| fisherman | 22.11.2014 15:57 |
Hallo,
Schritte wurden durchgeführt:
mbam Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 22.11.2014
Suchlauf-Zeit: 14:43:40
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.3.1025
Malware Datenbank: v2014.09.19.05
Rootkit Datenbank: v2014.09.18.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: banimatz
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 348864
Verstrichene Zeit: 5 Min, 41 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, 2324, Löschen bei Neustart, [6f1299563546f4422a865610db2648b8]
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 7
PUP.Optional.UniversalUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UniversalUpdater, In Quarantäne, [6f1299563546f4422a865610db2648b8],
PUP.Optional.HDStreamer.A, HKLM\SOFTWARE\CLASSES\HD Streamer.ScriptHostObject, In Quarantäne, [0f7236b9502b95a19f0d8efac73b619f],
PUP.Optional.HDStreamer.A, HKLM\SOFTWARE\CLASSES\HD Streamer.ScriptHostObject.1, In Quarantäne, [176a3bb4bdbe61d5ecc0c8c02fd3cf31],
PUP.Optional.HDStreamer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.ScriptHostObject, In Quarantäne, [176a3bb4bdbe61d5ecc0c8c02fd3cf31],
PUP.Optional.HDStreamer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.ScriptHostObject.1, In Quarantäne, [176a3bb4bdbe61d5ecc0c8c02fd3cf31],
PUP.Optional.Salus.A, HKLM\SOFTWARE\WOW6432NODE\Salus, In Quarantäne, [3e4340afb8c337ff880bf018679c56aa],
PUP.Optional.Salus.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Salus, In Quarantäne, [a4dd47a89edd1e1854ec937624dfff01],
Registrierungswerte: 1
PUP.Optional.UniversalUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UNIVERSALUPDATER|ImagePath, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, In Quarantäne, [067ba24d106b5cda4604c86d7390d62a]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 3
PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater, Löschen bei Neustart, [2958856a106bb086db6e62d30201cd33],
PUP.Optional.Extutil.A, C:\Users\banimatz\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [f88968872a5167cfcb2508e5a35f43bd],
PUP.Optional.Managera.A, C:\Users\banimatz\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [aed303ec0e6da88e737e06e709f9d62a],
Dateien: 5
PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, Löschen bei Neustart, [6f1299563546f4422a865610db2648b8],
PUP.Optional.Trovi.A, C:\Users\banimatz\AppData\Roaming\Mozilla\Firefox\Profiles\7iwtvy9g.default\searchplugins\trovi-search.xml, In Quarantäne, [a4ddab44671478be14935ac68e7543bd],
PUP.Optional.Superfish.A, C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [bcc58b64b7c41f171c8e7ea2a162be42],
PUP.Optional.Superfish.A, C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [057c49a6bebdb284bdedfb25ca39639d],
PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\settings.json, In Quarantäne, [2958856a106bb086db6e62d30201cd33],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
AdwCleaner[S1].txt Code:
# AdwCleaner v4.101 - Bericht erstellt am 22/11/2014 um 15:02:52
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-07.1 [Local]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : banimatz - MACBOOKPORII
# Gestartet von : C:\Users\banimatz\Desktop\makeClean\AdwCleaner_4.101.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : APNMCP
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Probit Software
Ordner Gelöscht : C:\Users\banimatz\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\banimatz\AppData\Local\Temp\apn
Ordner Gelöscht : C:\Users\banimatz\AppData\Roaming\Probit Software
Ordner Gelöscht : C:\Users\Nina\AppData\Local\Temp\apn
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.BackgroundHostObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.BackgroundHostObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.Navbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.Navbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HD Streamer.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Salus CrashMon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33E06582-221E-400F-809B-30D3984DB355}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3868E0C2-3E75-445F-B748-C97BB82300AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CACBAC2D-FDC3-4608-A289-6F281F471B83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5375FB9F-DF09-444B-9DC0-C6ED079C2577}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6D697641-4C65-49F0-8CED-FE8180B5E37E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{73BB74C6-8886-4245-BCDA-448137D75D42}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E7ABCD91-74F6-45AD-968B-A45EB265072C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{33E06582-221E-400F-809B-30D3984DB355}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{3868E0C2-3E75-445F-B748-C97BB82300AC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CACBAC2D-FDC3-4608-A289-6F281F471B83}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.0.3 (x86 de)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [6012 octets] - [20/05/2014 14:58:36]
AdwCleaner[R1].txt - [4284 octets] - [22/11/2014 14:58:36]
AdwCleaner[S0].txt - [6027 octets] - [20/05/2014 14:59:41]
AdwCleaner[S1].txt - [4125 octets] - [22/11/2014 15:02:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4185 octets] ##########
JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Professional x64
Ran by banimatz on 22.11.2014 at 15:06:55,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\banimatz\AppData\Roaming\mozilla\firefox\profiles\7iwtvy9g.default\searchplugins\avira-safesearch.xml
Successfully deleted the following from C:\Users\banimatz\AppData\Roaming\mozilla\firefox\profiles\7iwtvy9g.default\prefs.js
user_pref("avira.safe_search.search_was_active", "false");
user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"148f4595c819-0dfaf3bac98e6c-43514136-0-148f4595c82407\"");
user_pref("extensions.safesearch.SAUTH_expires_at", "1415692978");
user_pref("extensions.safesearch.SAUTH_rndsnr", "\"0f0d2d1c07110f30eb8b849f0a55c6e8b51ccdbd\"");
user_pref("extensions.safesearch.SAUTH_userid", "4448544325");
user_pref("extensions.safesearch.SAUTH_utoken", "\"9d73683a1ce419e55e6156ff11017d836f13afd9\"");
user_pref("extensions.safesearch.install", "1412848770181");
Emptied folder: C:\Users\banimatz\AppData\Roaming\mozilla\firefox\profiles\7iwtvy9g.default\minidumps [11 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.11.2014 at 15:09:07,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014
Ran by banimatz (administrator) on MACBOOKPORII on 22-11-2014 15:12:19
Running from C:\Users\banimatz\Desktop\makeClean
Loaded Profile: banimatz (Available profiles: banimatz & Nina)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
() C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Google Inc.) C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(CounterPath) C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Awesomium Technologies) C:\Program Files (x86)\CounterPath\X-Lite\awesomium_process
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2013-09-26] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-09-02] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [826576 2012-09-20] (Check Point Software Technologies)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Run: [GoogleChromeAutoLaunch_366694884B513A867B5A12F66A03232F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Run: [Google Update] => C:\Users\banimatz\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-06] (Google Inc.)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Run: [MusicManager] => C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631360 2014-10-08] (Google Inc.)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Run: [X-Lite] => C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe [4978016 2014-07-07] (CounterPath)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {03b3ea09-d9a0-11e3-a4c8-08002700dc87} - F:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {9362068d-ada9-11e3-b9d7-547294d75512} - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {95f1ca52-93bd-11e3-a5ea-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {bd484143-9ef5-11e3-bc9e-600308977119} - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {cabb35a7-9d5e-11e3-a3d6-600308977119} - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {cabb35b1-9d5e-11e3-a3d6-600308977119} - E:\AutoRun.exe
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MountPoints2: {d1149826-da52-11e3-bffb-600308977119} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x76954452C80FCF01
HKU\S-1-5-21-2907796564-1364996237-583715993-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
Toolbar: HKU\S-1-5-21-2907796564-1364996237-583715993-1000 -> Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{0877828A-9ABB-4A7D-A585-3205489DD3C3}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{240F39BE-3425-4C86-903A-C801ADE911A1}: [NameServer] 212.45.188.254 212.169.123.67
Tcpip\..\Interfaces\{58FDE8BA-AFA3-401B-861C-FBEA1AF8EF9C}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{78ADDFD1-0B3C-454E-9E69-A3DDC2149F4F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{797F4BB4-132B-4D52-AB35-31828871A8FD}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{9411FB31-9474-4B89-AC52-D77D47666CD4}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A053820B-0F98-4590-BFA1-2EBCD7675EF6}: [NameServer] 212.45.188.254 212.169.123.67
Tcpip\..\Interfaces\{CBD8DEA5-C1B4-4379-8D29-1A63AFEC1074}: [NameServer] 212.169.123.67 212.45.188.254
FireFox:
========
FF ProfilePath: C:\Users\banimatz\AppData\Roaming\Mozilla\Firefox\Profiles\7iwtvy9g.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2907796564-1364996237-583715993-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\banimatz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2907796564-1364996237-583715993-1000: @talk.google.com/O1DPlugin -> C:\Users\banimatz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2907796564-1364996237-583715993-1000: @tools.google.com/Google Update;version=3 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2907796564-1364996237-583715993-1000: @tools.google.com/Google Update;version=9 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\banimatz\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\banimatz\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-21]
CHR Extension: (Google Drive) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (Gliffy-Diagramme) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2014-04-03]
CHR Extension: (YouTube) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-21]
CHR Extension: (JSONView) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2014-02-21]
CHR Extension: (RegExp Tester App) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmmblmkfaijaadfjapjddbeaoffeccib [2014-02-21]
CHR Extension: (Google-Suche) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-21]
CHR Extension: (Google Play Music) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-09-06]
CHR Extension: (XML Tree) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-25]
CHR Extension: (Advanced REST client) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2014-02-21]
CHR Extension: (Google Notizen – Notizen & Listen) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-02-21]
CHR Extension: (Disconnect) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-06-24]
CHR Extension: (Erweiterung \) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-21]
CHR Extension: (Google Mail) - C:\Users\banimatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2013-09-26] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2014-04-24] ()
S2 Mobile Broadband. RunOuc; C:\Program Files (x86)\Mobile Broadband\UpdateDog\ouc.exe [655712 2014-02-25] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4803800 2012-09-20] (Check Point Software Technologies)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1794176 2013-09-09] (Apple Inc.)
R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-09-06] (Apple Inc.)
R3 AppleSDR; C:\Windows\System32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 b786bdb3c67d; C:\Windows\System32\drivers\b786bdb3c67d.sys [46920 2014-11-20] (Windows (R) Win 7 DDK provider)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2014-04-24] (Bytemobile, Inc.) [File not signed]
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [56720 2013-09-09] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11928 2013-09-09] (Cirrus Logic Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [223744 2014-02-25] (Huawei Technologies Co., Ltd.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2014-04-24] (Bytemobile, Inc.) [File not signed]
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2012-09-20] (Check Point Software Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 15:09 - 2014-11-22 15:09 - 00001652 _____ () C:\Users\banimatz\Desktop\JRT.txt
2014-11-22 15:06 - 2014-11-22 15:06 - 00000000 ____D () C:\Windows\ERUNT
2014-11-22 14:53 - 2014-11-22 15:04 - 00000022 _____ () C:\Windows\S.dirmngr
2014-11-22 14:42 - 2014-11-22 14:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-22 14:41 - 2014-11-22 14:41 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-22 14:41 - 2014-11-22 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-22 14:41 - 2014-11-22 14:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-22 14:41 - 2014-11-22 14:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-22 14:41 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-22 14:41 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-22 14:41 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-22 14:34 - 2014-11-22 14:34 - 00001232 _____ () C:\Users\banimatz\Desktop\Revo Uninstaller.lnk
2014-11-22 14:34 - 2014-11-22 14:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-22 14:31 - 2014-11-22 15:12 - 00000000 ____D () C:\Users\banimatz\Desktop\makeClean
2014-11-21 20:33 - 2014-11-21 20:34 - 370763706 _____ () C:\Users\banimatz\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-11-21 17:52 - 2014-11-21 17:52 - 21348712 _____ () C:\Users\banimatz\Downloads\detekt.exe
2014-11-21 14:12 - 2014-11-21 14:12 - 00018764 _____ () C:\Users\banimatz\Desktop\AdwareLogs.7z
2014-11-21 13:50 - 2014-11-21 13:54 - 00000654 _____ () C:\Users\banimatz\Desktop\aviraManual.log
2014-11-21 13:42 - 2014-11-21 13:42 - 00035970 _____ () C:\Users\banimatz\Desktop\gemer.log
2014-11-21 13:31 - 2014-11-21 13:16 - 00049346 _____ () C:\Users\banimatz\Desktop\FRST.txt
2014-11-21 13:31 - 2014-11-21 13:14 - 00038813 _____ () C:\Users\banimatz\Desktop\Addition.txt
2014-11-21 13:26 - 2014-11-21 13:27 - 00380416 _____ () C:\Users\banimatz\Downloads\Gmer-19357.exe
2014-11-21 13:14 - 2014-11-21 13:16 - 00049346 _____ () C:\Users\banimatz\Downloads\FRST.txt
2014-11-21 13:14 - 2014-11-21 13:14 - 00038813 _____ () C:\Users\banimatz\Downloads\Addition.txt
2014-11-21 13:13 - 2014-11-22 15:12 - 00000000 ____D () C:\FRST
2014-11-21 13:10 - 2014-11-21 13:10 - 00000478 _____ () C:\Users\banimatz\Desktop\defogger_disable.log
2014-11-21 13:10 - 2014-11-21 13:10 - 00000000 _____ () C:\Users\banimatz\defogger_reenable
2014-11-21 13:09 - 2014-11-21 13:09 - 00050477 _____ () C:\Users\banimatz\Downloads\Defogger.exe
2014-11-21 09:35 - 2014-11-21 09:38 - 00000000 ____D () C:\Program Files (x86)\f552dd4c52e3
2014-11-20 21:47 - 2014-11-20 21:47 - 00046920 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\b786bdb3c67d.sys
2014-11-20 14:40 - 2014-11-20 14:40 - 00000000 ____D () C:\Program Files\Oracle VM VirtualBox
2014-11-20 14:28 - 2014-11-20 14:28 - 00003188 _____ () C:\Windows\System32\Tasks\{835C48F5-DE0B-4F76-B3D0-77032DCAC6E5}
2014-11-20 14:06 - 2014-11-20 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-11-20 14:06 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-11-20 14:06 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-11-20 13:58 - 2014-11-20 13:59 - 109574432 _____ (Oracle Corporation) C:\Users\banimatz\Downloads\VirtualBox-4.3.12-93733-Win.exe
2014-11-19 10:16 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:16 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 10:16 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 10:16 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 13:25 - 2014-11-16 13:25 - 00000402 _____ () C:\Users\banimatz\Desktop\WLAN.lnk
2014-11-12 13:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 13:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 13:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 13:46 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 13:46 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 13:46 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 13:46 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 13:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 13:46 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 13:46 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 13:46 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 13:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 13:46 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 13:46 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 13:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 13:46 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 13:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 13:46 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 13:46 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 13:46 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 13:46 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 13:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 13:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 13:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 13:46 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 13:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 13:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 13:46 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 13:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 13:46 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 13:46 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 13:46 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 13:46 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 13:46 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 13:46 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 13:46 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 13:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 13:46 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 13:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 13:46 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 13:46 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 13:46 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 13:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 13:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 13:46 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 13:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 13:46 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 13:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 13:46 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 13:46 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 13:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 13:46 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 13:46 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 13:46 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 13:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 13:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 13:45 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:45 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:45 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:45 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 13:45 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 13:45 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:45 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 13:45 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 13:45 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 13:45 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 13:45 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:45 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 13:45 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 13:45 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 13:45 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:45 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 13:45 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:45 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:45 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:45 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:45 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:45 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:45 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:45 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 13:45 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 13:45 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 13:45 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:45 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 13:45 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:45 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 13:45 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:45 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-09 16:15 - 2014-11-09 16:15 - 00000095 _____ () C:\Users\banimatz\Downloads\stream (7).m3u
2014-11-09 16:14 - 2014-11-09 16:14 - 00000095 _____ () C:\Users\banimatz\Downloads\stream (6).m3u
2014-11-04 09:03 - 2014-11-04 09:03 - 01054912 _____ (Adobe) C:\Users\banimatz\Downloads\install_flashplayer15x32au_ltr5x64d_awc_aih.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-22 15:11 - 2009-07-14 05:45 - 00022752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 15:11 - 2009-07-14 05:45 - 00022752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 15:07 - 2014-09-06 07:07 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000UA.job
2014-11-22 15:07 - 2014-01-10 09:12 - 01581164 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 15:07 - 2010-11-21 07:50 - 00698954 _____ () C:\Windows\system32\perfh007.dat
2014-11-22 15:07 - 2010-11-21 07:50 - 00149062 _____ () C:\Windows\system32\perfc007.dat
2014-11-22 15:07 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 15:04 - 2014-02-21 11:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 15:04 - 2010-11-21 04:47 - 00148186 _____ () C:\Windows\PFRO.log
2014-11-22 15:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 15:04 - 2009-07-14 05:51 - 00101634 _____ () C:\Windows\setupact.log
2014-11-22 15:02 - 2014-05-20 14:56 - 00000000 ____D () C:\AdwCleaner
2014-11-22 14:32 - 2014-02-21 11:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-21 21:27 - 2014-03-18 11:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-21 19:03 - 2014-08-29 11:26 - 00005164 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for macbookPorII-banimatz macbookPorII
2014-11-21 13:10 - 2014-01-10 09:18 - 00000000 ____D () C:\Users\banimatz
2014-11-21 13:06 - 2014-09-06 07:07 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000Core.job
2014-11-21 09:35 - 2014-01-12 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 21:13 - 2014-02-21 15:09 - 00000000 ____D () C:\Users\banimatz\AppData\Local\TGitCache
2014-11-20 16:30 - 2014-02-17 16:44 - 00000000 ____D () C:\dev
2014-11-20 15:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-20 14:41 - 2014-04-23 07:20 - 00000814 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-11-20 14:37 - 2014-10-14 11:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:29 - 2014-04-23 07:21 - 00000000 ____D () C:\Users\banimatz\.VirtualBox
2014-11-20 13:38 - 2014-02-17 16:54 - 00000000 ____D () C:\Users\banimatz\AppData\Local\Eclipse
2014-11-16 13:46 - 2014-08-29 11:34 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-14 13:01 - 2014-09-06 07:07 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000UA
2014-11-14 13:01 - 2014-09-06 07:07 - 00003712 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000Core
2014-11-14 11:14 - 2014-09-26 21:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-13 11:26 - 2014-02-21 11:53 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 11:26 - 2014-02-21 11:53 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 14:32 - 2014-06-27 12:12 - 00000000 ____D () C:\Windows\rescache
2014-11-12 14:27 - 2014-03-18 11:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 14:27 - 2014-02-21 14:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 14:27 - 2014-02-21 14:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 14:01 - 2014-01-12 20:00 - 00000000 ____D () C:\Users\banimatz\AppData\Roaming\Mozilla
2014-11-12 13:54 - 2009-07-14 05:45 - 00494952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 13:49 - 2014-01-12 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 13:47 - 2014-01-12 23:30 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-07 00:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-06 22:46 - 2014-08-29 11:04 - 00001105 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-06 22:46 - 2014-02-21 11:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-06 22:46 - 2014-01-12 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-06 22:46 - 2014-01-12 19:56 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-05 23:51 - 2014-03-08 21:04 - 00002250 ____H () C:\Users\banimatz\Documents\Default.rdp
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 10:02 - 2014-05-06 15:12 - 00000000 ____D () C:\Users\banimatz\.squirrel-sql
2014-11-03 09:48 - 2014-09-26 21:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-28 16:26 - 2014-02-21 11:59 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
Some content of TEMP:
====================
C:\Users\banimatz\AppData\Local\Temp\avgnt.exe
C:\Users\banimatz\AppData\Local\Temp\Quarantine.exe
C:\Users\banimatz\AppData\Local\Temp\sqlite3.dll
C:\Users\Nina\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-19 10:29
==================== End Of Log ============================
--- --- ---
--- --- ---
und zuletzt noch das aktuelle Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2014
Ran by banimatz at 2014-11-22 15:12:37
Running from C:\Users\banimatz\Desktop\makeClean
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A03}) (Version: 12.10.3.4488 - APN, LLC)
Beyond Compare 3.3.8 (HKLM-x32\...\BeyondCompare3_is1) (Version: 3.3.8.16340 - Scooter Software)
Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.0.5358 - Apple Inc.)
Check Point VPN (HKLM-x32\...\{CFB52646-DD86-4575-9932-FD8168F254FF}) (Version: 83.50.7083 - Check Point Software Technologies Ltd.)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
Git version 1.9.0-preview20140217 (HKLM-x32\...\Git_is1) (Version: 1.9.0-preview20140217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3215 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.42.55 - Huawei Technologies Co.,Ltd)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
LibreOffice 4.1.5.3 (HKLM-x32\...\{E77773E5-944A-453F-97F3-46767AE0A253}) (Version: 4.1.5.3 - The Document Foundation)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Lync Basic 2013 (HKLM\...\Office15.LYNCENTRY) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - de-de (HKLM\...\O365SmallBusPremRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mobile Broadband (HKLM-x32\...\Mobile Broadband) (Version: 23.001.07.04.07 - Huawei Technologies Co.,Ltd)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Music Manager (HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\MusicManager) (Version: - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Phoner 2.88 (HKLM-x32\...\Phoner_is1) (Version: 2.88 - Heiko Sommerfeldt)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Salus (HKLM-x32\...\Salus) (Version: 1.0.13.26 - Salus)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synology Cloud Station (remove only) (HKU\S-1-5-21-2907796564-1364996237-583715993-1000\...\Synology CloudStation) (Version: - )
TortoiseGit 1.8.11.0 (64 bit) (HKLM\...\{56AB2BBB-7F02-4F4E-8FE2-8E83857E2E4B}) (Version: 1.8.11.0 - TortoiseGit)
TreeSize Free V3.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
TV-Browser 3.3.3 (HKLM-x32\...\tvbrowser) (Version: 3.3.3 - TV-Browser Team)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (08/30/2013 5.0.20.0) (HKLM\...\E3335A8C64E02706D102E2C2170933120E907694) (Version: 08/30/2013 5.0.20.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (05/20/2013 5.0.6.0) (HKLM\...\0A14A5F4C56C9C530EDA1DBD68431EC2634BBEDA) (Version: 05/20/2013 5.0.6.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net (09/07/2013 6.30.223.170) (HKLM\...\306D9313C518059FF4E7AC81D8F665F82B573553) (Version: 09/07/2013 6.30.223.170 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (08/29/2013 6.6001.3.12) (HKLM\...\0430AB962C331A669D7BE9DEFDDCBD03A3A5CF00) (Version: 08/29/2013 6.6001.3.12 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl)
X-Lite (HKLM-x32\...\{97CFE823-A350-49CE-8993-5ED70C3BB40B}) (Version: 47.7.3589 - CounterPath Corporation)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\banimatz\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2907796564-1364996237-583715993-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\banimatz\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
20-11-2014 13:40:57 Gerätetreiber-Paketinstallation: Oracle Corporation USB-Controller
22-11-2014 13:36:08 Revo Uninstaller's restore point - Easy Speed Check
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-04-25 10:09 - 00003921 ____N C:\Windows\system32\Drivers\etc\hosts
192.168.3.1 speedport.ip
53.71.107.240 portal.corpintra.net
53.71.107.238 portal.e.corpintra.net
53.71.109.133 login.es.corpintra.net
53.71.109.131 login.e.corpintra.net
53.71.109.60 cd-appsdev.e.corpintra.net
53.71.109.64 cd-appsdev.es.corpintra.net
53.71.109.65 cd-appstest.e.corpintra.net
53.71.109.66 cd-appstest.es.corpintra.net
53.71.109.120 intra-cdtools.e.corpintra.net
53.71.109.124 intra-cdtools.es.corpintra.net
53.71.109.126 intra-wiw.e.corpintra.net
53.71.109.128 intra-wiwtools.e.corpintra.net
53.71.109.129 intra-wiwservices.e.corpintra.net
53.71.109.131 login.e.corpintra.net
53.71.109.133 login.es.corpintra.net
53.71.109.135 login-cert.es.corpintra.net
53.71.109.137 secure-pin-intra.daimler.com
53.71.109.139 login-ts.es.corpintra.net
53.71.108.146 cism-web.es.corpintra.net
53.71.212.152 cism-system.app.corpintra.net
53.71.104.31 gate.edc.corpintra.net
53.71.235.169 edc-ssh-keys.e.coprintra.net
53.151.101.164 sstdrm54.wk.dcx.com
53.151.102.164 sstrdm54.e.corpintra.net
53.151.102.165 sstrdm55.e.corpintra.net
53.151.101.165 sstrdm55.wk.dcx.com
53.71.19.34 sedcm932.emea.isn.corpintra.net
53.71.228.187 clarity-system-dev.es.corpintra.net
There are 27 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {09F0E756-5D4C-41FD-9212-31AF6271969A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0FFE8B5D-DF00-4C40-AD40-E7CD4042FCD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {3951C98C-5B9B-4E58-8F78-1C2C1C6FAB60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {41863B23-D89C-4A85-A0DC-D6AFD270C6E1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-10-22] (Microsoft Corporation)
Task: {571B9434-57F6-4547-8E79-C0769E7B42CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000Core => C:\Users\banimatz\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {5BE06337-930C-487C-BC72-4C856A7303F8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for macbookPorII-banimatz macbookPorII => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2014-10-07] (Microsoft Corporation)
Task: {807CC942-A7C2-4CC2-A7A1-5C8D1E443087} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000UA => C:\Users\banimatz\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {9F9C8955-37FE-41DA-BB0A-43E6A95F4B64} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A606165D-65E8-4A41-B8FD-2298E5F6346C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B3BF9AD0-B4B6-4388-8188-A8F8E4858644} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {CDF6695C-63E1-49C9-8BF7-C6EB4379FB9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {D6B7F85D-28D7-4CE0-A773-0756E51FDD04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {DF7C9C87-29A8-4A21-8C64-C33701C7151F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F4D9F47C-442D-437C-8B3E-010E0627999C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000Core.job => C:\Users\banimatz\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2907796564-1364996237-583715993-1000UA.job => C:\Users\banimatz\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-26 12:29 - 2013-09-26 12:29 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe
2014-08-29 11:34 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-07 15:54 - 2013-10-07 15:54 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-04-24 04:54 - 2014-04-24 04:54 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-02-25 08:18 - 2014-02-25 08:18 - 00655712 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe
2014-08-22 15:06 - 2014-08-22 15:06 - 00792424 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
2014-08-22 15:06 - 2014-08-22 15:06 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 15:47 - 2013-10-07 15:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-10-07 15:44 - 2013-10-07 15:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 15:49 - 2013-10-07 15:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2014-04-24 04:54 - 2014-04-24 04:54 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-04-24 04:54 - 2014-04-24 04:54 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-04-24 04:54 - 2014-04-24 04:54 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2014-04-24 04:54 - 2014-04-24 04:54 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 00011362 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\mingwm10.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 00043008 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 02415104 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\QtCore4.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 01148416 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\QtNetwork4.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 00835072 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\QueryStrategy.dll
2014-02-25 08:18 - 2014-02-25 08:18 - 00398336 _____ () C:\ProgramData\Mobile Broadband\OnlineUpdate\QtXml4.dll
2014-09-26 21:13 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-26 21:13 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-26 21:13 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-26 21:13 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-26 21:13 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-03 20:15 - 2014-09-03 20:15 - 10683392 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 20:15 - 2014-09-03 20:15 - 07741952 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 20:15 - 2014-09-03 20:15 - 02248192 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 20:15 - 2014-09-03 20:15 - 01681408 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-10-08 23:34 - 2014-10-08 23:34 - 00117248 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-10-08 23:34 - 2014-10-08 23:34 - 00231936 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-10-08 23:34 - 2014-10-08 23:34 - 00253440 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-10-08 23:34 - 2014-10-08 23:34 - 00344064 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 20:15 - 2014-09-03 20:15 - 00026624 _____ () C:\Users\banimatz\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-07-07 14:30 - 2014-07-07 14:30 - 44752736 _____ () C:\Program Files (x86)\CounterPath\X-Lite\CPCLR.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00047616 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_signals-vc100-mt-1_51.dll
2012-11-20 15:10 - 2012-11-20 15:10 - 00015360 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_system-vc100-mt-1_51.dll
2010-10-29 13:00 - 2010-10-29 13:00 - 01992192 _____ () C:\Program Files (x86)\CounterPath\X-Lite\YLUSBTEL.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00066560 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_thread-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00023040 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_chrono-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00627200 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_regex-vc100-mt-1_51.dll
2012-11-20 15:10 - 2012-11-20 15:10 - 00100352 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_filesystem-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00040448 _____ () C:\Program Files (x86)\CounterPath\X-Lite\boost_date_time-vc100-mt-1_51.dll
2012-09-20 15:06 - 2012-09-20 15:06 - 05705728 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtGui4.dll
2012-09-20 15:05 - 2012-09-20 15:05 - 01617920 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtCore4.dll
2012-09-20 15:00 - 2012-09-20 15:00 - 00028672 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 01100784 _____ () C:\Program Files (x86)\CounterPath\X-Lite\avcodec-53.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 00124400 _____ () C:\Program Files (x86)\CounterPath\X-Lite\avutil-51.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 00191984 _____ () C:\Program Files (x86)\CounterPath\X-Lite\avformat-53.dll
2014-01-10 09:22 - 2013-09-02 10:55 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: EasySpeedCheck => C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2907796564-1364996237-583715993-500 - Administrator - Disabled)
banimatz (S-1-5-21-2907796564-1364996237-583715993-1000 - Administrator - Enabled) => C:\Users\banimatz
Gast (S-1-5-21-2907796564-1364996237-583715993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2907796564-1364996237-583715993-1003 - Limited - Enabled)
Nina (S-1-5-21-2907796564-1364996237-583715993-1001 - Limited - Enabled) => C:\Users\Nina
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/22/2014 03:09:11 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description:
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (11/22/2014 03:09:11 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description:
CodeIntegrity Errors:
===================================
Date: 2014-11-20 14:37:44.182
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-20 13:57:57.537
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-30 08:17:47.352
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-30 08:02:54.324
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-30 07:31:43.644
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-30 07:21:43.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 17:59:51.635
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 14:57:33.031
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 14:46:03.517
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-29 13:56:05.120
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4558U CPU @ 2.80GHz
Percentage of memory in use: 14%
Total physical RAM: 16292.68 MB
Available physical RAM: 13975.62 MB
Total Pagefile: 16290.86 MB
Available Pagefile: 13839.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:74.5 GB) (Free:9.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:269.52 GB) (Free:17.37 GB) HFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.9 GB) (Disk ID: 0823F9CA)
Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=269.5 GB) - (Type=AF)
Partition 3: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
