-23 12:35 - 00020480 _____ () C:\windows\System32\FritzColorPort64.dll
2014-02-11 01:57 - 2006-02-22 11:39 - 00020480 _____ () C:\windows\System32\FritzPort64.dll
2010-04-05 20:15 - 2010-04-05 20:15 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-04-05 20:15 - 2010-04-05 20:15 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-04-05 20:15 - 2010-04-05 20:15 - 00055352 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-04-05 20:11 - 2010-04-05 20:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2015-04-07 14:06 - 2015-04-07 14:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-07 14:06 - 2015-04-07 14:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-14 20:35 - 2015-05-14 20:35 - 02928128 _____ () C:\Program Files\AVAST Software\Avast\defs\15051401\algo.dll
2015-05-17 12:55 - 2015-05-17 12:55 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051700\algo.dll
2010-03-13 04:27 - 2010-03-13 04:27 - 00168280 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMBIOSController.dll
2015-04-07 14:06 - 2015-04-07 14:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-26 07:39 - 2015-04-26 07:39 - 16863920 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DEBridge => 3
MSCONFIG\Services: DpHost => 2
MSCONFIG\Services: FLCDLOCK => 3
MSCONFIG\Services: HiSuiteOuc64.exe => 2
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: McShield => 2
MSCONFIG\Services: mfevtp => 2
MSCONFIG\Services: QDLService2kHP => 2
MSCONFIG\Services: RIM Tunnel Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^phase-6 Reminder.lnk => C:\windows\pss\phase-6 Reminder.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: McAfee Managed Services Tray => C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files (x86)\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: svchospt => C:\windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5CD99CF-4C3C-49B6-B85C-C88C19CDA697}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{9D9AA013-4CB5-4108-8441-EFE4574E24E9}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{6959122F-5BB0-4594-A63C-CBA662D9D3DD}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{EE8BC358-2B44-4F4F-B828-2BABE8311A11}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{FCAAB124-999E-423A-A2B1-A99F4E16775A}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{63AC9ABB-8A13-4CF8-87A6-87750FEB9EFD}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{1E76E58B-5547-487A-8D00-3FD58BB0DBA5}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{B857F6DE-5AD5-4384-9ED1-778260804DB0}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{18DD0E19-0EE7-490F-8BD8-5D297E67D5C0}] => (Allow) C:\Program Files (x86)\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [{3B6A9970-45D3-4E93-B1EE-29478C55B2AB}] => (Allow) C:\Program Files (x86)\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [TCP Query User{C0D71C6A-0E51-4514-A533-59E9CA665D9B}C:\windows\syswow64\svchospt.exe] => (Block) C:\windows\syswow64\svchospt.exe
FirewallRules: [UDP Query User{84308D94-E2E0-43EF-872E-D3F4E90D53A1}C:\windows\syswow64\svchospt.exe] => (Block) C:\windows\syswow64\svchospt.exe
FirewallRules: [{E6ED986E-CBAA-401E-9B01-0017ECB514FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{453D1B33-9A42-480D-B6A7-76C500BA2E5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99E1A11A-3260-419D-B187-0766504CFB90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5427619D-0625-4ABB-A5A2-52CA747D9B02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{327FB5AC-9CE7-486C-9AE7-AA8976B88CB8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{250E6EEC-3A0A-4B67-8EDE-F026371197EA}] => (Allow) LPort=2869
FirewallRules: [{04F5C6AD-6569-43CA-88D0-8302422F774A}] => (Allow) LPort=1900
FirewallRules: [{FC36CC8F-3957-43F8-ADEC-F4EA508B9381}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{ED2F6151-76D7-4559-A474-F7453E0EA88C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{449D8604-DF60-4C96-B4B8-94F5130BC9BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE0D57EC-CA0D-4E58-9DFC-BC442C1D7379}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2015 08:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/10/2015 07:29:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x8a0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/09/2015 06:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/08/2015 04:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x8b0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/08/2015 02:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x820
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/08/2015 06:55:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x888
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/06/2015 06:06:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x87c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/05/2015 02:40:14 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/04/2015 08:30:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Telegram.exe, Version 0.8.11.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 5dc

Startzeit: 01d086964ff4dc84

Endzeit: 0

Anwendungspfad: C:\Users\***\AppData\Roaming\Telegram Desktop\Telegram.exe

Berichts-ID:

Error: (04/30/2015 07:06:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2192) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.


System errors:
=============
Error: (05/17/2015 01:11:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.197.2571.0)

Error: (05/17/2015 00:54:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/14/2015 08:35:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/14/2015 08:18:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/14/2015 06:00:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/14/2015 05:56:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (05/12/2015 05:57:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/10/2015 07:43:51 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/10/2015 07:29:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2015 07:11:11 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (05/14/2015 08:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1286801d08e5ef6cd04bfC:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dll91cdc8be-fa65-11e4-b125-cc52af77c95f

Error: (05/10/2015 07:29:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec128a001d08adf932b1c4eC:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dll95f4b323-f6d5-11e4-8f5c-64315091adf0

Error: (05/09/2015 06:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec128bc01d08a6a2c802ceaC:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dlldaaded39-f669-11e4-b14d-64315091adf0

Error: (05/08/2015 04:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec128b001d0899c4214b217C:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dllcd59e042-f592-11e4-b4ad-64315091adf0

Error: (05/08/2015 02:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1282001d08986f826fe5fC:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dll37c84907-f581-11e4-85d8-64315091adf0

Error: (05/08/2015 06:55:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1288801d08947df4de783C:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dll7492c7d6-f53e-11e4-a236-64315091adf0

Error: (05/06/2015 06:06:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1287c01d088145238ea11C:\windows\System32\svchost.exeC:\windows\SYSTEM32\ntdll.dlld520ea55-f409-11e4-b35e-64315091adf0

Error: (05/05/2015 02:40:14 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/04/2015 08:30:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Telegram.exe0.8.11.05dc01d086964ff4dc840C:\Users\***\AppData\Roaming\Telegram Desktop\Telegram.exe

Error: (04/30/2015 07:06:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2192WindowsMail0:


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 2991.43 MB
Available physical RAM: 1224.39 MB
Total Pagefile: 5981.07 MB
Available Pagefile: 3446.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.79 GB) (Free:157 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8C949010)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 17.05.2015, 14:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________

Alt 19.05.2015, 05:39   #3
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Hallo,

MBAR:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.18.03
  rootkit: v2015.05.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
*** :: WKSADMIN-HP [administrator]

18.05.2015 16:22:06
mbar-log-2015-05-18 (16-22-06).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 471331
Time elapsed: 34 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
__________________

Alt 19.05.2015, 15:46   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Bis auf McAfee sehe ich keine Probleme in den Logs.

http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.05.2015, 15:54   #5
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Ich kann MCAFEE aber nicht de installieren, da es mal ein Firmenlaptop war.

Oder wie geht das ?


Alt 20.05.2015, 06:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Was genau bedeutet "es WAR ein Firmenlaptop"??

Wenn er dir für privat überlassen wurde kannste machen was du willst, du bist auch laut Log Admin, also sollte das gehen.

McAfee und Norton sind die beiden schlimmsten Erfindungen, seit Nullen und Einsen über Leiterplatten fließen.
__________________
--> Computer hakt und ist langsam

Alt 24.05.2015, 16:12   #7
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Hallo,

habe McAfee gelöscht.

Schau mal:

FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by *** (administrator) on WKSADMIN-HP on 24-05-2015 16:58:36
Running from C:\Users\***\Desktop
Loaded Profiles: *** (Available Profiles: WKSAdmin & ***)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Smith Micro Software, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Smith Micro Software, Inc) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-04] (ActivIdentity)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-04] (ActivIdentity)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-17] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Connection Manager.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe [1119048 2010-03-13] (Smith Micro Software, Inc)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-17] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-87322475-1675513697-3500870398-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-87322475-1675513697-3500870398-1006 -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = 
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-01-19] (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-04-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-04-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\adkwsaxe.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-04-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-04-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Extension: MEGA - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\adkwsaxe.default\Extensions\firefox@mega.co.nz.xpi [2015-05-24]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\adkwsaxe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-04] (ActivIdentity)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-17] (Avast Software s.r.o.)
S4 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-02] (McAfee, Inc.) []
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S4 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S4 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) []
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) []
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-06-14] (Hewlett-Packard Company) []
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2010-01-19] (Hewlett-Packard) []
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) []
S4 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-02-04] (McAfee, Inc.)
S4 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [149032 2010-02-08] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
S4 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [331000 2010-03-16] (QUALCOMM, Inc.)
R2 SMManager; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe [82760 2010-03-13] (Smith Micro Software, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0261551432132033mcinstcleanup; C:\Users\***\AppData\Local\Temp\026155~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-17] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] ()
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (AVerMedia TECHNOLOGIES, Inc.) []
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-03-09] (Huawei Technologies Co., Ltd.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121760 2010-02-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-02-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [527592 2010-02-08] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94224 2010-02-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [280008 2010-02-08] (McAfee, Inc.)
S3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [242176 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [121600 2010-03-15] (QUALCOMM Incorporated)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-28] (Research in Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-02] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89344 2010-01-30] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-02] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-02] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) []
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 17:02 - 2015-05-24 17:02 - 00000000 ____D () C:\Users\***\Downloads\B520
2015-05-24 16:58 - 2015-05-24 17:01 - 00019086 _____ () C:\Users\***\Desktop\FRST.txt
2015-05-24 16:58 - 2015-05-24 17:00 - 1148680827 _____ () C:\Users\***\Downloads\B520.zip
2015-05-24 16:57 - 2015-05-24 16:57 - 00000000 ____D () C:\Users\***\Desktop\FRST-OlderVersion
2015-05-24 16:56 - 2015-05-24 16:59 - 00000000 ____D () C:\FRST
2015-05-24 16:24 - 2015-05-24 16:24 - 00000000 _____ () C:\dll.log
2015-05-24 16:23 - 2015-05-24 16:26 - 00000000 ____D () C:\Users\***\Documents\HiSuite
2015-05-24 16:23 - 2015-05-24 16:23 - 00000000 ____D () C:\ProgramData\HiSuiteDataSvc
2015-05-24 16:22 - 2015-03-09 04:55 - 02152176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFUpdate_01009.dll
2015-05-24 16:22 - 2015-03-09 04:55 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfCoInstaller01009.dll
2015-05-24 16:22 - 2015-03-09 04:55 - 01002728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusbcoinstaller2.dll
2015-05-24 16:22 - 2015-03-09 04:55 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-05-24 16:22 - 2015-03-09 04:55 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-05-24 16:19 - 2015-05-24 16:20 - 35284744 _____ () C:\Users\***\Downloads\HiSuite_2.3.50.exe
2015-05-22 06:32 - 2015-05-22 06:32 - 08379889 _____ () C:\Users\***\Downloads\Install_RMPrepUSB_Full_v2.1.728.zip
2015-05-21 18:05 - 2015-05-21 17:52 - 1051721728 _____ () C:\Users\***\Desktop\ubuntu-14.04.2-desktop-i386.iso
2015-05-21 16:38 - 2015-05-21 17:08 - 1186529280 _____ () C:\Users\***\Desktop\ubuntu-14.10-desktop-i386.iso
2015-05-21 15:53 - 2015-05-21 16:23 - 1150844928 _____ () C:\Users\***\Downloads\ubuntu-15.04-desktop-amd64.iso
2015-05-21 15:09 - 2015-05-21 15:10 - 06142275 _____ (LinuxLive USB Creator) C:\Users\***\Downloads\LinuxLive_USB_Creator_2.9.2.exe
2015-05-21 14:36 - 2015-05-21 15:02 - 1044381696 _____ () C:\Users\***\Downloads\ubuntu-14.04.2-desktop-amd64.iso
2015-05-21 14:34 - 2015-05-21 15:08 - 00000000 ____D () C:\Users\***\.VirtualBox
2015-05-21 14:34 - 2015-05-21 14:34 - 00000000 ____D () C:\Users\***\VirtualBox VMs
2015-05-21 14:33 - 2015-05-21 14:33 - 00001036 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-05-21 14:33 - 2015-05-21 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-05-21 14:33 - 2015-05-21 14:33 - 00000000 ____D () C:\Program Files\Oracle
2015-05-21 14:33 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys
2015-05-21 14:33 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys
2015-05-21 14:29 - 2015-05-21 14:32 - 111273672 _____ (Oracle Corporation) C:\Users\***\Downloads\VirtualBox-4.3.28-100309-Win.exe
2015-05-21 14:28 - 2015-05-21 14:28 - 06505838 _____ () C:\Users\***\Downloads\LinuxLive USB Creator 2.9.3.zip
2015-05-20 16:55 - 2015-05-20 16:55 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-19 13:42 - 2015-05-19 13:43 - 02219125 _____ ( ) C:\Users\***\Downloads\Minimal_ADB_and_Fastboot_1.0(2).exe
2015-05-19 07:19 - 2015-05-19 07:20 - 33086653 _____ () C:\Users\***\Downloads\NRT_v2.0.4.sfx.exe
2015-05-19 07:13 - 2015-05-19 07:16 - 66417125 _____ (SkipSoft Ltd, toolkit.support@skipsoft.net) C:\Users\***\Downloads\Unified_Android_Toolkit_v1.3.5.exe
2015-05-19 07:10 - 2015-05-19 07:22 - 398334256 _____ () C:\Users\***\Downloads\nakasi-lmy47v-factory-b48bd71d.tgz
2015-05-19 04:40 - 2015-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 16:20 - 2015-05-18 16:20 - 16502728 _____ (Malwarebytes Corp.) C:\Users\***\Downloads\mbar-1.09.1.1004.exe
2015-05-17 15:10 - 2015-05-17 15:10 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-17 15:10 - 2015-05-17 15:10 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-17 15:09 - 2015-05-17 15:09 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-17 15:03 - 2015-05-17 15:07 - 164858324 _____ () C:\Users\***\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2015-05-17 14:58 - 2015-05-24 16:57 - 02108416 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2015-05-17 14:40 - 2015-05-17 14:46 - 00000000 ____D () C:\Users\***\Documents\Schule
2015-05-17 13:34 - 2015-05-17 13:34 - 01623373 _____ () C:\Users\***\Downloads\SunshineLive(1).apk
2015-05-17 13:31 - 2015-05-17 13:31 - 01751368 _____ () C:\Users\***\Downloads\OstseewelleHitradioMV.apk
2015-05-17 13:24 - 2015-05-17 13:24 - 00001204 _____ () C:\Users\***\Downloads - Verknüpfung.lnk
2015-05-17 13:19 - 2015-05-17 13:19 - 01396194 _____ () C:\Users\***\Downloads\RadioNeandertal.apk
2015-05-17 13:16 - 2015-05-17 13:16 - 00033564 _____ () C:\Users\***\Downloads\OstseewelleHitradioMV.aia
2015-05-17 13:16 - 2015-05-17 13:16 - 00005787 _____ () C:\Users\***\Downloads\Taschenrechner.aia
2015-05-17 13:13 - 2015-05-17 13:13 - 01412123 _____ () C:\Users\***\Downloads\SunshineLive.apk
2015-05-17 13:00 - 2015-05-17 13:00 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-05-17 13:00 - 2015-05-17 13:00 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-05-14 20:14 - 2015-05-14 20:14 - 00000000 ____D () C:\Users\***\Downloads\adb-tools_treiber
2015-05-14 20:13 - 2015-05-14 20:14 - 15902044 _____ () C:\Users\***\Downloads\adb-tools_treiber.zip
2015-05-14 20:06 - 2015-05-14 20:06 - 05102203 _____ () C:\Users\***\Downloads\kernel.zip
2015-05-14 20:05 - 2015-05-14 20:05 - 02219125 _____ ( ) C:\Users\***\Downloads\Minimal_ADB_and_Fastboot_1.0(1).exe
2015-05-13 17:10 - 2015-05-13 17:10 - 00204264 _____ (Oracle Corporation) C:\windows\system32\VBoxNetFltNobj.dll
2015-05-13 17:10 - 2015-05-13 17:10 - 00156360 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxNetFlt.sys
2015-05-13 17:10 - 2015-05-13 17:10 - 00141440 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxNetAdp.sys
2015-05-13 12:27 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:27 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:24 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 12:24 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 12:24 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 12:24 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 12:24 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 12:24 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 12:24 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 12:24 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 12:24 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 12:24 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 12:24 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 12:24 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 12:24 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 12:24 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 12:24 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 12:24 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 12:24 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 12:24 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 12:24 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 12:24 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 12:24 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 12:24 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 12:24 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 12:24 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 12:24 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 12:24 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 12:24 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 12:24 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 12:24 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 12:24 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 12:24 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 12:24 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 12:24 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 12:24 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 12:24 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 12:24 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 12:24 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 12:24 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 12:24 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 12:24 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 12:24 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 12:24 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 12:24 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 12:24 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 12:24 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 12:24 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 12:24 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 12:24 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 12:24 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 12:24 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 12:24 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 12:24 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 12:24 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 12:24 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 12:24 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 12:24 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 12:24 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 12:24 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 12:24 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 12:24 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 12:23 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 12:23 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 12:23 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 12:23 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 12:23 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 12:23 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 12:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 12:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 12:23 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 12:19 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 12:19 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 12:19 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 10:56 - 2015-05-13 10:56 - 00000000 ____D () C:\Users\***\Documents\1&1 Kündigung
2015-05-13 09:29 - 2015-05-13 09:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-13 09:29 - 2015-05-13 09:29 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-13 09:20 - 2015-05-13 09:20 - 00243664 _____ () C:\Users\***\Downloads\Firefox Setup Stub 38.0.exe
2015-05-09 17:15 - 2015-05-09 17:16 - 00000000 ____D () C:\Users\***\Downloads\Universal_ADB-Helper_2.6
2015-05-09 17:15 - 2015-05-09 17:15 - 01385976 _____ () C:\Users\***\Downloads\Universal_ADB-Helper_2.6.zip
2015-05-09 17:13 - 2015-05-09 17:32 - 00000000 ____D () C:\Users\***\AppData\Roaming\Notepad++
2015-05-09 17:12 - 2015-05-09 17:12 - 08254766 _____ () C:\Users\***\Downloads\npp.6.7.7.Installer.exe
2015-05-08 06:43 - 2015-05-17 14:30 - 00000000 ____D () C:\Users\***\Documents\Redaktion
2015-05-07 13:49 - 2015-05-07 13:49 - 04000946 _____ () C:\Users\***\Downloads\rcsetup1.5.2_slim.zip
2015-05-06 16:56 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-06 16:56 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-06 16:56 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-06 16:56 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-06 16:56 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-06 16:56 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-06 16:56 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-06 16:56 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-06 16:56 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-06 16:56 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-06 16:56 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-06 16:56 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-06 16:56 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-06 16:56 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-06 16:56 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-06 16:56 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-06 16:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-06 16:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-06 16:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-06 16:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-06 16:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-06 16:55 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-06 16:55 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-06 16:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-06 16:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-06 16:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-06 16:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-06 16:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-06 16:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-06 16:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-06 16:55 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-06 16:55 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-06 16:55 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-06 16:55 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-06 16:55 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-06 16:54 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-05-06 16:54 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-05-06 16:54 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-05-06 16:54 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-05-06 16:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-06 16:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-06 16:46 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-06 16:46 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-06 16:45 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-06 16:45 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-06 16:45 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-06 16:45 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-06 16:45 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-06 16:38 - 2015-05-06 16:38 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-05-06 16:37 - 2015-05-06 16:37 - 00000000 ____D () C:\Program Files\Java
2015-05-06 16:34 - 2015-05-06 16:35 - 43159464 _____ (Oracle Corporation) C:\Users\***\Downloads\jre-8u45-windows-x64.exe
2015-05-05 14:44 - 2015-05-05 14:44 - 09208320 _____ () C:\Users\***\Downloads\UniversalAdbDriverSetup6.msi
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\***\Downloads\usb_driver
2015-05-05 14:42 - 2015-05-05 14:43 - 08682859 _____ () C:\Users\***\Downloads\latest_usb_driver_windows.zip
2015-05-05 14:37 - 2015-05-05 14:38 - 02219125 _____ ( ) C:\Users\***\Downloads\Minimal_ADB_and_Fastboot_1.0.exe
2015-05-05 14:37 - 2015-05-03 19:44 - 01895541 _____ () C:\Users\***\Downloads\Wuerfel(1) - Kopie.apk
2015-05-05 14:37 - 2015-05-03 16:15 - 01982660 _____ () C:\Users\***\Downloads\Wuerfel - Kopie.apk
2015-05-05 14:35 - 2015-05-05 14:41 - 225312652 _____ () C:\Users\***\Downloads\cm-12.1-20150505-NIGHTLY-grouper.zip
2015-05-03 19:44 - 2015-05-03 19:44 - 01895541 _____ () C:\Users\***\Downloads\Wuerfel(1).apk
2015-05-03 16:15 - 2015-05-03 16:15 - 01982660 _____ () C:\Users\***\Downloads\Wuerfel.apk
2015-05-03 16:11 - 2015-05-03 16:11 - 00474201 _____ () C:\Users\***\Downloads\Wuerfel.aia
2015-05-03 16:08 - 2015-05-17 12:59 - 00000000 ____D () C:\Users\***\Documents\App
2015-04-30 13:31 - 2015-04-30 13:31 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Local\Macromedia
2015-04-30 13:30 - 2015-04-30 13:30 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\Mozilla
2015-04-30 13:30 - 2015-04-30 13:30 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Local\Mozilla
2015-04-30 07:07 - 2015-04-30 07:07 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\AVAST Software
2015-04-26 07:50 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-26 07:50 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-26 07:50 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-26 07:50 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-26 07:50 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-26 07:50 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-26 07:50 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-26 07:50 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-26 07:50 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-26 07:50 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-26 07:50 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-26 07:49 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-26 07:49 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-26 07:49 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-26 07:49 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-26 07:49 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-26 07:49 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-26 07:49 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-26 07:49 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-26 07:46 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-26 07:45 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-26 07:45 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-26 07:45 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 16:55 - 2014-03-01 17:18 - 00000000 ____D () C:\Users\***\AppData\Local\HiSuite
2015-05-24 16:54 - 2011-11-03 20:29 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job
2015-05-24 16:39 - 2015-04-07 13:54 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-24 16:30 - 2010-09-12 22:06 - 00701576 _____ () C:\windows\system32\perfh007.dat
2015-05-24 16:30 - 2010-09-12 22:06 - 00150444 _____ () C:\windows\system32\perfc007.dat
2015-05-24 16:30 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-24 16:28 - 2011-04-20 22:02 - 01826090 _____ () C:\windows\WindowsUpdate.log
2015-05-24 16:26 - 2014-05-27 15:24 - 00027346 _____ () C:\windows\setupact.log
2015-05-24 16:20 - 2011-11-03 20:15 - 00001132 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA.job
2015-05-24 15:04 - 2012-06-05 20:54 - 00001142 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job
2015-05-24 07:19 - 2011-11-03 20:15 - 00001080 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core.job
2015-05-24 03:04 - 2012-06-05 20:54 - 00001120 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job
2015-05-23 20:54 - 2011-11-03 20:29 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job
2015-05-23 11:38 - 2009-07-14 06:45 - 00020720 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 11:38 - 2009-07-14 06:45 - 00020720 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 11:31 - 2014-02-28 10:13 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-23 11:30 - 2010-09-12 22:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2015-05-23 11:29 - 2010-09-12 22:43 - 00250922 _____ () C:\windows\PFRO.log
2015-05-23 11:29 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-21 15:19 - 2015-04-07 16:20 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-21 15:19 - 2015-04-07 16:20 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-21 14:34 - 2014-02-10 20:46 - 00000000 ____D () C:\Users\***
2015-05-20 16:57 - 2014-03-01 19:34 - 00000000 ____D () C:\Temp
2015-05-20 16:45 - 2014-07-06 14:24 - 00000000 ____D () C:\Users\***\AppData\Local\Adobe
2015-05-20 16:44 - 2015-04-07 13:54 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 16:44 - 2015-04-07 13:54 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 16:44 - 2015-04-07 13:54 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 16:37 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-20 16:35 - 2010-09-12 22:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-20 16:34 - 2012-03-30 15:43 - 00000000 ____D () C:\windows\Driver Cache
2015-05-20 16:27 - 2010-09-12 22:38 - 00004493 _____ () C:\windows\system32\Config.MPF
2015-05-20 16:20 - 2014-12-30 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-19 15:44 - 2010-09-12 22:05 - 00068182 _____ () C:\windows\DPINST.LOG
2015-05-18 17:03 - 2014-06-10 07:49 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2015-05-18 16:21 - 2014-10-08 08:11 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-18 16:21 - 2014-10-08 08:11 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-18 16:16 - 2009-07-14 06:45 - 00460200 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-17 15:49 - 2014-02-10 20:47 - 00131304 _____ () C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-17 14:57 - 2014-02-11 00:49 - 00000000 ____D () C:\Users\***\AppData\Roaming\OpenOffice
2015-05-17 13:00 - 2014-05-27 14:38 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-05-17 13:00 - 2014-02-28 10:13 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-05-17 12:59 - 2014-02-28 10:13 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-05-14 18:49 - 2011-06-08 19:49 - 00000000 ____D () C:\windows\rescache
2015-05-14 17:58 - 2013-03-21 19:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 17:58 - 2013-03-21 19:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 17:54 - 2009-07-27 16:36 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 12:39 - 2013-08-15 05:51 - 00000000 ____D () C:\windows\system32\MRT
2015-05-13 12:31 - 2012-11-20 21:04 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 12:27 - 2013-03-21 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-06 17:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-06 17:18 - 2014-03-02 10:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-06 16:59 - 2011-06-09 09:06 - 01598708 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-05-06 16:46 - 2011-11-25 16:39 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-06 16:36 - 2014-02-12 21:51 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-06 16:33 - 2014-05-27 15:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-06 16:29 - 2015-04-08 07:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-05 14:40 - 2014-02-10 20:46 - 00000000 ____D () C:\Users\***\AppData\Roaming\Adobe
2015-05-03 13:36 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-30 14:26 - 2014-12-23 10:29 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-30 14:26 - 2014-09-11 15:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-30 07:34 - 2011-11-03 20:19 - 00002374 _____ () C:\Users\WKSAdmin\Desktop\Google Chrome.lnk
2015-04-30 07:15 - 2011-11-03 20:15 - 00004108 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA
2015-04-30 07:15 - 2011-11-03 20:15 - 00003712 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core
2015-04-30 07:14 - 2011-06-08 11:02 - 00000000 ____D () C:\Users\WKSAdmin\AppData\Roaming\Hewlett-Packard
2015-04-30 07:07 - 2011-06-08 11:03 - 00131304 _____ () C:\Users\WKSAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-30 07:06 - 2011-06-08 11:04 - 00001381 _____ () C:\Users\WKSAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-30 07:06 - 2011-06-08 11:04 - 00000000 ___RD () C:\Users\WKSAdmin\Virtual Machines
2015-04-30 07:04 - 2011-11-03 19:19 - 00000008 __RSH () C:\Users\WKSAdmin\ntuser.pol
2015-04-30 07:04 - 2011-06-08 10:55 - 00000000 ____D () C:\Users\WKSAdmin

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 00:34

==================== End of log ============================
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by *** at 2015-05-24 17:05:11
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-87322475-1675513697-3500870398-500 - Administrator - Disabled)
*** (S-1-5-21-87322475-1675513697-3500870398-1006 - Administrator - Enabled) => C:\Users\***
Gast (S-1-5-21-87322475-1675513697-3500870398-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-87322475-1675513697-3500870398-1005 - Limited - Enabled)
McAfeeMVSUser (S-1-5-21-87322475-1675513697-3500870398-1000 - Limited - Enabled)
WKSAdmin (S-1-5-21-87322475-1675513697-3500870398-1002 - Administrator - Enabled) => C:\Users\WKSAdmin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActivClient x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.6 - Hewlett-Packard)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.20141009 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.3 - Hewlett-Packard)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{DE637160-7A1C-4F73-B1AB-4300AE2C2DDE}) (Version: 3.1.3 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3C33FD2E-6B21-4CD3-B41A-A7331D467617}) (Version: 1.0.6.0 - Hewlett-Packard)
HP Power Data (HKLM\...\{42DBA167-C25D-49CE-BBAF-DEC25E737DA8}) (Version: 1.0.21.158 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.13.766 - Hewlett-Packard Company)
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.4 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F4877}) (Version: 1.0.1.62 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{18F4179A-385F-40EE-AE2D-FA0E1BE62753}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.19.5 - Roxio)
HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.8 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
MAGIX Video Pro X6 (HKLM\...\MX.{CBC84EDA-E830-4240-9392-325C3E6D5DCA}) (Version: 13.0.4.2 - MAGIX Software GmbH)
MAGIX Video Pro X6 (Version: 13.0.4.2 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{46DD6CB5-C129-40A5-9427-2E67A400888E}) (Version: 1.1.130 - QUALCOMM)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.21 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.21 - Hewlett-Packard) Hidden
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-04-2015 11:00:07 Ende der Bereinigung
26-04-2015 07:49:56 Windows Update
30-04-2015 07:09:56 Windows Update
30-04-2015 14:24:35 Windows Update
05-05-2015 13:22:28 Windows Update
05-05-2015 14:45:07 Installed Universal Adb Driver
06-05-2015 16:25:13 Revo Uninstaller's restore point - 7-Zip 9.20
06-05-2015 16:28:35 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
06-05-2015 16:30:30 Revo Uninstaller's restore point - Telegram Desktop Version 0.8.11
06-05-2015 16:31:42 Revo Uninstaller's restore point - Java 8 Update 45
06-05-2015 16:32:05 Removed Java 8 Update 45
06-05-2015 16:33:42 Revo Uninstaller's restore point - Universal Adb Driver
06-05-2015 16:34:18 Removed Universal Adb Driver
06-05-2015 16:35:29 Revo Uninstaller's restore point - Google Earth
06-05-2015 16:35:54 Removed Google Earth.
06-05-2015 16:37:20 Revo Uninstaller's restore point - Minimal ADB and Fastboot version 1.1.3
06-05-2015 16:39:06 Revo Uninstaller's restore point - Microsoft Office 2010
06-05-2015 16:40:30 Microsoft Office 2010 wird entfernt
06-05-2015 16:42:34 Revo Uninstaller's restore point - Windows Live Essentials
06-05-2015 16:43:51 Revo Uninstaller's restore point - VLC media player 2.1.3
06-05-2015 16:46:30 Revo Uninstaller's restore point - Citrix Receiver (Enterprise)
06-05-2015 16:53:42 Revo Uninstaller's restore point - WinHTTrack Website Copier 3.48-13
06-05-2015 16:56:28 Windows Update
06-05-2015 17:05:11 Removed 7-Zip 9.20 (x64 edition)
06-05-2015 17:09:18 WinZip 18.0 wird entfernt
06-05-2015 17:13:08 Removed Bonjour
06-05-2015 17:15:04 Removed iTunes
06-05-2015 17:19:11 PC Connectivity Solution wird entfernt
06-05-2015 17:20:41 Removed Apple Mobile Device Support
09-05-2015 17:17:41 Revo Uninstaller's restore point - Notepad++
12-05-2015 18:02:32 Windows Update
13-05-2015 09:21:54 Revo Uninstaller's restore point - Mozilla Firefox 37.0.2 (x86 de)
13-05-2015 12:24:34 Windows Update
17-05-2015 12:58:02 avast! antivirus system restore point
17-05-2015 13:07:15 Windows Update
17-05-2015 14:44:52 Revo Uninstaller's restore point - Minimal ADB and Fastboot version 1.1.3
17-05-2015 14:46:57 Revo Uninstaller's restore point - OpenOffice 4.0.1
17-05-2015 15:08:51 OpenOffice 4.1.1 wird installiert
19-05-2015 13:40:51 Gerätetreiber-Paketinstallation: Google, Inc. Android Phone
19-05-2015 15:17:50 Revo Uninstaller's restore point - Minimal ADB and Fastboot version 1.1.3
20-05-2015 16:26:02 Revo Uninstaller's restore point - McAfee Firewall Protection Service
20-05-2015 16:30:31 Revo Uninstaller's restore point - Elsword_DE
20-05-2015 16:32:24 Revo Uninstaller's restore point - CSI - Tödliche Verschwörung
20-05-2015 16:33:20 Revo Uninstaller's restore point - AVerTV
20-05-2015 16:34:02 Konfiguriert AVerTV
20-05-2015 16:36:47 Revo Uninstaller's restore point - King’s Bounty – Gold Edition
20-05-2015 16:42:54 Windows Update
21-05-2015 14:32:44 Installed Oracle VM VirtualBox 4.3.28
21-05-2015 15:18:59 Windows Update
23-05-2015 08:31:53 Revo Uninstaller's restore point - LinuxLive USB Creator
23-05-2015 08:33:04 Revo Uninstaller's restore point - RMPrepUSB
24-05-2015 16:53:11 Revo Uninstaller's restore point - HiSuite

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-23 12:52 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0572EB59-D14D-494C-B6F1-3B1DD91F7864} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.)
Task: {1B18370D-9C96-48F1-81E1-79B0AEEBA6D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1DA27B49-CF89-442C-9E37-D7CFDF569200} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-05-05] (Microsoft)
Task: {337C83A4-664C-404E-A04F-D85FAC37F0EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-17] (Avast Software s.r.o.)
Task: {3D9A956D-29D9-4E8F-9BEA-EC454D51331C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {429DF5D7-E424-4AE4-86DF-9B7E354C1CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4F030731-70DF-4124-B9F3-6B2581C28B29} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {5D8E2B55-66B6-4C0D-830F-20FFC2547290} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.)
Task: {6C115F72-B819-4A72-A2A0-DB2459E919CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03] (Google Inc.)
Task: {6D75381A-5445-477A-BF32-96F53590420F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {7B6DAE41-A0FD-4623-ABAC-55FE4726B479} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: {A63ECA4B-4883-402F-A1E8-9B8277026CEA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C7B7642E-026A-447D-8C7F-ACDD50521771} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E7AC1466-6CEE-4F73-B9A7-A50EA1A602A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03] (Google Inc.)
Task: {EC5EF820-4A59-49FA-A579-308D4E9D72A4} - System32\Tasks\avastBCLRestartS-1-5-21-87322475-1675513697-3500870398-1006 => Firefox.exe 
Task: {FE9B86CE-79B6-4AB0-9181-B5D522674FF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job => C:\Users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002Core.job => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1002UA.job => C:\Users\WKSAdmin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-87322475-1675513697-3500870398-1003UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-02-11 01:57 - 2006-02-23 12:35 - 00020480 _____ () C:\windows\System32\FritzColorPort64.dll
2014-02-11 01:57 - 2006-02-22 11:39 - 00020480 _____ () C:\windows\System32\FritzPort64.dll
2010-04-05 20:15 - 2010-04-05 20:15 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-05-17 13:00 - 2015-05-17 13:00 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-17 13:00 - 2015-05-17 13:00 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-22 18:44 - 2015-05-22 18:44 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052201\algo.dll
2015-05-24 15:35 - 2015-05-24 15:35 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052400\algo.dll
2010-03-13 04:27 - 2010-03-13 04:27 - 00168280 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMBIOSController.dll
2015-04-07 14:06 - 2015-04-07 14:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00602624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.UI.ViewModel.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00355328 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Application.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 00130048 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP.ShinyNoire.UI.dll
2010-03-13 04:27 - 2010-03-13 04:27 - 00136040 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.SharedUI.WPF.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 00015360 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Resources.WPF.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 00014848 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.Resources.WPF.resources.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 01601536 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\en-US\HP.ShinyNoire.UI.resources.dll
2010-03-13 04:26 - 2010-03-13 04:26 - 00311296 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.SharedUI.WPF.resources.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 00483328 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\en-US\SmithMicro.Resources.WPF.resources.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00059904 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.UI.Models.dll
2010-03-13 04:26 - 2010-03-13 04:26 - 00195584 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.WwanDiagnostics.dll
2010-03-13 04:24 - 2010-03-13 04:24 - 00573440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Message.XmlSerializers.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00045056 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Application.XmlSerializers.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00005120 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.Application.resources.dll
2010-03-13 04:25 - 2010-03-13 04:25 - 00015872 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.UI.ViewModel.resources.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-87322475-1675513697-3500870398-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DEBridge => 3
MSCONFIG\Services: DpHost => 2
MSCONFIG\Services: FLCDLOCK => 3
MSCONFIG\Services: HiSuiteOuc64.exe => 2
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: McShield => 2
MSCONFIG\Services: mfevtp => 2
MSCONFIG\Services: QDLService2kHP => 2
MSCONFIG\Services: RIM Tunnel Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^phase-6 Reminder.lnk => C:\windows\pss\phase-6 Reminder.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HP Connection Manager.exe => "C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe"
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: McAfee Managed Services Tray => C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files (x86)\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: svchospt => C:\windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{6959122F-5BB0-4594-A63C-CBA662D9D3DD}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{EE8BC358-2B44-4F4F-B828-2BABE8311A11}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{FCAAB124-999E-423A-A2B1-A99F4E16775A}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [{63AC9ABB-8A13-4CF8-87A6-87750FEB9EFD}] => (Allow) C:\Program Files (x86)\qfs\jre6\bin\java.exe
FirewallRules: [TCP Query User{C0D71C6A-0E51-4514-A533-59E9CA665D9B}C:\windows\syswow64\svchospt.exe] => (Block) C:\windows\syswow64\svchospt.exe
FirewallRules: [UDP Query User{84308D94-E2E0-43EF-872E-D3F4E90D53A1}C:\windows\syswow64\svchospt.exe] => (Block) C:\windows\syswow64\svchospt.exe
FirewallRules: [{E6ED986E-CBAA-401E-9B01-0017ECB514FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{453D1B33-9A42-480D-B6A7-76C500BA2E5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99E1A11A-3260-419D-B187-0766504CFB90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5427619D-0625-4ABB-A5A2-52CA747D9B02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{327FB5AC-9CE7-486C-9AE7-AA8976B88CB8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{250E6EEC-3A0A-4B67-8EDE-F026371197EA}] => (Allow) LPort=2869
FirewallRules: [{04F5C6AD-6569-43CA-88D0-8302422F774A}] => (Allow) LPort=1900
FirewallRules: [{FC36CC8F-3957-43F8-ADEC-F4EA508B9381}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{ED2F6151-76D7-4559-A474-F7453E0EA88C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{449D8604-DF60-4C96-B4B8-94F5130BC9BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE0D57EC-CA0D-4E58-9DFC-BC442C1D7379}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 06:42:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=1100} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:48 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))

Error: (05/22/2015 06:42:47 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Windows (4716) Windows: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.


System errors:
=============
Error: (05/24/2015 04:54:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HuaweiHiSuiteService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/24/2015 04:23:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/24/2015 04:23:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "HiSuiteOuc64.exe" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2015 11:31:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/23/2015 11:31:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (05/23/2015 11:30:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/23/2015 07:51:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (05/23/2015 07:51:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (05/23/2015 07:51:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (05/23/2015 07:51:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office:
=========================
Error: (05/22/2015 06:42:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2015 06:42:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (05/22/2015 06:42:49 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
1100

Error: (05/22/2015 06:42:48 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))

Error: (05/22/2015 06:42:47 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Windows4716Windows: -1032


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 57%
Total physical RAM: 2991.43 MB
Available physical RAM: 1269.48 MB
Total Pagefile: 5981.07 MB
Available Pagefile: 3287.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.79 GB) (Free:126.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8C949010)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of log ============================
         

Alt 25.05.2015, 11:02   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Lass das McAfee CLeanup Tool bitte nochmal laufen, da sind noch Reste. Wie läuft der Rechner aktuell?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.05.2015, 07:18   #9
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Hallo,

das habe ich jetzt getan, aber mein Rechner hakt immernoch manchmal. Manchmal gibt die Festplatte komische Töne von sich. Kann man diese mit einem Programm überprüfen?

Alt 26.05.2015, 19:37   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



jop

Zustand der Festplatte herausfinden - so gehts - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.05.2015, 15:16   #11
Malwarepro
/// Android Expert
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Hallo,

schlechte Nachrichten:



Was soll ich teuen? SSD kaufen ?

Alt 28.05.2015, 09:10   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Computer hakt und ist langsam - Standard

Computer hakt und ist langsam



Wäre mein Vorschlag
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Computer hakt und ist langsam
adobe, adware, antivirus, avast, browser, combofix, computer, defender, device driver, explorer, failed, firefox, flash player, homepage, langsam, launch, mozilla, realtek, registry, scan, security, software, svchost.exe, symantec, system, temp, teredo, tunnel, windows



Ähnliche Themen: Computer hakt und ist langsam


  1. Computer langsam
    Alles rund um Windows - 30.07.2015 (6)
  2. Rechner hakt und hat Aussetzer
    Log-Analyse und Auswertung - 14.02.2014 (18)
  3. Alles hakt nach Download von Virus
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (9)
  4. System hakt/läuft langsam
    Log-Analyse und Auswertung - 07.11.2008 (7)
  5. Musik hakt bei PC Arbeit!
    Plagegeister aller Art und deren Bekämpfung - 31.07.2008 (1)
  6. Computer langsam
    Log-Analyse und Auswertung - 15.04.2008 (2)
  7. pc hakt bei ausgeschalteter firewall
    Log-Analyse und Auswertung - 28.11.2007 (0)
  8. manchmal hakt der pc. log sauber?
    Mülltonne - 28.11.2007 (0)
  9. Mouse hakt und Windows piept
    Log-Analyse und Auswertung - 22.02.2007 (2)
  10. PC hakt jede Sekunde...
    Log-Analyse und Auswertung - 04.10.2006 (10)
  11. PC hakt-Virus???
    Log-Analyse und Auswertung - 22.08.2006 (1)
  12. Beide Computer langsam - einer nach 3 Minuten sogar extrem langsam
    Log-Analyse und Auswertung - 09.06.2006 (7)
  13. Internet hakt
    Log-Analyse und Auswertung - 14.05.2006 (2)
  14. Rechner hakt total aus??
    Log-Analyse und Auswertung - 23.11.2005 (15)
  15. computer langsam, was tun?
    Log-Analyse und Auswertung - 07.07.2005 (2)
  16. Computer ist langsam
    Log-Analyse und Auswertung - 30.03.2005 (4)
  17. Computer langsam
    Log-Analyse und Auswertung - 14.12.2004 (3)

Zum Thema Computer hakt und ist langsam - Hallo, FRST: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02 Ran by *** (administrator) on WKSADMIN-HP on 17-05-2015 14:59:33 Running from - Computer hakt und ist langsam...
Archiv
Du betrachtest: Computer hakt und ist langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.