Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien

condolai · 03.06.2015, 23:16

Abend,

"Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile" Welche Zeile meinst du?

M-K-D-B · 04.06.2015, 09:35

Zitat:

Zitat von condolai

Kopiere den Inhalt der folgenden Code-Box oben in die Zeile" Welche Zeile meinst du?

Naja, rechts neben dem Wort "Search" befindet sich bei FRST ein Textfeld bzw. eine Zeile, in der du die Begriffe einfügen kannst...

condolai · 04.06.2015, 15:23

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Marc-Andre´ (administrator) on SUPER-PC on 04-06-2015 16:21:37
Running from C:\Users\Marc-Andre´\Desktop
Loaded Profiles: Marc-Andre´ (Available Profiles: Marc-Andre´ & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Akamai Technologies, Inc.) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lycosa] => C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [147456 2007-11-20] (Razer USA Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Amazon Music] => C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify Web Helper] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [Spotify] => C:\Users\Marc-Andre´\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012-06-04]
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-12-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {6BC92799-9508-41E4-84A8-527B5779A5DA} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {D3A96EFE-8F54-40AD-87EE-49181A37366A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> {E3774029-DBA9-4FAC-9D5C-D8F62AE80435} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [2012-02-02] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-02-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll [2010-10-03] (BitTorrent, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPGameWebStarter -> C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll [2010-03-19] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Marc-Andre´\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-07-29] ()
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc-Andre´\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-20] (Pando Networks)
FF Plugin HKU\S-1-5-21-1234873347-607795945-2308373214-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-04-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2011-07-28] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\abs@avira.com [2014-11-18]
FF Extension: Flash Video Downloader Youtube Downloader - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\artur.dubovoy@gmail.com [2012-08-11]
FF Extension: LavaFox V1 - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\info@djzig.com [2012-08-11]
FF Extension: YouTube Unblocker - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\youtubeunblocker@unblocker.yt [2013-09-27]
FF Extension: Flagfox - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-08-11]
FF Extension: Image Zoom - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011-05-12]
FF Extension: Adblock Plus - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2014-12-30]
FF Extension: Download Statusbar - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2012-05-06]
FF Extension: Black Steel - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2011-05-12]
FF Extension: Download Manager Tweak - C:\Users\Marc-Andre´\AppData\Roaming\Mozilla\Firefox\Profiles\lpt9l2zb.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2010-12-10]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2014-01-25]
FF Extension: Java String Helper - C:\Users\Marc-Andre´\AppData\Roaming\01009 [2012-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
CHR Extension: (Google Drive) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
CHR Extension: (YouTube) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
CHR Extension: (Google Search) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-18]
CHR Extension: (AdBlock) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-24]
CHR Extension: (Bookmark Manager) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Steam Trader Helper) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1186040 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-24] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-27] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CBTNDIS4; \??\C:\Windows\system32\CBTNDIS4.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va003; \??\C:\Users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [X]
S3 X6va005; \??\C:\Users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 19:45 - 2015-06-03 19:45 - 02108928 _____ (Farbar) C:\Users\Marc-Andre´\Desktop\FRST64.exe
2015-06-03 19:42 - 2015-06-03 19:42 - 00001910 _____ () C:\Users\Marc-Andre´\Desktop\sc-cleaner.txt
2015-06-03 19:41 - 2015-06-03 19:41 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Marc-Andre´\Desktop\sc-cleaner.exe
2015-06-03 19:40 - 2015-06-03 19:40 - 00001512 _____ () C:\Users\Marc-Andre´\Desktop\JRT.txt
2015-06-03 19:37 - 2015-06-03 19:37 - 02942610 _____ (Thisisu) C:\Users\Marc-Andre´\Desktop\JRT.exe
2015-06-03 19:37 - 2015-06-03 19:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SUPER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-03 19:37 - 2015-06-03 19:37 - 00000000 ____D () C:\RegBackup
2015-06-03 19:09 - 2015-06-03 19:09 - 00002736 _____ () C:\Users\Marc-Andre´\Desktop\mbam.txt
2015-06-03 18:45 - 2015-06-03 18:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 18:45 - 2015-06-03 18:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-03 18:45 - 2015-06-03 18:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-03 18:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 18:45 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 18:43 - 2015-06-03 18:44 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Marc-Andre´\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-03 18:35 - 2015-06-03 18:38 - 00000000 ____D () C:\AdwCleaner
2015-06-03 18:34 - 2015-06-03 18:34 - 02231296 _____ () C:\Users\Marc-Andre´\Desktop\AdwCleaner_4.206.exe
2015-06-03 15:34 - 2015-06-03 15:34 - 00025071 _____ () C:\ComboFix.txt
2015-06-03 15:12 - 2015-06-03 15:34 - 00000000 ____D () C:\Qoobox
2015-06-03 15:12 - 2015-06-03 15:33 - 00000000 ____D () C:\Windows\erdnt
2015-06-03 15:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-03 15:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-03 15:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-03 15:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-03 15:11 - 2015-06-03 15:11 - 05628238 ____R (Swearware) C:\Users\Marc-Andre´\Desktop\ComboFix.exe
2015-06-02 15:11 - 2015-06-04 16:20 - 00062882 _____ () C:\Users\Marc-Andre´\Desktop\Addition.txt
2015-06-02 15:10 - 2015-06-04 16:21 - 00023961 _____ () C:\Users\Marc-Andre´\Desktop\FRST.txt
2015-06-02 15:10 - 2015-06-04 16:21 - 00000000 ____D () C:\FRST
2015-06-01 15:52 - 2015-06-01 15:52 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\GWX
2015-05-31 18:15 - 2015-05-31 18:15 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-31 18:14 - 2015-05-31 18:15 - 35218576 _____ (Simply Super Software ) C:\Users\Marc-Andre´\Downloads\trjsetup692.exe
2015-05-31 18:12 - 2015-05-31 18:12 - 01918512 _____ (Mister Group ) C:\Users\Marc-Andre´\Downloads\SystemExplorerSetup_642.exe
2015-05-25 00:12 - 2015-05-25 00:13 - 00000000 ____D () C:\Users\Marc-Andre´\recorder
2015-05-25 00:08 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\Marc-Andre´\lalala
2015-05-14 20:32 - 2015-05-14 20:35 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Astreya2
2015-05-14 20:15 - 2015-05-14 20:30 - 1040333947 _____ () C:\Users\Marc-Andre´\Downloads\Astreya2-Reloaded 1.0.rar
2015-05-14 03:03 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:03 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:11 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:11 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:11 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:11 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:11 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:11 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:11 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:11 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:11 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:11 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:11 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:11 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:11 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:11 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:11 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:11 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:10 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:10 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:10 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:10 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:10 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:10 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:10 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:10 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:10 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:10 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:10 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:10 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:10 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:10 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:10 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:10 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:10 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:10 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:10 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:10 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:10 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:10 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 16:53 - 2015-05-09 16:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\WinAuth
2015-05-09 16:49 - 2015-05-09 16:49 - 01502629 _____ () C:\Users\Marc-Andre´\Downloads\WinAuth-3.1.8.zip
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-05 14:58 - 2015-05-05 14:58 - 02624744 _____ () C:\Users\Marc-Andre´\Downloads\Fraps v3.5.9 build 15586 Registered.rar
2015-05-05 14:47 - 2015-05-05 14:47 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam (1).7z
2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\BANDISOFT
2015-05-05 14:43 - 2015-05-05 14:43 - 00000000 ____D () C:\Users\Marc-Andre´\Documents\Bandicam
2015-05-05 14:42 - 2015-05-05 14:42 - 09732530 _____ () C:\Users\Marc-Andre´\Downloads\Bandicam.7z
2015-05-05 14:07 - 2015-05-05 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-05-05 00:51 - 2015-05-05 00:51 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Razer_Inc

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 16:19 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Spotify
2015-06-04 16:17 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-04 16:17 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-04 16:14 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\Spotify
2015-06-04 16:13 - 2010-08-13 13:56 - 01085441 _____ () C:\Windows\WindowsUpdate.log
2015-06-04 16:09 - 2012-12-24 16:37 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\HTC MediaHub
2015-06-04 16:09 - 2011-04-26 18:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-04 16:08 - 2013-12-23 17:06 - 00057212 _____ () C:\Windows\setupact.log
2015-06-04 16:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-04 15:45 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-04 03:35 - 2011-04-26 18:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-04 03:27 - 2014-12-01 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-04 02:16 - 2010-08-16 01:09 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{68A126FF-1A76-47DF-98CD-F44B2F916D09}
2015-06-04 00:07 - 2011-03-18 22:11 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\TS3Client
2015-06-03 21:09 - 2010-08-16 00:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-06-03 20:59 - 2013-12-23 17:06 - 00361396 _____ () C:\Windows\PFRO.log
2015-06-03 18:38 - 2011-03-26 21:36 - 00000000 ____D () C:\ProgramData\ICQ
2015-06-03 15:34 - 2011-12-25 15:30 - 00000000 ____D () C:\Users\Marc-Andre�
2015-06-03 15:34 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-06-03 15:29 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-06-03 15:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-06-03 15:22 - 2010-05-31 13:52 - 00000000 ____D () C:\ProgramData\Temp
2015-06-03 14:39 - 2009-07-14 19:58 - 06562648 _____ () C:\Windows\system32\perfh007.dat
2015-06-03 14:39 - 2009-07-14 19:58 - 01971712 _____ () C:\Windows\system32\perfc007.dat
2015-06-03 14:39 - 2009-07-14 07:13 - 00006564 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-02 15:12 - 2012-03-13 15:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Alle Sims 3 Teile
2015-06-02 15:11 - 2010-12-13 22:28 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Music^^
2015-05-31 17:18 - 2010-08-13 13:55 - 00000000 ____D () C:\Users\Marc-Andre´
2015-05-31 17:16 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-31 17:16 - 2011-11-10 18:53 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Local\Akamai
2015-05-31 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-26 00:24 - 2013-08-31 00:56 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\TERA
2015-05-24 23:54 - 2015-01-17 19:08 - 00000000 ____D () C:\Users\Marc-Andre´\Desktop\Pobre Juan
2015-05-22 14:41 - 2015-03-02 02:54 - 00001848 _____ () C:\Users\Marc-Andre´\Desktop\Storybook.lnk
2015-05-21 03:01 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-18 20:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-18 05:40 - 2010-08-27 19:34 - 00000000 ____D () C:\Users\Marc-Andre´\AppData\Roaming\SoftGrid Client
2015-05-18 04:30 - 2011-04-26 18:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 04:30 - 2011-04-26 18:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 15:00 - 2013-03-14 00:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 15:00 - 2009-07-14 06:45 - 00294256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 05:05 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 05:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 03:14 - 2010-08-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 03:12 - 2013-07-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-14 03:05 - 2010-05-31 13:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 03:02 - 2013-03-14 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-08 14:59 - 2014-01-06 00:39 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-05-07 15:18 - 2011-01-22 13:06 - 00000000 ____D () C:\Fraps
2015-05-05 14:59 - 2015-04-18 16:22 - 00000576 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-05-05 14:10 - 2013-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 14:09 - 2013-08-25 22:18 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:09 - 2013-08-25 22:18 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-05 14:07 - 2015-05-04 18:37 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-05-05 00:51 - 2014-01-06 00:39 - 00000000 ____D () C:\ProgramData\Razer

==================== Files in the root of some directories =======

2012-02-29 22:15 - 2012-02-29 22:15 - 0000011 _____ () C:\Users\Marc-Andre´\AppData\Roaming\urhtps.dat
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\Marc-Andre´\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\Marc-Andre´\AppData\Local\CDRip.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Marc-Andre´\AppData\Local\No23 Recorder.exe
2011-01-16 22:20 - 2011-01-16 22:50 - 0001481 _____ () C:\Users\Marc-Andre´\AppData\Local\RecConfig.xml
2010-08-18 21:48 - 2010-08-27 02:56 - 0007598 _____ () C:\Users\Marc-Andre´\AppData\Local\Resmon.ResmonCfg
2010-08-15 22:42 - 2010-08-15 22:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-08-02 22:59 - 2012-09-14 21:47 - 0002766 _____ () C:\ProgramData\flcd_proxy.log

Files to move or delete:
====================
C:\Users\Marc-Andre´\jagex_runescape_preferences.dat
C:\Users\Marc-Andre´\jagex_runescape_preferences2.dat


Some files in TEMP:
====================
C:\Users\Marc-Andre´\AppData\Local\Temp\avgnt.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\Quarantine.exe
C:\Users\Marc-Andre´\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 21:28

==================== End of log ============================

condolai · 04.06.2015, 15:24

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Marc-Andre´ at 2015-06-04 16:21:56
Running from C:\Users\Marc-Andre´\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1234873347-607795945-2308373214-500 - Administrator - Disabled)
fbwuser (S-1-5-21-1234873347-607795945-2308373214-1001 - Limited - Disabled) => C:\Users\fbwuser
Gast (S-1-5-21-1234873347-607795945-2308373214-501 - Limited - Disabled)
Marc-Andre´ (S-1-5-21-1234873347-607795945-2308373214-1000 - Administrator - Enabled) => C:\Users\Marc-Andre´

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

¡Adelante! Nivel elemental (HKLM-x32\...\¡Adelante! Nivel elemental) (Version: 1.0.0.0 - Ernst Klett Verlag GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Age of Chivalry (HKLM-x32\...\Steam App 17510) (Version:  - Team Chivalry)
Akamai NetSession Interface (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
Amazon Kindle (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
ATI Catalyst Install Manager (HKLM\...\{4C5C7B62-C959-5FEB-FAD6-B7A0BE68B868}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Avert Fate (HKLM-x32\...\{5C4D0A31-F7ED-4F52-B286-5F56B61F9C80}) (Version: 1.00.0000 - Avert Fate)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - )
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
Biologie heute CD (HKLM-x32\...\com.schroedel.bioheuteeinleger) (Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe)
Biologie heute CD (x32 Version: 1.1 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.16 - Piriform)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Duke Nukem Forever Demo (HKLM-x32\...\Steam App 57940) (Version:  - Gearbox Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
FormatFactory 2.50 (HKLM-x32\...\FormatFactory) (Version: 2.50 - Free Time)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.0 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.0 - Wendel-Verlag GmbH) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free 3GP Video Converter version 5.0.40.514 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gothic 3 Gold (HKLM-x32\...\{68D2A2E2-6B64-4433-8073-0605EB306C1B}) (Version: 1.0.0 - JoWooD)
Gothic II (HKLM-x32\...\Gothic II) (Version:  - JoWooD Productions Software AG)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hotspot Shield 3.23 (HKLM-x32\...\HotspotShield) (Version: 3.23 - AnchorFree Inc.)
HTC Sync Manager (HKLM-x32\...\{7477F26F-CC6A-4F68-8C9D-496DBFF45E05}) (Version: 1.1.27.0 - HTC)
I Am Alive (HKLM-x32\...\Steam App 214250) (Version:  - Ubisoft  Shanghaï)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.5.1003 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
King Arthur - The Role-playing Wargame (HKLM-x32\...\Steam App 24400) (Version:  - Neocore Games)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LightZone 4.0.0 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.0.0 - LightZone Project)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.01 - Electronic Arts, Inc.)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.03.0.0 - Electronic Arts)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox (3.6.18) (HKLM-x32\...\Mozilla Firefox (3.6.18)) (Version: 3.6.18 (de) - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM-x32\...\{FFD35D1F-F7C8-47AE-AF3E-E569F025CD7D}) (Version: 5.5.28 - Oracle Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pivot Stickfigure Animator (HKLM-x32\...\{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}) (Version: 2.2.5 - Peter Bone)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Postal 2 STP - Free Multiplayer Edition (HKLM-x32\...\Postal 2 STP - Free Multiplayer Edition) (Version:  - )
Print Server Support (HKLM-x32\...\{418EF145-944B-4EBC-A755-9F15AEDFB08B}) (Version: 1.00.0000 - Siemens)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Screen Recording Suite V2.5.0 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 2.5.0 - Apowersoft)
Secunia PSI (3.0.0.6001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6001 - Secunia)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Spotted Run for your Life (HKLM\...\UDK-a656fd26-fe9c-4d00-8aad-3e63c713bd0c) (Version:  - Epic Games, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Storybook (HKLM-x32\...\Storybook) (Version: 2.1.15 - Intertec)
StreamTransport version: 1.1.0.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
System Requirements Lab for Intel (HKLM-x32\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version:  - Tango Gameworks)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
Webzen Game Starter (HKLM-x32\...\{255FC1CF-2620-4B64-BE02-79B9E609BB3D}) (Version: 1.01.1014 - WEBZEN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WSCC 2.1.0.0 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic! Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Marc-Andre´\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

26-05-2015 03:10:48 Geplanter Prüfpunkt
03-06-2015 15:12:41 ComboFix created restore point
04-06-2015 15:51:29 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-03 15:26 - 2015-06-03 15:29 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD93574-B94B-40D9-8002-BEF0D67F63A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {1107F649-C364-4FFF-A9A0-27D422C60611} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {19B91066-69D3-4122-952B-7EE9B2F1D3CF} - System32\Tasks\{82A055CC-13D1-46DD-9A3A-DA2CB8C785D0} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {1E11C808-87CA-48A9-B9D0-C55B5D78D11E} - System32\Tasks\{78998BB2-5DF3-4ADA-9C1F-F0FA16EE48DD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/go/help.faq.installer?LastError=1618
Task: {22136676-9F46-4259-B2E0-36258C3D87FD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {31960EE8-2917-4120-B77D-477432EAD972} - System32\Tasks\{51C56D5C-5A7F-4172-852B-7B6CA5A92065} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {3EE2F65F-7D35-4564-88AA-70B4E51BB138} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4903CF65-B25B-4952-BDB1-EBDCCCE57853} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4F26A30A-008E-4810-8E0E-59C42C704FC0} - System32\Tasks\Schule jo^^ => C:\Users\Marc-Andre´\Desktop\EKO FRESH FEAT HAFTBEFEHL - STILL MENACE (OFFICIAL HD VERSION).mp4
Task: {662E61CD-FBF2-453A-ADDD-593241083BF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {71DE537D-2BF3-40F9-BA3D-84A9420E6003} - System32\Tasks\{F3553201-B43E-425B-8061-E19C46894E1E} => pcalua.exe -a "C:\Users\Marc-Andre´\Desktop\anno trainer\IC_annocheat104.exe" -d "C:\Users\Marc-Andre´\Desktop\anno trainer"
Task: {83E1DB51-257D-45DD-B3AA-F9672B84BE46} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {855B49C3-1EF1-49DF-B854-1FB640EE3188} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {8C86B49B-2A76-4806-8A04-6201DD14C2B5} - System32\Tasks\{779B966B-BA4D-462B-BA15-11D996836268} => pcalua.exe -a "C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe"
Task: {B62B4B93-B2AB-4C5F-8D9C-A20131A5A7BA} - System32\Tasks\{2E9988B2-EBD0-41C2-9078-5C3FA1CA49EE} => C:\Users\Marc-Andre´\Desktop\CryEngine\Bin64\Launcher.exe
Task: {D38B2E7D-23E5-44FE-A7CE-B98DD571361F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {DC27BF67-7135-4103-8404-AFB622CBF4E8} - System32\Tasks\{0BCE45A5-6E0A-4B92-BC53-E05C14F2CD19} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F52F510C-46A4-4EE3-A3A5-BB2E7FAA3F35} - System32\Tasks\{6326D6F7-1E62-4FD1-A8E2-C8D9A1116C49} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F591ACF2-F204-4DA2-82AF-EDF397D083E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-18 20:17 - 2013-12-18 20:17 - 00555304 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-10-02 12:33 - 2014-02-24 01:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-26 19:14 - 2012-09-26 19:14 - 00168864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-09-08 22:10 - 2014-12-08 08:27 - 06277952 _____ () C:\Users\Marc-Andre´\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-05-31 13:02 - 2010-05-31 13:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-18 20:11 - 2013-12-18 20:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2012-09-26 19:11 - 2012-09-26 19:11 - 00024496 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00466256 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00043944 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00035776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2012-09-26 19:15 - 2012-09-26 19:15 - 00223152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-05-31 12:58 - 2009-12-09 17:55 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-05-25 22:46 - 2015-05-22 22:22 - 01281864 _____ () C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 22:46 - 2015-05-22 22:22 - 00080712 _____ () C:\Users\Marc-Andre´\AppData\Local\Google\Chrome\Application\43.0.2357.81\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:D06A4C76

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1234873347-607795945-2308373214-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1234873347-607795945-2308373214-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc-Andre´\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FILSHtray => "C:\Program Files (x86)\FILSHtray\FILSHtray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7E2E668E-B9B4-41E0-95EF-9D4DBEBBC21B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FC340676-790F-42D5-A20D-66AABD7968A9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E7ECBD0-9D67-40D5-BE6C-54B65D9E3B0C}] => (Allow) svchost.exe
FirewallRules: [{308C746D-4D38-4150-AE38-6264AB9D58BD}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F1F6F395-E7F0-4084-A31D-5D0FD09BE912}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6CD6B55-F21A-4E12-AA37-4CABF5EF211C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{92D5BF9F-1684-4AF4-AC31-8D143671752E}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [UDP Query User{6A2189A7-A31E-4871-B9F7-D620AFE8E087}C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe] => (Block) C:\users\marc-andre´\desktop\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe
FirewallRules: [{6EC9DF7C-57D1-40AA-9766-0F2A91D26C24}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{27C512EE-74C9-4F27-BDAD-08B1D338BD80}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{8FD69238-E644-4745-A958-B5DD4D58764D}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{35ADB5D4-AF09-44BD-A401-789637B4C158}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [TCP Query User{8558347C-B400-4AE7-B3F8-54EF1EC93D42}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [UDP Query User{D11E0519-9831-4ABC-A217-90C23536F4F0}C:\program files (x86)\metin2\metin2.bin] => (Allow) C:\program files (x86)\metin2\metin2.bin
FirewallRules: [TCP Query User{3938B1F3-2A8C-4D9A-A1B0-ACEAD3652445}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [UDP Query User{8419F912-94B4-4624-B8A3-0A7B8382D295}C:\program files (x86)\metin2\metin2client.bin] => (Allow) C:\program files (x86)\metin2\metin2client.bin
FirewallRules: [{8496942B-9F52-4A5C-B2A5-5D2CBA898EB3}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{CE5CB3DC-3BF9-4F14-AA56-1E72443CBB11}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{25ED4E0D-9506-4B9B-B783-E94EB5BCBCB3}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [{031BC6C8-E5ED-4264-80B6-F38DF42F6411}] => (Allow) C:\Program Files (x86)\DNA\btdna.exe
FirewallRules: [TCP Query User{E3495B51-2B3B-4AD6-B7E9-F58C99349579}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [UDP Query User{E88F85DA-933E-4E5F-988E-3D9A1D80C42C}C:\program files (x86)\urbanterror\iourbanterror.exe] => (Allow) C:\program files (x86)\urbanterror\iourbanterror.exe
FirewallRules: [{62A393BF-1080-460D-8274-0CD932AF2376}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{523879E9-231F-4DF4-99F7-2C56DB12C89B}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [UDP Query User{C5F81AB7-9A4B-4CC8-B873-1B21A6CFB78E}C:\program files (x86)\postal2stp\system\postal2mp.exe] => (Allow) C:\program files (x86)\postal2stp\system\postal2mp.exe
FirewallRules: [{C8EC77B1-A318-494D-9086-EE6C30C0DC57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8F019785-B231-47FF-8950-AFD6A605FBB3}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [UDP Query User{9CC12244-8575-44F7-9576-89CC0E4EC8AA}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [TCP Query User{07396779-1384-4A05-867E-38B5610A931A}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [UDP Query User{197F44AE-435A-4A88-A093-ADB8E879F692}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [{389EFA56-C030-4E16-8239-85FBECA7D513}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{860CFAD8-A55B-4855-B92A-D88B427BFE32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{67A66FA7-C5BF-421E-919A-7808542F5B2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04281D5B-49FC-4FFF-A171-649B8DE830D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{2156CBBD-0C05-46B7-8ED8-952C041E64B7}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [UDP Query User{10690B86-54DC-4542-821F-AEF4D2F7E226}C:\users\marc-andre´\desktop\ydvydv\blackops.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackops.exe
FirewallRules: [TCP Query User{A82279A9-6138-4C08-88A6-A2EF11FC9790}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [UDP Query User{19D282BA-05F4-43FC-B107-2A9A703B9141}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2 deathmatch\hl2.exe
FirewallRules: [TCP Query User{ECFF539F-4A9A-407A-917A-C4A51F7E1C84}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [UDP Query User{65048C42-E557-4AB9-8A5F-7CD46CFD4A70}C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\half-life 2\hl2.exe
FirewallRules: [TCP Query User{96E1CDC5-18EA-4FA6-9AD8-D57992E422C6}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [UDP Query User{2107560E-17FA-458D-A70B-BA9BCCB72395}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe
FirewallRules: [TCP Query User{BDAFD6B5-A584-4FE7-A018-DF28B4BF2726}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{4F285355-22B0-468E-8D2B-7B9086E0DEA8}C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mutterelefant\team fortress 2\hl2.exe
FirewallRules: [{C5218F93-78B2-4440-AE9D-19AF958C951E}] => (Allow) %SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [TCP Query User{0450DB9D-7D03-47AB-81CF-2FAB3707119E}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [UDP Query User{6B3F284C-EEA5-4DEA-9255-C114C50EC5CA}C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\mutterelefant\source sdk base\hl2.exe
FirewallRules: [{C1987C9B-67BD-42E8-95E5-B76877D2F604}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{5402EA23-651F-43E8-9D73-4774B6391B9A}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9225F1A1-0AA0-4E68-A902-148128BCD651}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{4B3FF22E-DFE7-4299-9B2E-7A3F71C9173F}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{EDD3527E-B517-4112-9607-CE6172E1AC84}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{DC16CBFB-5FA6-4035-BC18-52707B1CD29F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{368605C8-FD28-4AF4-81EA-3A19DCDBC7FB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{6BB5E284-8D74-4D72-A5DD-0F9B31CD360B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{59DEB766-2736-4A33-B23F-B498AEB62589}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{AE329436-D2FB-42DD-9516-B53CF3D595BE}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{8733F0E9-94E0-41FF-9D6C-280F13F1D2A4}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [UDP Query User{523DDDF1-9208-497F-AA48-03F45A380226}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe
FirewallRules: [{9AFEA075-018F-4B53-BA28-01CB66DE8851}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D7C40DE-9055-4147-A539-84C99680C5ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6888B93-C29D-4C26-AFFC-F16EE747F67B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{90B649F6-7BC5-4237-8934-8A179FFA1969}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [UDP Query User{427D20BC-5377-422E-BFA6-1EB787FEF29E}C:\program files (x86)\z8games\crossfire\cf_g4box.exe] => (Allow) C:\program files (x86)\z8games\crossfire\cf_g4box.exe
FirewallRules: [TCP Query User{1059CF1B-5EEA-433E-A038-BF388144356E}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [UDP Query User{7EC367CD-BBB1-42E1-9CA2-5CB5CAAA92FC}C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe] => (Block) C:\users\marc-andre´\desktop\ydvydv\blackopsmp.exe
FirewallRules: [{4FFBBEC6-0373-4C8E-86EC-30F7CDEF4107}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DEB106A3-6C70-4CB2-A795-6EE75C5E97D0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B1CABB2E-90B7-4F74-83DF-C238B9D43138}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{064B7FBA-31A4-4E9F-AB84-037CE2DCFEAA}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{D5E67826-0038-4F55-B6BC-E47D3E3BDE3E}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{01401BDC-4911-4A8F-9E7B-F52A1AFA2367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{CE9D82E6-6FBC-407F-B5A6-31321305FECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{C664B43E-D596-4FF0-8869-2331DE846DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{8AB96067-686A-4B91-A6F8-5EB6460120A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{9251D19D-8829-4D04-BC07-85707DB22942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{5F10C4D7-2E83-487A-9695-5E03FEDAFFB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe
FirewallRules: [{55E20DC2-7E52-41F0-9B29-C84A93E4F12D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{CA299983-2587-41C4-8D85-C2CC9F5A5186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\age of chivalry\hl2.exe
FirewallRules: [{7ABFFBB7-5E68-44AF-A3FE-6E9E42241256}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{E16817EA-2D31-4335-AF37-E3AE09993860}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{95BD0CD3-414A-4117-A253-A600C6ACD41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [{D1B64403-F8FB-439B-A20F-8ACF2A705414}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\duke nukem forever demo\System\DukeForeverDemo.exe
FirewallRules: [TCP Query User{A5B4A15A-FBD2-42BA-B26D-78EB4B454218}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3F11AF11-A717-4B86-908C-B3D5D2DC5F5E}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{724BED90-7CF4-4E0C-A0A0-35A6402C9A71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{D5D06C4D-F4C6-4772-A391-E11260BDD121}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [TCP Query User{16685EA7-0EFA-44A2-9CE7-BAEB72ED1D1F}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{6634959D-867A-4F30-820A-6C6DF563E9C2}C:\users\marc-andre´\desktop\dead island\deadislandgame.exe] => (Block) C:\users\marc-andre´\desktop\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{FF1114D2-76D4-400A-A189-8ED378C6EC37}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [UDP Query User{6C2EAB25-2A8D-4737-84DB-6D1BE9FB44C2}C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin] => (Allow) C:\users\marc-andre´\desktop\dark-fusion2\metin2client.bin
FirewallRules: [{661868E0-06E3-4C99-B02C-9B47F3094878}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{955E1FF3-987C-4236-B641-91B29FD11412}] => (Allow) C:\Users\Marc-Andre´\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{75FDD2CB-0494-4C12-884B-624E20FF35C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{779BBC81-713D-45B2-B290-16F42B910E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{84B4BC54-6C3C-46E5-8A5E-97D69211B0EA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{11BD8B0F-BBDE-4CE4-8516-E3512ACF1590}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{00E6A4E1-A0A0-4AE1-98DF-2C60740FFBB5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{6A5C623F-AB46-44D5-9BD9-F0212CB58EBA}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{B058E99F-D380-4AC1-8389-64258197F996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{A9259BAC-0103-41E2-AA84-611448B95229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{263CE4EB-3FF7-48A9-B713-D511D602D99B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{CFEC88EF-3366-48E2-BC1D-33AD53476C18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{4F99A69D-1B2B-4E5A-B42F-9B575C257448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{CA9B639D-48C9-4677-94E7-4D9A26FE689B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{425A8CA8-4F11-43FB-948E-8AADDAEE89CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{6478CF50-0476-4819-BBC9-83878FFCE5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{E6F9CE51-8DCB-45F2-9C29-5A0531C76952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{48B28329-4E6B-40BD-879A-24E6FB9E1FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mutterelefant\zombie panic! source\hl2.exe
FirewallRules: [{80E76CFA-2C15-47B2-B204-9ACDFD213659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{3F5FC791-DFE5-422F-BBF2-C8CFAB9A9633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthur.exe
FirewallRules: [{5BAB004B-2CAF-44C2-9CA6-55CC13D0CB94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe
FirewallRules: [{DA03CA51-A808-4721-A276-87EDBA8566A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\king arthur - the role-playing wargame\KingArthurMulti.exe
FirewallRules: [{08813FA7-CD75-4CB0-9679-B0E84A396096}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F506D87-8E3A-41CA-9B3A-665CD4FE921F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4B08F29A-A1BD-4958-ACBA-6BD8C84F4BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{77AD0E0D-1C7C-4014-A7C4-A1F2B07DBCAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{818C58BB-0E88-4FDE-91B3-84F4902CBF25}C:\users\marc-andre´\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\marc-andre´\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{46A4FC8F-7AB6-4806-8F28-F0DD4057C42C}C:\users\marc-andre´\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\marc-andre´\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F25EC29F-1262-4C16-B411-A9547F3B9C60}C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{07273B0F-2CDC-4EF7-AE42-5D02F20CFE94}C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D4C4237D-3B88-47B7-A0DB-5DC7CFC11FDB}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{0DC00B1A-8A08-4044-A26F-BA2DE0D47001}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{2A492C2E-55DD-45D5-8ECC-0FD8E360CBC6}C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F36322C0-6130-4A85-B708-F8FB4155823C}C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marc-andre´\appdata\roaming\spotify\spotify.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 04:09:14 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/04/2015 03:44:50 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/04/2015 02:58:51 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 09:00:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 07:10:16 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 06:40:24 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 03:27:43 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 03:16:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

Error: (06/03/2015 03:06:31 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (06/03/2015 02:39:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (06/04/2015 04:09:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (06/04/2015 04:05:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/04/2015 03:48:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/04/2015 03:48:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/04/2015 03:48:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/04/2015 03:47:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/04/2015 03:46:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 03:46:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 03:46:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 03:46:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/04/2015 04:09:14 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/04/2015 03:44:50 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/04/2015 02:58:51 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 09:00:07 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 07:10:16 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 06:40:24 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 03:27:43 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 03:16:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

Error: (06/03/2015 03:06:31 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (06/03/2015 02:39:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000


CodeIntegrity Errors:
===================================
  Date: 2015-06-03 15:25:51.806
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-03 15:25:51.728
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 6135.11 MB
Available physical RAM: 4209.26 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 10015.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:672.54 GB) (Free:66.82 GB) NTFS
Drive d: (Recover) (Fixed) (Total:25 GB) (Free:16.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: E90925EA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=672.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

M-K-D-B · 04.06.2015, 19:26

Servus,

du musst schon auf Search Registry klicken, wenn du die Begriffe in die Zeile reinkopiert hast... bitte nochmal.

condolai · 04.06.2015, 20:52

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Marc-Andre´ at 2015-06-04 21:50:06
Running from C:\Users\Marc-Andre´\Desktop
Boot Mode: Normal

================== Search Registry: "BittorrentBar;DAEMON Tools Toolbar;FLV Player;Conduit;Pokki" ===========


===================== Search result for "DAEMON Tools Toolbar" ==========

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1234873347-607795945-2308373214-1000\Software\DT Soft\DAEMON Tools Toolbar]


===================== Search result for "FLV Player" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Flash.VideoFile\Shell\Open\Command]
""="C:\Program Files (x86)\FLV Player\flvplayer.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV Player2.0.24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV Player2.0.24]
"UninstallString"=""C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files (x86)\FLV Player\Uninstall\uninstall.xml""

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5b741e30_0]
""="{0.0.0.00000000}.{67f517f6-9b1a-41e8-90cf-190dedf32c70}|\Device\HarddiskVolume2\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"


===================== Search result for "Conduit" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966]
"09699DDB14539164D9A2C3DD3B1EF5E9"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\HotspotShield]
"installer"="HSS-2.90-install-chip-389-conduit.exe"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\AppDataLow\Software\Mail.Ru\IE_Bar\Recovery\ff]
"DefaultUrl"="hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}"


===================== Search result for "Pokki" ==========

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4eb3fc20-7158-4dd5-a08e-707541e9341c}]
"AppName"="PokkiDownloadHelper.exe"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\AppID\npPokkiDownloadHelper.dll]

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Pokki.PokkiDownloadHelper]
""="Pokki Download Helper"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Pokki.PokkiDownloadHelper.1]

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}\1.0]
""="PokkiDownloadHelper 1.0 Type Library"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}\1.0\HELPDIR]
""="C:\Users\Marc-Andre´\AppData\Local\Pokki\Download Helper"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Wow6432Node\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\InprocServer32]
""="C:\Users\Marc-Andre´\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Wow6432Node\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\VersionIndependentProgID]
""="Pokki.PokkiDownloadHelper"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\Pokki.PokkiDownloadHelper]

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\Pokki.PokkiDownloadHelper\CurVer]
""="Pokki.PokkiDownloadHelper.1"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\Pokki.PokkiDownloadHelper.1]
""="Pokki Download Helper"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}\1.0\0\win32]
""="C:\Users\Marc-Andre´\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\Wow6432Node\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}]
""="Pokki Download Helper"

[HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000_Classes\Wow6432Node\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\ProgID]
""="Pokki.PokkiDownloadHelper.1"

====== End of Search ======

M-K-D-B · 04.06.2015, 21:10

Gut gemacht.

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKU\S-1-5-21-1234873347-607795945-2308373214-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
Toolbar: HKU\S-1-5-21-1234873347-607795945-2308373214-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab
FF Extension: Java String Helper - C:\Users\Marc-Andre´\AppData\Roaming\01009 [2012-02-27]
S3 X6va003; \??\C:\Users\MARC-A~1\AppData\Local\Temp\00353EE.tmp [X]
S3 X6va005; \??\C:\Users\MARC-A~1\AppData\Local\Temp\0056B2B.tmp [X]
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:D06A4C76
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1234873347-607795945-2308373214-1000\Software\DT Soft\DAEMON Tools Toolbar
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV Player2.0.24
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\AppDataLow\Software\Mail.Ru
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4eb3fc20-7158-4dd5-a08e-707541e9341c}
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\AppID\npPokkiDownloadHelper.dll
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Pokki.PokkiDownloadHelper
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Pokki.PokkiDownloadHelper.1
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}
DeleteKey: HKEY_USERS\S-1-5-21-1234873347-607795945-2308373214-1000\Software\Classes\Wow6432Node\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}
folder: C:\Users\Marc-Andre´\AppData\Roaming
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

04.06.2015, 19:26	#5
M-K-D-B /// TB-Ausbilder	Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien Servus, du musst schon auf Search Registry klicken, wenn du die Begriffe in die Zeile reinkopiert hast... bitte nochmal.

Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien

Plagegeister aller Art und deren Bekämpfung: Lahmgelegtes Antiviren Programm, langsames Internet und Probleme beim Öffnen/Schließen von Dateien