Guten Abend,

da mein Laptop gefühlt ziemlich lahm geworden ist wollte ich mal den AdwCleaner durchlaufen lassen.
Allerdings bekomme ich beim Öffnen der exe-Datei die Meldung, dass das Programm nicht gestartet werden kann (glaube sinngemäß dass es nicht mit meinem System kompatibel ist, habs leider weggeklickt).
Kann mir jemand helfen dabei mein Laptop doch mal auf Schädlinge oder Ähnliches zu durchsuchen?
Danke schonmal für die Antwort

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hi schrauber ,
schön, du bists. Mach ich umgehend

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-05-2015
Ran by Kristine (administrator) on BIGTOY on 26-05-2015 21:37:35
Running from C:\Users\Kristine\Downloads
Loaded Profiles: Kristine (Available Profiles: AdMinchen & Kristine & Manuel & krist_000 & Administrator & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Epic Privacy Browser) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\EpicUpdate.exe
() C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-04-23] (Dell Inc.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985712 2013-06-04] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Epic Privacy Browser Update] => C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\EpicUpdate.exe [507560 2015-01-19] (Epic Privacy Browser)
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Amazon Music] => C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-03] ()
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-28]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_fsvideosft_15_16&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzzyEyD0CyE0CzytAyEtC0FtC0BzytAtN0D0Tzu0StCtBtDtCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtCzzzztA0AyEyEtG0D0F0BzztGtDzyyE0BtG0CtAtD0EtGtD0BtBtCyB0E0CtBtCyCtAyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtA0CzzyDyE0EtGzy0CtCtBtGyEyEtBtDtG0AyBtByEtGzy0B0E0FyEzz0FyBtDzytDtD2QtN0A0LzuyE%26cr%3D1463948627%26a%3Dwny_fsvideosft_15_16%26os%3DWindows 8.1
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = http://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_fsvideosft_15_16&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzzyEyD0CyE0CzytAyEtC0FtC0BzytAtN0D0Tzu0StCtBtDtCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtCzzzztA0AyEyEtG0D0F0BzztGtDzyyE0BtG0CtAtD0EtGtD0BtBtCyB0E0CtBtCyCtAyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtA0CzzyDyE0EtGzy0CtCtBtGyEyEtBtDtG0AyBtByEtGzy0B0E0FyEzz0FyBtDzytDtD2QtN0A0LzuyE%26cr%3D1463948627%26a%3Dwny_fsvideosft_15_16%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3988005159-474404469-3811382638-1002 -> DefaultScope {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = http://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_fsvideosft_15_16&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzzyEyD0CyE0CzytAyEtC0FtC0BzytAtN0D0Tzu0StCtBtDtCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtCzzzztA0AyEyEtG0D0F0BzztGtDzyyE0BtG0CtAtD0EtGtD0BtBtCyB0E0CtBtCyCtAyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtA0CzzyDyE0EtGzy0CtCtBtGyEyEtBtDtG0AyBtByEtGzy0B0E0FyEzz0FyBtDzytDtD2QtN0A0LzuyE%26cr%3D1463948627%26a%3Dwny_fsvideosft_15_16%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3988005159-474404469-3811382638-1002 -> {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = http://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_fsvideosft_15_16&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzzyEyD0CyE0CzytAyEtC0FtC0BzytAtN0D0Tzu0StCtBtDtCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtCzzzztA0AyEyEtG0D0F0BzztGtDzyyE0BtG0CtAtD0EtGtD0BtBtCyB0E0CtBtCyCtAyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtA0CzzyDyE0EtGzy0CtCtBtGyEyEtBtDtG0AyBtByEtGzy0B0E0FyEzz0FyBtDzytDtD2QtN0A0LzuyE%26cr%3D1463948627%26a%3Dwny_fsvideosft_15_16%26os%3DWindows 8.1&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-16] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-16] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kristine\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @updates.epicbrowser.com/Epic Privacy Browser Update;version=3 -> C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll [2015-01-19] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @updates.epicbrowser.com/Epic Privacy Browser Update;version=9 -> C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll [2015-01-19] (Epic Privacy Browser)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-30]
CHR Extension: (Google Docs) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-30]
CHR Extension: (Google Drive) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-30]
CHR Extension: (YouTube) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-30]
CHR Extension: (Adblock Plus) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-30]
CHR Extension: (Google Search) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-30]
CHR Extension: (Google Sheets) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-30]
CHR Extension: (Bookmark Manager) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-21]
CHR Extension: (Avast Online Security) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Ghostery) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-30]
CHR Extension: (Gmail) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-13] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-13] (Avast Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) []
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) []
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-13] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-26] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-13] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 21:37 - 2015-05-26 21:37 - 00024036 _____ () C:\Users\Kristine\Downloads\FRST.txt
2015-05-26 21:36 - 2015-05-26 21:37 - 00000000 ____D () C:\FRST
2015-05-26 21:35 - 2015-05-26 21:35 - 02108928 _____ (Farbar) C:\Users\Kristine\Downloads\FRST64.exe
2015-05-26 21:35 - 2015-05-26 21:35 - 00001454 _____ () C:\Users\Kristine\Desktop\FRST64.exe - Verknüpfung.lnk
2015-05-23 08:48 - 2015-05-23 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-05-17 22:41 - 2015-05-17 22:41 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\SumatraPDF
2015-05-14 23:43 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 23:43 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 21:13 - 2015-05-14 21:13 - 00000177 _____ () C:\Users\Kristine\Downloads\silvia.streifel.vcf
2015-05-13 22:22 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 22:22 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 22:22 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 22:22 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 22:20 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 22:20 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 22:20 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 22:20 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 22:20 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 22:20 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 22:20 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 22:20 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 22:20 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 22:20 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 22:20 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 22:20 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 22:20 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 22:20 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 22:20 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 22:20 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 22:20 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 22:20 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 22:20 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 22:20 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 22:20 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 22:20 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 22:20 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 22:20 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 22:20 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 22:20 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 22:20 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 22:20 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 22:20 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 22:20 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 22:20 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 22:20 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 22:20 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 22:20 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 22:20 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 22:20 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 22:20 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 22:20 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 22:20 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 22:20 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 22:20 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 22:20 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 22:20 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 22:20 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 22:19 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 22:19 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 22:19 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 22:19 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 22:19 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 22:19 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 22:19 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 22:19 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 22:19 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 22:19 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 22:19 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 22:19 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 22:19 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 22:19 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 22:19 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 22:19 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 22:19 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 22:19 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 22:19 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 22:19 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 22:19 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 22:19 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 22:19 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 22:19 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 22:19 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 22:19 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 22:19 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 22:19 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 22:19 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 22:19 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 22:19 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 21:55 - 2015-05-13 21:55 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-13 21:54 - 2015-05-13 21:54 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-05-13 21:54 - 2015-05-13 21:54 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-05-13 21:48 - 2015-05-13 21:48 - 00000000 ____D () C:\Users\Kristine\Tracing

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 21:38 - 2014-10-30 10:15 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 21:25 - 2013-08-22 16:46 - 00517219 _____ () C:\WINDOWS\setupact.log
2015-05-26 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-26 20:44 - 2014-10-29 23:55 - 01103555 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-26 19:15 - 2015-04-17 10:16 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Skype
2015-05-26 19:13 - 2014-10-30 10:14 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B06BDCF-A72F-4F75-9CF4-3227545CE179}
2015-05-26 19:12 - 2015-01-19 01:45 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Epic Privacy Browser
2015-05-26 19:10 - 2014-10-30 10:15 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-26 12:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-26 12:22 - 2014-12-23 20:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-26 11:15 - 2014-10-30 10:08 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3988005159-474404469-3811382638-1002
2015-05-26 09:41 - 2014-10-30 10:17 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-23 11:10 - 2013-10-19 16:17 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-23 11:09 - 2014-10-30 10:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-23 08:46 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-23 08:46 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-20 08:00 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 07:58 - 2015-04-05 10:02 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-20 07:58 - 2015-04-05 10:02 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-17 22:36 - 2013-08-22 16:44 - 00371608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-17 19:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 18:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-16 12:14 - 2014-12-18 13:48 - 00250352 _____ () C:\WINDOWS\hpoins47.dat
2015-05-16 12:14 - 2014-12-18 13:48 - 00008106 _____ () C:\ProgramData\hpzinstall.log
2015-05-16 11:27 - 2014-09-24 08:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 11:27 - 2014-09-24 07:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-16 11:27 - 2014-09-24 07:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-15 15:33 - 2014-10-30 10:15 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 15:33 - 2014-10-30 10:15 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 23:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 23:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 23:37 - 2014-10-29 17:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 23:33 - 2014-10-29 20:50 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 23:31 - 2014-09-24 08:00 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 22:02 - 2015-04-17 10:15 - 00000000 ____D () C:\ProgramData\Skype
2015-05-13 21:57 - 2014-09-23 23:06 - 00081790 _____ () C:\WINDOWS\PFRO.log
2015-05-13 21:55 - 2014-10-30 10:44 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-05-13 21:54 - 2015-02-28 12:59 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-05-13 21:54 - 2014-10-30 10:44 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-05-13 21:48 - 2014-10-29 23:43 - 00000000 ____D () C:\Users\Kristine
2015-05-05 19:59 - 2014-09-24 09:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-09-24 09:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-16 12:09 - 2015-04-16 12:09 - 0041392 _____ () C:\Users\Kristine\AppData\Local\2B763BC1_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:09 - 0000289 _____ () C:\Users\Kristine\AppData\Local\2B763BC1_stp.CIS.part
2015-04-16 12:35 - 2015-04-16 12:35 - 0045792 _____ () C:\Users\Kristine\AppData\Local\59ED2468_stp.CIS
2015-04-16 12:35 - 2015-04-16 12:35 - 0000289 _____ () C:\Users\Kristine\AppData\Local\59ED2468_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:09 - 0385602 _____ () C:\Users\Kristine\AppData\Local\5D515C96_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:35 - 0000220 _____ () C:\Users\Kristine\AppData\Local\5D515C96_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:10 - 5529600 _____ () C:\Users\Kristine\AppData\Local\695794C2_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:10 - 0000364 _____ () C:\Users\Kristine\AppData\Local\695794C2_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:09 - 1509462 _____ () C:\Users\Kristine\AppData\Local\69DD7379_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:35 - 0000295 _____ () C:\Users\Kristine\AppData\Local\69DD7379_stp.CIS.part
2014-10-29 14:23 - 2014-10-29 14:23 - 0000516 _____ () C:\Users\Kristine\AppData\Local\Application.xml
2015-03-13 22:26 - 2015-03-13 22:26 - 0007601 _____ () C:\Users\Kristine\AppData\Local\resmon.resmoncfg
2014-12-18 13:48 - 2015-05-16 12:14 - 0008106 _____ () C:\ProgramData\hpzinstall.log
2013-10-19 16:09 - 2013-10-19 16:10 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-19 16:05 - 2013-10-19 16:06 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-19 16:06 - 2013-10-19 16:08 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-10-19 16:04 - 2013-10-19 16:05 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-19 16:08 - 2013-10-19 16:09 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
C:\Users\Kristine\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Kristine\AppData\Local\Temp\tmd_34013700.exe
C:\Users\Kristine\AppData\Local\Temp\tmd_34014934.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 14:29

==================== End of log ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015
Ran by Kristine at 2015-05-26 21:38:33
Running from C:\Users\Kristine\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

AdMinchen (S-1-5-21-3988005159-474404469-3811382638-1001 - Administrator - Enabled) => C:\Users\AdMinchen
Administrator (S-1-5-21-3988005159-474404469-3811382638-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3988005159-474404469-3811382638-501 - Limited - Enabled) => C:\Users\Gast
Kristine (S-1-5-21-3988005159-474404469-3811382638-1002 - Administrator - Enabled) => C:\Users\Kristine
krist_000 (S-1-5-21-3988005159-474404469-3811382638-1006 - Limited - Enabled) => C:\Users\krist_000
Manuel (S-1-5-21-3988005159-474404469-3811382638-1003 - Limited - Enabled) => C:\Users\Manuel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
Amazon Music (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 34865840.1637764.4759644.48 - Audible, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
B110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Epic) (Version: 40.0.2214.91 - Epic)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{C63184F3-8343-408F-A948-DDB0AC969A99}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.12 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

16-04-2015 18:48:21 avast! antivirus system restore point
13-05-2015 21:53:26 avast! antivirus system restore point
20-05-2015 07:57:01 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-12-24 23:41 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {121C9FD0-08D1-4770-8A85-A06498F47299} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2362FECA-9B06-4064-9ACA-2520143E7ABF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {249939BD-7D2B-44D8-AC35-9324E57BD71C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {45B14A76-BE12-4C1A-827A-F7FD8665A9AE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {59F14A66-EBFB-4564-BB5A-9CA054CE209A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {7C99A9E7-C2A3-4A34-9450-D835F2FE0820} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {7E9238EB-B9AA-495E-95AD-816A089EDB50} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {875D8132-6F4A-4216-8F9A-0967E1B7463E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {A33A9EEE-93AF-4F8E-94E6-E4857A624F1B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {BB1A289D-30C4-42B6-AE24-B9CBC83F8489} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {BEFA1D73-6394-4234-AF7B-9780E81512CF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {ED21EC64-FB40-4412-A39B-BCEAC7AA77AE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {F6F2EBB6-47F2-4F89-9050-E37342CB8E5C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {FC4A9BF7-D912-4C58-A518-A34FD045DAF9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-19 16:08 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-19 16:18 - 2013-08-19 10:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-10-19 16:18 - 2013-08-19 10:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-10-19 16:18 - 2013-08-19 10:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-10-03 18:36 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-01-23 21:47 - 2015-03-03 00:44 - 05886272 _____ () C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-05-13 21:54 - 2015-05-13 21:54 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 21:54 - 2015-05-13 21:54 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-22 19:19 - 2015-05-22 19:19 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052201\algo.dll
2015-05-26 20:47 - 2015-05-26 20:47 - 02948096 _____ () C:\Program Files\AVAST Software\Avast\defs\15052601\algo.dll
2014-11-24 12:39 - 2014-11-24 12:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-03-13 12:41 - 2013-09-03 23:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-17 22:49 - 2015-03-17 22:49 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-26 09:41 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 09:41 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2013-10-19 16:06 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\krist_000\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristine\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4F42101A-F72C-40A9-94A7-9161936B88F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{50759A68-6EAD-4DD9-8BCB-13B9A3AAFF82}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4146153E-4758-4BA3-A7BD-FA74E1B3496E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E81C6E62-6C2B-47C2-BD77-1B0906FADF5B}] => (Allow) LPort=1900
FirewallRules: [{354BA047-B518-43BB-8F13-B636FCD80E4A}] => (Allow) LPort=2869
FirewallRules: [{B90F6656-F6C3-4732-9ACB-4B24BDD694AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{80A0A84D-85D7-4DB3-8D3F-7B857B2EC874}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B730500A-96FF-473E-B907-C7B2C6F8101A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{422AC016-C26D-441B-9A82-843432D93834}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{EDE1EF0C-59DE-4E56-AF9E-17C38347B143}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{E61FDE90-E2F3-4685-876E-980A5E9A92C6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{44344303-EF40-4BD7-BF97-4E08B793F8F3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7BC06341-62B7-4FD7-8176-8E7F07C1F277}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS349A\hppiw.exe
FirewallRules: [{90DD04DF-9A12-4DB0-B4D4-FC52BB2927A5}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS349A\hppiw.exe
FirewallRules: [{CCDB7D87-5421-40F0-A0FA-5D14A3951B9B}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS39DC\setup\hpznui40.exe
FirewallRules: [{5F2AB45B-A034-41FB-951E-849A2E827EC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{45D1037C-D24C-404C-B3AB-8D9CE6750D36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CC382578-655D-4642-829A-6D96F7282993}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E397EFB3-5CC6-47A9-B773-290BAEC8B56D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{ECC5892B-225D-47FD-9C14-08F59B90A010}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2FCC3060-781E-41B9-B18A-5AD16EEC093C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{D10E4726-8A92-471B-823C-2504AA686222}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F9E9A34D-ECF3-46EF-B577-1FCC222F99D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A34FE6C6-B9A2-479A-AB55-A0362A19864F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B3C63F34-D962-48AE-8B46-78B0F8BBBBF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{79E5CF38-A876-4E40-A631-E8FFAF6B9256}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{FC098D40-6B69-42FF-B715-C5C4577AE928}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{2469D16B-E57D-4842-A6C6-3CCB34488C70}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D783AD9E-084F-43BE-911E-D0FEDF7CC01A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [TCP Query User{0DF78DE1-894E-48D9-8767-AD1C51DE6C96}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{37139FD0-24C6-4C24-924E-010087E251D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{526795E2-C377-4BF3-8478-E242CEFEEBE2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF6BE9A2-D390-4D32-9258-22B9E9E3867C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{71BC566C-A672-498E-A9F6-937CF7693C63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2015 00:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x22d8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:22:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x1cd4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x1c70
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x2490
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:09:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x2004
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x23f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 00:02:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x2228
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 11:59:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x207c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 11:57:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/26/2015 11:55:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125


System errors:
=============
Error: (05/26/2015 07:27:33 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/26/2015 07:27:02 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/26/2015 00:28:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 21 Mal passiert.

Error: (05/26/2015 00:22:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 20 Mal passiert.

Error: (05/26/2015 00:20:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 19 Mal passiert.

Error: (05/26/2015 00:17:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 18 Mal passiert.

Error: (05/26/2015 00:09:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 17 Mal passiert.

Error: (05/26/2015 00:09:17 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/26/2015 00:08:41 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/26/2015 00:03:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 16 Mal passiert.


Microsoft Office:
=========================
Error: (05/26/2015 00:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a22d801d0979e12518a10C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllf24024f6-0391-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:22:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a1cd401d0979db8e9a2f6C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll26b739fc-0391-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a1c7001d0979d3e29ed2eC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllc8ae5e27-0390-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a249001d0979c51836645C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll58eb4637-0390-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:09:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a200401d0979b4086ab83C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll5d2f69a1-038f-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a23f401d0979b2bb6f2b9C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll789fd809-038e-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 00:02:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a222801d0979ac0bb35e9C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll40b93671-038e-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 11:59:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a207c01d0979a792f7619C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dlle1569c6c-038d-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 11:57:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a204401d0979a1f2d37afC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dlla84c4a2d-038d-11e5-bea0-0c8bfd9c4586

Error: (05/26/2015 11:55:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a157401d09796fff00935C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll5ccdd70e-038d-11e5-bea0-0c8bfd9c4586


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 30%
Total physical RAM: 8090.57 MB
Available physical RAM: 5582.54 MB
Total Pagefile: 12012.62 MB
Available Pagefile: 9089.94 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.09 GB) (Free:648.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26894598)

Partition: GPT Partition Type.

==================== End of log ============================
         

done

Starte bitte AdwCleaner nochmal und mach mal nen Screenshot von der Meldung

Im Anhang eine Fehlermeldung, allerdings ist diese jetzt wieder neu

ich warte jetzt erst mal was du dazu sagst bevor ich es nochmal versuche...

AdwCleaner löschen und neu laden

Hi, das hab ich schon mal gemacht, nach der ersten Fehlermeldung...kannst du mir vielleicht nochmal den Link dazu geben? Damit ich auch ja den richtigen runterlade...danke dir

unten im Text

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

danke...ich versuchs gleich nochmal

So, jetzt hats doch tatsächlich funktioniert. Komische Sache. Der Adw hat auch einiges gelöscht. Dafür hab ich jetzt eine Google-Fehlermeldung, ist im Anhang
Soll ich sicherheitshalber noch etwas machen?

bzw was mache ich jetzt bezüglich dieser Fehlermeldung?

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de



Und bitte mal ein frisches FRST log.

Nabend schrauber,
ok, mach ich jetzt...bis dann

so...ich hoffe ich hab alles richtig gemacht, beim uninstaller war ich ein wenig unsicher und habe einfach dann die vom Programm empfohlenen (fett markierten) gelöscht. Chrome neu installiert und hier ein neues FRST

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-05-2015
Ran by Kristine (administrator) on BIGTOY on 29-05-2015 20:46:11
Running from C:\Users\Kristine\Downloads
Loaded Profiles: Kristine (Available Profiles: AdMinchen & Kristine & Manuel & krist_000 & Administrator & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex) C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-04-23] (Dell Inc.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985712 2013-06-04] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Epic Privacy Browser Update] => C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\EpicUpdate.exe [507560 2015-01-19] (Epic Privacy Browser)
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Amazon Music] => C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-03] ()
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-28]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-16] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-16] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kristine\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @updates.epicbrowser.com/Epic Privacy Browser Update;version=3 -> C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll [2015-01-19] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-3988005159-474404469-3811382638-1002: @updates.epicbrowser.com/Epic Privacy Browser Update;version=9 -> C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll [2015-01-19] (Epic Privacy Browser)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-29]
CHR Extension: (Google Docs) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-29]
CHR Extension: (Google Drive) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29]
CHR Extension: (YouTube) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-29]
CHR Extension: (Google Search) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29]
CHR Extension: (Google Sheets) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-29]
CHR Extension: (Google Wallet) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29]
CHR Extension: (Gmail) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-13] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-13] (Avast Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) []
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) []
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-13] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-26] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-13] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 20:41 - 2015-05-29 20:41 - 00002269 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-29 20:41 - 2015-05-29 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-29 20:37 - 2015-05-29 20:42 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 20:37 - 2015-05-29 20:42 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 20:37 - 2015-05-29 20:37 - 00931408 _____ (Google Inc.) C:\Users\Kristine\Downloads\ChromeSetup.exe
2015-05-29 20:37 - 2015-05-29 20:37 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-29 20:37 - 2015-05-29 20:37 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-29 20:16 - 2015-05-29 20:16 - 00001282 _____ () C:\Users\Kristine\Desktop\Revo Uninstaller.lnk
2015-05-29 20:16 - 2015-05-29 20:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-29 20:15 - 2015-05-29 20:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kristine\Downloads\revosetup95.exe
2015-05-28 21:47 - 2015-05-28 21:47 - 00004566 _____ () C:\Users\Kristine\Desktop\AdwCleaner[S0].txt
2015-05-28 21:20 - 2015-05-28 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-05-28 21:13 - 2015-05-28 21:18 - 00000000 ____D () C:\AdwCleaner
2015-05-28 21:12 - 2015-05-28 21:12 - 02222592 _____ () C:\Users\Kristine\Downloads\AdwCleaner_4.205.exe
2015-05-26 21:38 - 2015-05-26 21:39 - 00036423 _____ () C:\Users\Kristine\Downloads\Addition.txt
2015-05-26 21:37 - 2015-05-29 20:46 - 00021512 _____ () C:\Users\Kristine\Downloads\FRST.txt
2015-05-26 21:36 - 2015-05-29 20:46 - 00000000 ____D () C:\FRST
2015-05-26 21:35 - 2015-05-26 21:35 - 02108928 _____ (Farbar) C:\Users\Kristine\Downloads\FRST64.exe
2015-05-26 21:35 - 2015-05-26 21:35 - 00001454 _____ () C:\Users\Kristine\Desktop\FRST64.exe - Verknüpfung.lnk
2015-05-17 22:41 - 2015-05-17 22:41 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\SumatraPDF
2015-05-14 23:43 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 23:43 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 21:13 - 2015-05-14 21:13 - 00000177 _____ () C:\Users\Kristine\Downloads\silvia.streifel.vcf
2015-05-13 22:22 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 22:22 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 22:22 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 22:22 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 22:20 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 22:20 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 22:20 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 22:20 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 22:20 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 22:20 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 22:20 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 22:20 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 22:20 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 22:20 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 22:20 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 22:20 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 22:20 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 22:20 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 22:20 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 22:20 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 22:20 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 22:20 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 22:20 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 22:20 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 22:20 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 22:20 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 22:20 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 22:20 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 22:20 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 22:20 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 22:20 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 22:20 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 22:20 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 22:20 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 22:20 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 22:20 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 22:20 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 22:20 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 22:20 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 22:20 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 22:20 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 22:20 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 22:20 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 22:20 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 22:20 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 22:20 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 22:20 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 22:20 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 22:19 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 22:19 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 22:19 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 22:19 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 22:19 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 22:19 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 22:19 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 22:19 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 22:19 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 22:19 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 22:19 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 22:19 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 22:19 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 22:19 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 22:19 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 22:19 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 22:19 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 22:19 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 22:19 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 22:19 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 22:19 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 22:19 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 22:19 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 22:19 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 22:19 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 22:19 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 22:19 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 22:19 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 22:19 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 22:19 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 22:19 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 21:55 - 2015-05-13 21:55 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-13 21:54 - 2015-05-13 21:54 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-05-13 21:54 - 2015-05-13 21:54 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-05-13 21:48 - 2015-05-13 21:48 - 00000000 ____D () C:\Users\Kristine\Tracing

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 20:46 - 2014-10-30 10:08 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3988005159-474404469-3811382638-1002
2015-05-29 20:41 - 2014-10-30 10:15 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Google
2015-05-29 20:41 - 2014-10-29 16:28 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-29 20:40 - 2014-10-29 23:55 - 01743985 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-29 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-29 20:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-29 20:08 - 2013-08-22 16:46 - 00518682 _____ () C:\WINDOWS\setupact.log
2015-05-29 18:53 - 2014-10-30 10:14 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B06BDCF-A72F-4F75-9CF4-3227545CE179}
2015-05-28 21:29 - 2013-10-19 16:17 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-28 21:21 - 2014-10-30 10:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-28 21:19 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-28 21:18 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-27 20:31 - 2015-04-17 10:16 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Skype
2015-05-27 16:45 - 2015-01-19 01:45 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Epic Privacy Browser
2015-05-26 12:22 - 2014-12-23 20:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 08:00 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 07:58 - 2015-04-05 10:02 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-20 07:58 - 2015-04-05 10:02 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-17 22:36 - 2013-08-22 16:44 - 00371608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-17 19:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 18:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-16 12:14 - 2014-12-18 13:48 - 00250352 _____ () C:\WINDOWS\hpoins47.dat
2015-05-16 12:14 - 2014-12-18 13:48 - 00008106 _____ () C:\ProgramData\hpzinstall.log
2015-05-16 11:27 - 2014-09-24 08:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 11:27 - 2014-09-24 07:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-16 11:27 - 2014-09-24 07:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-14 23:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 23:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 23:37 - 2014-10-29 17:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 23:33 - 2014-10-29 20:50 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 23:31 - 2014-09-24 08:00 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 22:02 - 2015-04-17 10:15 - 00000000 ____D () C:\ProgramData\Skype
2015-05-13 21:57 - 2014-09-23 23:06 - 00081790 _____ () C:\WINDOWS\PFRO.log
2015-05-13 21:55 - 2014-10-30 10:44 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-05-13 21:55 - 2014-10-30 10:44 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-05-13 21:54 - 2015-02-28 12:59 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-05-13 21:54 - 2014-10-30 10:44 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-05-13 21:48 - 2014-10-29 23:43 - 00000000 ____D () C:\Users\Kristine
2015-05-05 19:59 - 2014-09-24 09:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-09-24 09:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-16 12:09 - 2015-04-16 12:09 - 0041392 _____ () C:\Users\Kristine\AppData\Local\2B763BC1_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:09 - 0000289 _____ () C:\Users\Kristine\AppData\Local\2B763BC1_stp.CIS.part
2015-04-16 12:35 - 2015-04-16 12:35 - 0045792 _____ () C:\Users\Kristine\AppData\Local\59ED2468_stp.CIS
2015-04-16 12:35 - 2015-04-16 12:35 - 0000289 _____ () C:\Users\Kristine\AppData\Local\59ED2468_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:09 - 0385602 _____ () C:\Users\Kristine\AppData\Local\5D515C96_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:35 - 0000220 _____ () C:\Users\Kristine\AppData\Local\5D515C96_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:10 - 5529600 _____ () C:\Users\Kristine\AppData\Local\695794C2_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:10 - 0000364 _____ () C:\Users\Kristine\AppData\Local\695794C2_stp.CIS.part
2015-04-16 12:09 - 2015-04-16 12:09 - 1509462 _____ () C:\Users\Kristine\AppData\Local\69DD7379_stp.CIS
2015-04-16 12:09 - 2015-04-16 12:35 - 0000295 _____ () C:\Users\Kristine\AppData\Local\69DD7379_stp.CIS.part
2014-10-29 14:23 - 2014-10-29 14:23 - 0000516 _____ () C:\Users\Kristine\AppData\Local\Application.xml
2015-03-13 22:26 - 2015-03-13 22:26 - 0007601 _____ () C:\Users\Kristine\AppData\Local\resmon.resmoncfg
2014-12-18 13:48 - 2015-05-16 12:14 - 0008106 _____ () C:\ProgramData\hpzinstall.log
2013-10-19 16:09 - 2013-10-19 16:10 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-19 16:05 - 2013-10-19 16:06 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-19 16:06 - 2013-10-19 16:08 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-10-19 16:04 - 2013-10-19 16:05 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-19 16:08 - 2013-10-19 16:09 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
C:\Users\Kristine\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Kristine\AppData\Local\Temp\Quarantine.exe
C:\Users\Kristine\AppData\Local\Temp\sqlite3.dll
C:\Users\Kristine\AppData\Local\Temp\tmd_34013700.exe
C:\Users\Kristine\AppData\Local\Temp\tmd_34014934.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 14:29

==================== End of log ============================
         

und der 2. Text

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015
Ran by Kristine at 2015-05-29 20:47:07
Running from C:\Users\Kristine\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

AdMinchen (S-1-5-21-3988005159-474404469-3811382638-1001 - Administrator - Enabled) => C:\Users\AdMinchen
Administrator (S-1-5-21-3988005159-474404469-3811382638-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3988005159-474404469-3811382638-501 - Limited - Enabled) => C:\Users\Gast
Kristine (S-1-5-21-3988005159-474404469-3811382638-1002 - Administrator - Enabled) => C:\Users\Kristine
krist_000 (S-1-5-21-3988005159-474404469-3811382638-1006 - Limited - Enabled) => C:\Users\krist_000
Manuel (S-1-5-21-3988005159-474404469-3811382638-1003 - Limited - Enabled) => C:\Users\Manuel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Amazon Music (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 34865840.1637764.4759644.48 - Audible, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
B110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\Epic) (Version: 40.0.2214.91 - Epic)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{C63184F3-8343-408F-A948-DDB0AC969A99}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.12 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

16-04-2015 18:48:21 avast! antivirus system restore point
13-05-2015 21:53:26 avast! antivirus system restore point
20-05-2015 07:57:01 Windows Update
29-05-2015 20:19:23 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-12-24 23:41 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {121C9FD0-08D1-4770-8A85-A06498F47299} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {3CD864E3-4BAD-45B9-9648-ACE6C28746BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {45B14A76-BE12-4C1A-827A-F7FD8665A9AE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {59F14A66-EBFB-4564-BB5A-9CA054CE209A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {782F652B-6B3F-4E8F-8192-34AADEFECC94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {7C99A9E7-C2A3-4A34-9450-D835F2FE0820} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {7E9238EB-B9AA-495E-95AD-816A089EDB50} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {875D8132-6F4A-4216-8F9A-0967E1B7463E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {8F678E60-8DEF-412F-B3DF-3B1847112A65} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {A33A9EEE-93AF-4F8E-94E6-E4857A624F1B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {BB1A289D-30C4-42B6-AE24-B9CBC83F8489} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {BEFA1D73-6394-4234-AF7B-9780E81512CF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {F6F2EBB6-47F2-4F89-9050-E37342CB8E5C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {FC4A9BF7-D912-4C58-A518-A34FD045DAF9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-19 16:08 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-19 16:18 - 2013-08-19 10:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-10-19 16:18 - 2013-08-19 10:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-10-19 16:18 - 2013-08-19 10:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-10-03 18:36 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-01-23 21:47 - 2015-03-03 00:44 - 05886272 _____ () C:\Users\Kristine\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-05-13 21:54 - 2015-05-13 21:54 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 21:54 - 2015-05-13 21:54 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-27 21:51 - 2015-05-27 21:51 - 02951168 _____ () C:\Program Files\AVAST Software\Avast\defs\15052701\algo.dll
2015-05-29 20:18 - 2015-05-29 20:18 - 02950656 _____ () C:\Program Files\AVAST Software\Avast\defs\15052901\algo.dll
2014-11-24 12:39 - 2014-11-24 12:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-03-13 12:41 - 2013-09-03 23:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-17 22:49 - 2015-03-17 22:49 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 16:06 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-03-18 17:32 - 2015-03-18 16:14 - 01471488 _____ () C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\40.0.2214.91\libglesv2.dll
2015-03-18 17:32 - 2015-03-18 16:14 - 00073728 _____ () C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\40.0.2214.91\libegl.dll
2015-03-18 17:32 - 2015-03-18 16:14 - 09554944 _____ () C:\Users\Kristine\AppData\Local\Epic Privacy Browser\Application\40.0.2214.91\pdf.dll
2015-05-29 20:41 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-29 20:41 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-29 20:41 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\krist_000\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3988005159-474404469-3811382638-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristine\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\StartupApproved\Run: => "Epic Privacy Browser Update"
HKU\S-1-5-21-3988005159-474404469-3811382638-1002\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4F42101A-F72C-40A9-94A7-9161936B88F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{50759A68-6EAD-4DD9-8BCB-13B9A3AAFF82}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4146153E-4758-4BA3-A7BD-FA74E1B3496E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E81C6E62-6C2B-47C2-BD77-1B0906FADF5B}] => (Allow) LPort=1900
FirewallRules: [{354BA047-B518-43BB-8F13-B636FCD80E4A}] => (Allow) LPort=2869
FirewallRules: [{B90F6656-F6C3-4732-9ACB-4B24BDD694AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{80A0A84D-85D7-4DB3-8D3F-7B857B2EC874}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B730500A-96FF-473E-B907-C7B2C6F8101A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{422AC016-C26D-441B-9A82-843432D93834}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{EDE1EF0C-59DE-4E56-AF9E-17C38347B143}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{E61FDE90-E2F3-4685-876E-980A5E9A92C6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{44344303-EF40-4BD7-BF97-4E08B793F8F3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7BC06341-62B7-4FD7-8176-8E7F07C1F277}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS349A\hppiw.exe
FirewallRules: [{90DD04DF-9A12-4DB0-B4D4-FC52BB2927A5}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS349A\hppiw.exe
FirewallRules: [{CCDB7D87-5421-40F0-A0FA-5D14A3951B9B}] => (Allow) C:\Users\AdMinchen\AppData\Local\Temp\7zS39DC\setup\hpznui40.exe
FirewallRules: [{5F2AB45B-A034-41FB-951E-849A2E827EC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{45D1037C-D24C-404C-B3AB-8D9CE6750D36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CC382578-655D-4642-829A-6D96F7282993}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E397EFB3-5CC6-47A9-B773-290BAEC8B56D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{ECC5892B-225D-47FD-9C14-08F59B90A010}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2FCC3060-781E-41B9-B18A-5AD16EEC093C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{D10E4726-8A92-471B-823C-2504AA686222}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F9E9A34D-ECF3-46EF-B577-1FCC222F99D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A34FE6C6-B9A2-479A-AB55-A0362A19864F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B3C63F34-D962-48AE-8B46-78B0F8BBBBF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{79E5CF38-A876-4E40-A631-E8FFAF6B9256}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{FC098D40-6B69-42FF-B715-C5C4577AE928}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{2469D16B-E57D-4842-A6C6-3CCB34488C70}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D783AD9E-084F-43BE-911E-D0FEDF7CC01A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [TCP Query User{0DF78DE1-894E-48D9-8767-AD1C51DE6C96}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{37139FD0-24C6-4C24-924E-010087E251D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{526795E2-C377-4BF3-8478-E242CEFEEBE2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF6BE9A2-D390-4D32-9258-22B9E9E3867C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D87CF8FF-7FCA-4917-BA4C-90BDD39E869B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2015 07:26:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/28/2015 09:45:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x1bec
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (05/28/2015 09:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (05/28/2015 09:43:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0xcc4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/28/2015 09:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0xa48
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (05/28/2015 09:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x1a5c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (05/28/2015 09:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0xa7c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (05/28/2015 09:40:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x180c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/28/2015 09:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ12, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x884
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Net Driver HPZ120
Pfad der fehlerhaften Anwendung: svchost.exe_Net Driver HPZ121
Pfad des fehlerhaften Moduls: svchost.exe_Net Driver HPZ122
Berichtskennung: svchost.exe_Net Driver HPZ123
Vollständiger Name des fehlerhaften Pakets: svchost.exe_Net Driver HPZ124
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Net Driver HPZ125

Error: (05/28/2015 09:39:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x1ac4
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5


System errors:
=============
Error: (05/28/2015 09:43:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (05/28/2015 09:40:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (05/28/2015 09:39:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Net Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2015 09:30:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2015 09:18:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/28/2015 09:18:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/28/2015 09:18:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/28/2015 09:18:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/28/2015 09:18:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/28/2015 09:18:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (05/29/2015 07:26:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/28/2015 09:45:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec1801bec01d0997eeb504cbbC:\WINDOWS\System32\rundll32.exeUSER32.dll28febc4a-0572-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec180182c01d0997ecd8a4526C:\WINDOWS\System32\rundll32.exeUSER32.dll0b38b466-0572-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:43:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310acc401d0997e225a5a1bC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllcda29a60-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec180a4801d0997e8def2927C:\WINDOWS\System32\rundll32.exeUSER32.dllcb9e34a0-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec1801a5c01d0997e729e17d6C:\WINDOWS\System32\rundll32.exeUSER32.dllb04c865e-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec180a7c01d0997e536066b1C:\WINDOWS\System32\rundll32.exeUSER32.dll910ed6c3-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:40:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a180c01d0997e0f6bd52dC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll5f193a0a-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_Net Driver HPZ126.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a88401d0997b420e265bC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll47e97127-0571-11e5-bea1-0c8bfd9c4586

Error: (05/28/2015 09:39:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec1801ac401d0997e06521500C:\WINDOWS\System32\rundll32.exeUSER32.dll4401bdae-0571-11e5-bea1-0c8bfd9c4586


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 8090.57 MB
Available physical RAM: 5504.9 MB
Total Pagefile: 9370.57 MB
Available Pagefile: 5979.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.09 GB) (Free:649.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26894598)

Partition: GPT Partition Type.

==================== End of log ============================
         

Ach so, als Erweiterungen bei Chrome hatte ich AdBlock und Ghostery...soll ich die wieder aktivieren oder empfiehlst du was anderes?

Noch etwas fällt mir jetzt auf seit ich Chrome de- und installiert hab. Ich kann mein Spiel das ich über Facebook spiele nun nicht mehr spielen. Kann das sein dass etwas verändert wurde was das verursacht?

Hast Du Chrome auch zurückgesetzt? Teste mal Firefox. Macht der auch so Probleme?