Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Alter Fehler wieder da ... DNS Settings have been changed

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.06.2015, 10:20   #1
trpper
 
Alter Fehler wieder da ... DNS Settings have been changed - Standard

Alter Fehler wieder da ... DNS Settings have been changed



Hallo Community - Ich merke gerade ich habe gegen die erst goldene Regel verstoßen.
Mein Problem, das ständige wechseln der DNS Settings laut glasswire hatte ich schon im Januar, bzw es ist mir im Januar aufgefallen nachdem ich Glasswire installiert hatte. Und in diesem Thread http://www.trojaner-board.de/163212-...n-changed.html hat mir Schrauber damals damit geholfen. Nachdem dieses Problem jetzt wieder vermehrt aufgetreten ist. Bin ich die Schritte wieder alle durchgegangen. MBAM ADWCleaner JRT ESET Security Check und danach Delfix halt ohne hier alle logs zu posten. Und hatte gehofft es wäre gelöst. Aber nach dem letzten Restart ist es wieder da. Ich habe schon überlegt ob es evtl. etwas mit dem Router zu tun hat. Nachdem ich während eines Malwarescans von Emisoft mein Security wissen verbessert hatte kam genau dieses Thema. Und ich dachte ich hätte mich da wieder gefunden. hxxp://blog.emsisoft.com/2015/05/27/exploit-kit-attacks-dns-settings-of-over-50-different-router-models/
Es wäre nett wenn ihr mir noch einmal so gut wie beim letzten mal weiterhelfen könnt.

Außerdem habe ich mir eine neue SSD zugelegt und möchte mein System sowieso demnächst neu aufsetzten wenn ich dazu die Zeit finde. Meint Ihr ich sollte das vorziehen? Ich bin ein bißchen generft von der ganzen Geschichte da ich immer einen Virenscanner & Firewall laufen habe. Regelmäßig MBAM Update und Scannen lasse und mein System sonst auch up-to-date ist.

Würde mich auch über Anregungen freuen, wie ich diese Sachen auf meinem neuen System von vornherein vermeiden kann. Lohnen sich kauf Versionen von Anti-Viren für Otto-normal Verbraucher ... Ich weiss ihr seid alle beruflich nicht objektiv aber ich dachte es ginge bei den Unterschieden hauptsächlich um zusätzliche Features und Updateverfügbarkeiten....
Evtl nehme ich das 25% angebot an =) Also ich richte mich vllt direkt an dich Schrauber da du mir beim letzten mal schon damit geholfen hast. Alles wieder von vorne? FRST logs etc?

Vielen Dank - David

Alt 02.06.2015, 11:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Alter Fehler wieder da ... DNS Settings have been changed - Standard

Alter Fehler wieder da ... DNS Settings have been changed



hi,

das mal mindestens

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 03.06.2015, 08:43   #3
trpper
 
Alter Fehler wieder da ... DNS Settings have been changed - Standard

Alter Fehler wieder da ... DNS Settings have been changed



Ok also FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Neu-Pc (administrator) on NEU on 03-06-2015 08:35:48
Running from C:\Users\Neu-Pc\Downloads
Loaded Profiles: Neu-Pc (Available Profiles: Neu-Pc)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(cFos Software GmbH) C:\Program Files\ASUS\Turbo LAN\spd.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [Turbo LAN] => C:\Program Files\ASUS\Turbo LAN\cFosSpeed.exe [2826640 2015-04-20] (cFos Software GmbH)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-10-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4923832 2015-05-26] (Emsisoft Ltd)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [9474344 2014-11-06] (SecureMix LLC)
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\Run: [icq] => C:\Users\Neu-Pc\AppData\Roaming\ICQM\icq.exe [35225096 2014-12-27] (ICQ)
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\MountPoints2: {827c9b96-98ea-11e4-829e-240a64f59aac} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\start.exe
Startup: C:\Users\Neu-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk [2014-08-28]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3637372449-538110766-643382409-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3637372449-538110766-643382409-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3637372449-538110766-643382409-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-13] (Oracle Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Neu-Pc\AppData\Roaming\Mozilla\Firefox\Profiles\rzkiu4bq.default
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Profile: C:\Users\Neu-Pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Neu-Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Neu-Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-26]
CHR Extension: (Google Wallet) - C:\Users\Neu-Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5155576 2015-05-26] (Emsisoft Ltd)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-19] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-19] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2015-05-19] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.11\AsusFanControlService.exe [394040 2015-05-19] (ASUSTeK Computer Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [45056 2013-06-15] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASUS\Turbo LAN\spd.exe [1040784 2015-04-20] (cFos Software GmbH)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [6279976 2014-11-06] (SecureMix LLC)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
S2 HPSLPSVC; C:\Users\Neu-Pc\AppData\Local\Temp\7zS0C81\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [24792 2014-06-13] (ASMedia Technology Inc. ????)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2015-05-19] (MCCI Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed]
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33296 2014-11-05] (SecureMix LLC)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2015-05-19] (ASUSTeK Computer Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2014-04-30] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490080 2014-04-30] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [547032 2013-07-04] (Realtek Semiconductor Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X]
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 cpuz138; \??\C:\Users\Neu-Pc\AppData\Local\Temp\cpuz138_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Neu-Pc\Downloads\RealTemp_370\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 08:35 - 2015-06-03 08:36 - 00024367 _____ () C:\Users\Neu-Pc\Downloads\FRST.txt
2015-06-03 08:35 - 2015-06-03 08:35 - 02108928 _____ (Farbar) C:\Users\Neu-Pc\Downloads\FRST64.exe
2015-06-03 08:35 - 2015-06-03 08:35 - 00000000 ____D () C:\FRST
2015-06-03 08:34 - 2015-05-19 19:35 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2015-06-02 10:06 - 2015-06-02 10:06 - 00000818 _____ () C:\Windows\PFRO.log
2015-06-02 10:02 - 2015-06-03 08:34 - 00001392 _____ () C:\Windows\setupact.log
2015-06-02 10:02 - 2015-06-02 10:08 - 00107053 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 10:02 - 2015-06-02 10:02 - 00000928 _____ () C:\DelFix.txt
2015-06-02 10:02 - 2015-06-02 10:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-06-02 09:31 - 2015-06-02 09:31 - 01333384 _____ (Ruiware) C:\Users\Neu-Pc\Downloads\wpsetup.exe
2015-06-02 09:15 - 2015-06-02 09:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NEU-Windows-8.1-(64-bit).dat
2015-06-01 10:34 - 2015-06-01 10:34 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Local\GWX
2015-05-30 22:37 - 2015-06-02 07:51 - 00005535 _____ () C:\Windows\MB.idx
2015-05-26 19:56 - 2015-05-26 20:17 - 00000000 ____D () C:\ProgramData\F-Secure
2015-05-26 19:56 - 2015-05-26 19:56 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Local\F-Secure
2015-05-23 15:26 - 2015-05-23 15:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\65E95008.sys
2015-05-23 15:26 - 2015-05-23 15:26 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-05-23 15:24 - 2015-06-03 08:34 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-05-23 15:24 - 2015-05-23 15:24 - 00001110 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-05-23 15:24 - 2015-05-23 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-05-23 15:24 - 2015-03-24 00:17 - 00135800 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp64.sys
2015-05-21 20:22 - 2015-05-21 20:22 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-21 19:04 - 2015-05-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-19 19:50 - 2015-06-02 10:12 - 00000000 _____ () C:\Windows\Path.idx
2015-05-19 19:50 - 2015-05-19 19:50 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_Z97-PRO(Wi-Fi ac).alu
2015-05-19 19:40 - 2015-05-19 19:35 - 00046152 _____ (MCCI Corporation) C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys
2015-05-19 19:38 - 2014-06-13 11:25 - 00024792 _____ (ASMedia Technology Inc. ????) C:\Windows\SysWOW64\Drivers\asmtufdriver.sys
2015-05-19 19:38 - 2013-01-28 15:58 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\Drivers\AiChargerPlus.sys
2015-05-18 18:51 - 2015-05-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-05-18 18:51 - 2015-05-18 18:51 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-05-17 20:00 - 2015-06-03 08:33 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff20ea7d1dc52.job
2015-05-17 20:00 - 2015-06-02 09:05 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff20ea7f1780b.job
2015-05-17 20:00 - 2015-05-17 20:00 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cff20ea7f1780b
2015-05-17 20:00 - 2015-05-17 20:00 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cff20ea7d1dc52
2015-05-14 00:38 - 2015-05-18 18:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-05-14 00:38 - 2015-05-14 00:38 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-14 00:38 - 2015-05-14 00:38 - 00002074 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-13 16:50 - 2015-05-13 16:50 - 00000000 __SHD () C:\Users\Neu-Pc\AppData\Local\EmieBrowserModeList
2015-05-13 16:11 - 2015-04-24 22:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 16:11 - 2015-03-05 00:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 00:21 - 2015-05-13 00:21 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-13 00:21 - 2015-05-13 00:21 - 00000000 ____D () C:\ProgramData\Sun
2015-05-13 00:21 - 2015-05-13 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-13 00:21 - 2015-05-13 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-13 00:21 - 2015-05-13 00:21 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-12 19:23 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:23 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:23 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 19:23 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 19:23 - 2015-03-17 18:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 19:23 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 19:20 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 19:20 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 19:20 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 19:20 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 19:20 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 19:20 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 19:20 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 19:20 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 19:20 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 19:20 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 19:20 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 19:20 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 19:20 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 19:20 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 19:20 - 2015-04-21 17:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 19:20 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 19:20 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 19:20 - 2015-04-21 16:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 19:20 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 19:20 - 2015-04-21 16:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 19:20 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 19:20 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 19:20 - 2015-04-21 16:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 19:20 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 19:20 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 19:20 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 19:20 - 2015-04-21 16:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 19:20 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 19:20 - 2015-04-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 19:20 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 19:20 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 19:20 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 19:20 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 19:20 - 2015-04-21 16:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 19:20 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 19:20 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 19:20 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 19:20 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 19:20 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 19:20 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 19:20 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 19:20 - 2015-04-13 23:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 19:20 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 19:20 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 19:20 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 19:20 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 19:20 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 19:20 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 19:20 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 19:20 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 19:20 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 19:20 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 19:20 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 19:20 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 19:20 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 19:20 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 19:20 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 19:20 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 19:20 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 19:20 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 19:20 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 19:20 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 19:20 - 2015-03-13 01:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-12 19:20 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 19:20 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 19:20 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 19:20 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 19:20 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 19:20 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 19:20 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 19:20 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 19:20 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 19:20 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-11 17:13 - 2015-05-11 17:13 - 00001629 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-05-11 17:12 - 2015-05-11 17:13 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Local\Citrix
2015-05-11 17:12 - 2015-05-11 17:13 - 00000000 ____D () C:\ProgramData\Citrix
2015-05-11 17:12 - 2015-05-11 17:13 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-05-11 17:12 - 2015-05-11 17:12 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Roaming\ICAClient
2015-05-04 16:15 - 2015-05-04 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-05-04 16:15 - 2015-05-04 16:15 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 08:34 - 2015-04-20 23:12 - 01048576 _____ () C:\Windows\PE_Rom.dll
2015-06-03 08:34 - 2014-11-04 18:58 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 08:34 - 2014-07-12 05:36 - 00000000 __RDO () C:\Users\Neu-Pc\SkyDrive
2015-06-03 08:34 - 2014-07-09 03:52 - 00011064 _____ () C:\Users\Neu-Pc\AppData\Local\BTServer.log
2015-06-03 08:34 - 2013-10-09 10:20 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2015-06-03 08:33 - 2013-10-28 13:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-06-03 08:33 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 08:29 - 2014-07-09 03:52 - 00000000 ____D () C:\Users\Neu-Pc
2015-06-02 10:13 - 2013-10-09 10:09 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-02 10:13 - 2013-09-13 21:22 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2015-06-02 10:13 - 2013-09-13 21:22 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2015-06-02 10:02 - 2015-01-27 19:42 - 00000000 ____D () C:\Windows\ERUNT
2015-06-02 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-06-02 09:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-06-02 08:01 - 2014-07-11 05:20 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{27FDD1F8-CB38-4AFA-ADE4-21B3175E4A9E}
2015-06-02 01:58 - 2014-07-12 09:07 - 00000000 ____D () C:\Windows\Minidump
2015-06-02 01:05 - 2014-07-09 03:57 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3637372449-538110766-643382409-1002
2015-06-01 22:03 - 2013-10-28 13:05 - 00000000 ____D () C:\ProgramData\Realtek
2015-06-01 11:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-06-01 10:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-30 03:09 - 2015-05-01 12:28 - 00000847 _____ () C:\Users\Neu-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-05-26 17:05 - 2014-07-13 09:47 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-26 17:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-05-23 15:22 - 2015-02-22 14:10 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Roaming\mIRC
2015-05-23 15:19 - 2013-10-09 10:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 18:36 - 2015-02-20 07:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-21 20:43 - 2015-04-04 11:15 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 20:43 - 2015-04-04 11:15 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 20:43 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-21 20:36 - 2013-10-09 10:17 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2015-05-21 20:22 - 2014-11-04 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-21 20:22 - 2014-11-04 18:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-21 18:51 - 2013-10-09 10:22 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-19 19:45 - 2013-10-09 10:17 - 00000000 ____D () C:\ProgramData\ASUS
2015-05-19 19:40 - 2015-04-20 22:42 - 00000000 ____D () C:\Program Files\ASUS
2015-05-19 19:40 - 2013-10-09 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-19 19:39 - 2013-10-28 13:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-19 19:39 - 2013-10-09 10:17 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-17 20:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-05-14 00:38 - 2014-12-24 11:22 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-14 00:38 - 2014-07-11 06:14 - 00000000 ____D () C:\Users\Neu-Pc\AppData\Local\Adobe
2015-05-14 00:38 - 2013-10-09 10:24 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-14 00:38 - 2013-10-09 10:22 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-13 16:03 - 2013-08-22 15:44 - 00451120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 00:25 - 2015-02-20 07:59 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-13 00:25 - 2015-02-20 07:59 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-12 22:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-12 22:16 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-12 19:22 - 2014-07-11 07:18 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 19:22 - 2014-07-11 07:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-12 19:21 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-05 18:59 - 2013-08-22 16:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 18:59 - 2013-08-22 16:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-07-09 03:52 - 2015-06-03 08:34 - 0011064 _____ () C:\Users\Neu-Pc\AppData\Local\BTServer.log
2015-04-20 23:59 - 2015-04-21 00:53 - 0007602 _____ () C:\Users\Neu-Pc\AppData\Local\Resmon.ResmonCfg
2014-08-28 20:37 - 2014-08-28 20:37 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-10-09 10:09 - 2013-10-09 10:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Neu-Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Neu-Pc\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-23 15:34

==================== End of log ============================
         
--- --- ---


[QUOTE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Neu-Pc at 2015-06-03 08:36:08
Running from C:\Users\Neu-Pc\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3637372449-538110766-643382409-500 - Administrator - Disabled)
Gast (S-1-5-21-3637372449-538110766-643382409-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3637372449-538110766-643382409-1004 - Limited - Enabled)
Neu-Pc (S-1-5-21-3637372449-538110766-643382409-1002 - Administrator - Enabled) => C:\Users\Neu-Pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.83 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.06.02 - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
EVGA PrecisionX 16 (HKLM-x32\...\{0D30CA95-DFB2-4130-AF57-6E0D324DDB05}) (Version: 5.3.3 - EVGA Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.30 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
ICQ 8.2 (build 7135) (HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\ICQ) (Version: 8.2.7135.0 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.082613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Turbo LAN v9.05 (HKLM\...\Turbo LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
ZoneAlarm Antivirus (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

02-06-2015 10:02:40 Ende der Bereinigung

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0462E394-CC07-4CE7-9914-1FD9855BC0A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {05299ED3-3D19-49F4-B76B-D17ADEAB75DF} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {100D6439-F52E-42B0-BFD8-29753A5A6061} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {107EFCE7-D5E5-4241-B14B-6D9E4856FB0A} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-07-02] (TODO: <Company name>)
Task: {140217D9-A679-4AF7-BC81-15970360AC49} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {1569E335-2022-4361-BB1C-93F583E20DFF} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {162686AB-5E2A-41E6-BD27-49D9850124BC} - System32\Tasks\GoogleUpdateTaskMachineUA1cff20ea7f1780b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.)
Task: {170923AF-0470-4BFB-8B62-18A0E9F44DF7} - System32\Tasks\{50B7EBC3-E82F-4DB3-9CEF-E140BAC3C6D7} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.admin.exe" -d "C:\Riot Games\League of Legends"
Task: {1733887C-9E89-4144-AA17-39B0AD0D7B4E} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {235911DC-3E8F-4244-A8AE-B66F9B5C3974} - System32\Tasks\{30E674DA-985B-42B7-B1CA-BCE6A7E22E56} => pcalua.exe -a C:\Users\Neu-Pc\AppData\Local\Temp\Temp1_AISuite.zip\S1.03.15\EpuSetup\AsusSetup.exe
Task: {3B0A7B01-D2C8-4C7E-8357-BFA220CD09B1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4AAAE9CF-6C97-441A-B5C4-BA0B2A74C42F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {64DFEF2A-DD42-4BA6-ADDA-48ACAD7F0922} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3637372449-538110766-643382409-1002
Task: {78DA0A04-DB75-4231-B2CA-FEDFD7C28CB2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {82E53B3A-66AC-41F4-B396-2F4D5675C6E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {859A8E68-CE64-44CD-A34C-5B61A8B1BFD9} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-07-02] ()
Task: {9773B72B-5918-4829-9636-61FACE717CF0} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-06-25] (ASUSTeK Computer Inc.)
Task: {99E04C89-E19A-43BB-A08F-FECAA7C393D8} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2015-04-10] (EVGA Corp.)
Task: {B12731B5-2A36-4554-94CB-BD7DE628FC88} - System32\Tasks\{DB6C2603-AB88-4FC0-AE08-B397EEB5495D} => pcalua.exe -a C:\Users\Neu-Pc\AppData\Local\Temp\Temp1_AISuite.zip\S1.03.15\AsusSetup.exe
Task: {B173E23F-740A-457E-BAF1-D9C549B5A2DD} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {BEF28275-60FB-4914-999C-D7E44D5E5B72} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-18] (ASUSTeK Computer Inc.)
Task: {BFFC21AE-0BF2-4A0E-AD19-6847E90CC355} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C95C3EB3-F4F5-4EB4-8A55-369595BE2AC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {E339CEAE-B9E2-4D26-888E-90F0C8100449} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-10-09] ()
Task: {FE20D5FD-FDC9-46C3-A7BA-D825EC94B534} - System32\Tasks\GoogleUpdateTaskMachineCore1cff20ea7d1dc52 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff20ea7d1dc52.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff20ea7f1780b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-28 13:03 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-19 19:39 - 2015-05-19 19:35 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2013-10-09 10:17 - 2013-08-09 02:33 - 01114768 ____N () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2015-05-19 19:39 - 2014-07-02 17:41 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-05-09 06:59 - 2015-05-09 06:59 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-05-19 19:39 - 2014-08-01 14:58 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2015-05-19 19:39 - 2014-07-25 16:32 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2013-10-28 13:05 - 2013-06-15 03:12 - 00045056 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-10-09 10:18 - 2013-08-08 19:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2015-05-19 19:38 - 2015-05-19 19:35 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2014-07-28 19:29 - 2014-07-28 19:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 19:32 - 2014-07-28 19:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 19:29 - 2014-07-28 19:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 19:31 - 2014-07-28 19:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-05-19 19:38 - 2014-05-14 05:58 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2015-05-19 19:38 - 2014-04-25 06:03 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-05-19 19:38 - 2014-04-25 06:03 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-05-19 19:38 - 2014-07-02 12:10 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2015-05-19 19:39 - 2014-07-17 11:42 - 04095488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-05-19 19:39 - 2014-10-30 15:36 - 01139712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-05-19 19:38 - 2014-04-25 06:03 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-05-19 19:39 - 2015-05-19 19:35 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-05-19 19:39 - 2015-05-19 19:35 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-05-19 19:38 - 2015-05-19 19:35 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2015-05-19 19:40 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2015-05-19 19:38 - 2014-04-25 06:03 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2015-05-19 19:38 - 2014-04-25 06:03 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2015-05-19 19:40 - 2014-07-03 16:05 - 00063488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00235008 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2015-05-19 19:39 - 2014-07-09 11:05 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00851456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00801792 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-04-20 23:07 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-19 19:39 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-05-19 19:39 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-05-19 19:38 - 2015-06-03 08:34 - 00040592 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-05-19 19:38 - 2015-05-19 19:35 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-05-19 19:39 - 2014-07-02 17:41 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2015-05-19 19:39 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
2013-10-28 13:01 - 2013-08-19 20:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:E8BE05FA
AlternateDataStreams: C:\Users\Neu-Pc\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3637372449-538110766-643382409-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run: => "Turbo LAN"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CitrixReceiver"
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3637372449-538110766-643382409-1002\...\StartupApproved\Run: => "icq"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B0B3B59B-7CF8-484A-9EE8-51003CDCEE09}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1103D575-EE37-456D-A487-14E78730D3DA}] => (Allow) LPort=2869
FirewallRules: [{C092CB54-B1FD-4B01-AFF0-48F2CA47E37E}] => (Allow) LPort=1900
FirewallRules: [{D65785D7-0845-4743-AAF7-6DCE4DB5B410}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7798399D-22B1-4970-84CC-9635B820F0CB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8D274E46-BC1C-4CB4-86D3-A8C61C57BE2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{38978F31-48CD-4F15-A74E-7872AD338D3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5BEFB713-4D31-40FC-B3A1-F4978E276379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B3350F29-D79C-4318-8729-7F97DD82C80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FE6985D1-5542-4AC6-B33E-18AAEB41D4D5}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{41C9909C-56FE-42B6-8FD9-D4610DC00CEF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{CCEEA4F3-5AEB-43F6-A665-65CAD0356986}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{46518ED3-C1E8-431A-B4FF-18A1C6AA07D2}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{80566392-E3A6-4C5A-B691-7D5842B47C83}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E21B9DB7-245F-4FD3-8D39-92B6D2A6C7F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1F5D083F-EAC0-4612-B53A-A85E652BF6DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{26538F86-CCEE-48FE-AE4A-1624556274AC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{87858F63-150F-42CC-9291-05346ECEF01D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3F4F0907-B42F-4C50-AFDD-9B3402EAA337}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{86515C17-DDF7-4447-9DBD-1B08CF273C59}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{18F7E701-C082-4AFE-A1E8-54110FA0D880}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{B550A90C-705D-4CAC-B8BA-006F69507E64}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A2E5BF74-EBDA-46C3-8693-4CC6BB7A1CEB}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{A2621204-ED41-4844-9935-87FF24AA74F8}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{E3656D88-5A97-47CD-9B25-DD8CB1EA4C81}] => (Allow) LPort=8743
FirewallRules: [{54C956FC-B191-4CD2-8512-7D0255096FFF}] => (Allow) LPort=8643
FirewallRules: [{A04EC147-0E7E-459D-9CE7-C55721088D96}] => (Allow) LPort=7676
FirewallRules: [{69022053-3B1A-4B17-88C5-9CF0905BC182}] => (Allow) LPort=7679
FirewallRules: [{94A31DD3-ED78-4CA8-875D-BAE9902DBACB}] => (Allow) LPort=24234
FirewallRules: [{066F2D04-55B0-4D82-8998-B7EBF674FB2C}] => (Allow) LPort=7900
FirewallRules: [{A5463663-A7EE-4648-9C62-00C7A7B6FA00}] => (Allow) LPort=1900
FirewallRules: [{20AC3488-88AB-4E45-ACEE-8CF7A34D35F2}] => (Block) c:\program files (x86)\common files\magix services\uninstall\{ab515018-7f9d-4047-b0c0-f26bac30f3e1}\asus_music_maker_mx_setup.exe
FirewallRules: [{F8ADC28A-10E3-42FF-A031-7073297A1B05}] => (Block) c:\program files (x86)\common files\magix services\uninstall\{ab515018-7f9d-4047-b0c0-f26bac30f3e1}\asus_music_maker_mx_setup.exe
FirewallRules: [{684A164C-5724-43F3-AB95-0E62309897F7}] => (Block) c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [{38FEE85E-5BF1-4BA2-9DFA-F937220D4777}] => (Block) c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [{A478D3B7-C196-474D-9A76-D2FED0D6AAD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D65A13F5-F00F-43B1-88D5-5DC6E34AF492}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{71CC76C9-F76C-425C-953F-D74AFE4DDEA8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5E1E1087-458F-42B7-876F-785EE9206705}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{65EECD49-0845-4061-893E-0C599273C65A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{228670C6-B3E4-4BE2-8C3D-6817A1D8E579}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{CF81E16F-D225-4A1E-B749-082944DB7266}] => (Allow) LPort=1487
FirewallRules: [{F2D899D0-4BC1-453F-9C2E-4EE5C9E78D96}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CA09321A-0DBF-4C41-9D1F-6FAA918B62B1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{E8CF8D78-D784-488B-B903-065277029F14}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 08:34:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x960
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (06/02/2015 10:10:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 12.8.0.1016, Zeitstempel: 0x51fb0c50
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03dd4c0d
ID des fehlerhaften Prozesses: 0x22e8
Startzeit der fehlerhaften Anwendung: 0xIAStorDataMgrSvc.exe0
Pfad der fehlerhaften Anwendung: IAStorDataMgrSvc.exe1
Pfad des fehlerhaften Moduls: IAStorDataMgrSvc.exe2
Berichtskennung: IAStorDataMgrSvc.exe3
Vollständiger Name des fehlerhaften Pakets: IAStorDataMgrSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IAStorDataMgrSvc.exe5

Error: (06/02/2015 10:10:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (06/02/2015 10:07:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x950
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (06/02/2015 09:26:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 09:26:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 09:20:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: aaHMSvc.exe, Version: 0.1.0.19, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x2728
Startzeit der fehlerhaften Anwendung: 0xaaHMSvc.exe0
Pfad der fehlerhaften Anwendung: aaHMSvc.exe1
Pfad des fehlerhaften Moduls: aaHMSvc.exe2
Berichtskennung: aaHMSvc.exe3
Vollständiger Name des fehlerhaften Pakets: aaHMSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: aaHMSvc.exe5

Error: (06/02/2015 09:16:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: aaHMSvc.exe, Version: 0.1.0.19, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x614
Startzeit der fehlerhaften Anwendung: 0xaaHMSvc.exe0
Pfad der fehlerhaften Anwendung: aaHMSvc.exe1
Pfad des fehlerhaften Moduls: aaHMSvc.exe2
Berichtskennung: aaHMSvc.exe3
Vollständiger Name des fehlerhaften Pakets: aaHMSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: aaHMSvc.exe5

Error: (06/02/2015 09:14:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x40010006
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x1434
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (06/02/2015 09:09:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.


System errors:
=============
Error: (06/03/2015 08:36:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (06/03/2015 08:34:12 AM) (Source: DCOM) (EventID: 10016) (User: NEU)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NeuNeu-PcS-1-5-21-3637372449-538110766-643382409-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/03/2015 08:34:12 AM) (Source: DCOM) (EventID: 10016) (User: NEU)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NeuNeu-PcS-1-5-21-3637372449-538110766-643382409-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/03/2015 08:34:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/03/2015 08:34:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AsusFanControlService erreicht.

Error: (06/03/2015 08:33:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎06.‎2015 um 08:28:57 unerwartet heruntergefahren.

Error: (06/03/2015 08:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/03/2015 08:29:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AsusFanControlService erreicht.

Error: (06/03/2015 08:28:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎06.‎2015 um 08:26:09 unerwartet heruntergefahren.

Error: (06/03/2015 08:26:56 AM) (Source: DCOM) (EventID: 10016) (User: NEU)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NeuNeu-PcS-1-5-21-3637372449-538110766-643382409-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office:
=========================
Error: (06/03/2015 08:34:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade400100060001459896001d09dcf9995a591C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllf08ed64c-09c2-11e5-831e-54271e91667e

Error: (06/02/2015 10:10:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IAStorDataMgrSvc.exe12.8.0.101651fb0c50unknown0.0.0.000000000c000000503dd4c0d22e801d09d13ccbf0317C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeunknown24d67e61-0907-11e5-831b-54271e91667e

Error: (06/02/2015 10:10:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (06/02/2015 10:07:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade400100060001459895001d09d13756c61abC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllcdadfa00-0906-11e5-831b-54271e91667e

Error: (06/02/2015 09:26:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Neu-Pc\Downloads\esetsmartinstaller_deu.exe

Error: (06/02/2015 09:26:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Neu-Pc\Downloads\esetsmartinstaller_deu.exe

Error: (06/02/2015 09:20:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: aaHMSvc.exe0.1.0.1900000000KERNELBASE.dll6.3.9600.1741554504ade0eedfade00014598272801d09d0cdb6f8ca0C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exeC:\Windows\SYSTEM32\KERNELBASE.dll3d1305bd-0900-11e5-831a-54271e91667e

Error: (06/02/2015 09:16:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: aaHMSvc.exe0.1.0.1900000000KERNELBASE.dll6.3.9600.1741554504ade0eedfade0001459861401d09d0c0497d557C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exeC:\Windows\SYSTEM32\KERNELBASE.dllae983305-08ff-11e5-831a-54271e91667e

Error: (06/02/2015 09:14:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598143401d09d0c22b8985cC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll6415476e-08ff-11e5-831a-54271e91667e

Error: (06/02/2015 09:09:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Neu-Pc\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-06-02 02:35:38.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:37.970
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:37.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:37.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:36.860
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:36.520
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:36.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:35.843
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:35.457
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-06-02 02:35:35.100
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 17%
Total physical RAM: 16324.3 MB
Available physical RAM: 13518.03 MB
Total Pagefile: 32708.3 MB
Available Pagefile: 29795.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:110.63 GB) (Free:50.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 7ABC6008)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---


Zitat:
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
---- Diese Programme wirken auf den ersten blick wenig vertrauenswürdig =D
Dnake schon mal für deine Hilfe!
__________________

Alt 03.06.2015, 19:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Alter Fehler wieder da ... DNS Settings have been changed - Standard

Alter Fehler wieder da ... DNS Settings have been changed



Die kannste deinstallieren. Ich sehe so keinen DNS Change, trotzdem mal den Router auf Werkseinstellungen zurücksetzen und die Firmware updaten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Alter Fehler wieder da ... DNS Settings have been changed
angebot, check, direkt, dns, eset, fehler, firewall, geschichte, installiert, mbam, neu aufsetzten, neue, neuen, problem, router, scannen, scanner, security, system, update, vermehrt, virenscan, virenscanner, wechseln, zusätzliche



Ähnliche Themen: Alter Fehler wieder da ... DNS Settings have been changed


  1. in HKEY_USERS\.DEFAULT\...\Internet Settings sind gelöschte ProxyServer Daten nach reboot wieder da
    Log-Analyse und Auswertung - 17.04.2015 (11)
  2. DNS Server Settings have been changed
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (5)
  3. Sicherheitscenter wird immer wieder deaktiviert, chrome meldet Profil Fehler
    Log-Analyse und Auswertung - 10.06.2013 (3)
  4. Wieder s.g. Fehler beim Laden von C:/ usw.
    Plagegeister aller Art und deren Bekämpfung - 12.11.2012 (1)
  5. XP fährt nach Anmeldung kurze Zeit später wieder herunter (dwwin.exe Fehler in der Anwendung)
    Log-Analyse und Auswertung - 02.06.2011 (40)
  6. Pc fährt nach Anmeldung wieder herunter (drwtsn32.exe , dwwin.exe Fehler in der Anwendung)
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (9)
  7. HiJack- Search Settings exe und dll
    Log-Analyse und Auswertung - 10.11.2010 (13)
  8. Warning! CPU has been changed...
    Plagegeister aller Art und deren Bekämpfung - 03.11.2010 (4)
  9. Search Settings v.1.2.3
    Log-Analyse und Auswertung - 26.07.2010 (1)
  10. Der Anzeigetreiber wurde nach einem Fehler wieder hergestellt
    Alles rund um Windows - 11.02.2010 (7)
  11. Search Settings 1.2.1
    Plagegeister aller Art und deren Bekämpfung - 25.10.2009 (18)
  12. Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt.
    Alles rund um Windows - 05.05.2009 (1)
  13. Probleme mit dem Rechner.. Das System wird nach einem schwerwiegenden Fehler wieder..
    Alles rund um Windows - 27.02.2009 (1)
  14. ntoskrnl.exe "changed", HJT und eScan Logfiles gemacht
    Log-Analyse und Auswertung - 03.09.2007 (7)
  15. Fehler kommt immer wieder ...
    Antiviren-, Firewall- und andere Schutzprogramme - 22.12.2006 (2)
  16. System plötzlich "merkwürdig"! langsamer, alter Wurm wieder da, Passwörter weg?
    Log-Analyse und Auswertung - 21.10.2006 (6)
  17. This application has been changed since it was created
    Plagegeister aller Art und deren Bekämpfung - 26.11.2005 (11)

Zum Thema Alter Fehler wieder da ... DNS Settings have been changed - Hallo Community - Ich merke gerade ich habe gegen die erst goldene Regel verstoßen. Mein Problem, das ständige wechseln der DNS Settings laut glasswire hatte ich schon im Januar, bzw - Alter Fehler wieder da ... DNS Settings have been changed...
Archiv
Du betrachtest: Alter Fehler wieder da ... DNS Settings have been changed auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.