| Anatol08 | 05.10.2014 21:15 |
Hier die Dateien
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-10-2014
Ran by Anatol (administrator) on ZENTRALRECHNER on 05-10-2014 22:06:23
Running from C:\Users\Anatol\Desktop\Neuer Ordner
Loaded Profile: Anatol (Available profiles: Anatol)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.exe
(1&1 Mail & Media GmbH) C:\Users\Anatol\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamSpeak Systems GmbH) D:\Spiele\Programme\TeamSpeak 3 Client\ts3client_win64.exe
() D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
() D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
() D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
() D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-10-01] (Smartbar)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [Facebook Update] => C:\Users\Anatol\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-30] (Facebook Inc.)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\Anatol\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [792576 2014-06-04] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [] => [X]
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22038120 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2882583504-2096780920-3334146220-1000\...\MountPoints2: {69d3e6d3-80f2-11e3-b964-dd7cd918a150} - L:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-30] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20140611142738446.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x104E8CE052A7CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9e824509-1905-efc8-46f0-1806da8a5df9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=19/01/2014&type=hp1000
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9e824509-1905-efc8-46f0-1806da8a5df9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=19/01/2014&type=hp1000
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> D:\Spiele\Programme\online\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\MEDIEN\Programme\vlc 2.1\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\MEDIEN\Programme\vlc 2.1\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Anatol\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: WEB.DE MailCheck - C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\Extensions\toolbar@web.de [2014-09-04]
FF Extension: DownloadHelper - C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-13]
FF Extension: ProxTube - C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\Extensions\ich@maltegoetz.de.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-29]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Anatol\AppData\Roaming\Mozilla\Firefox\Profiles\kvbtpqog.default-1407458826507\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-14]
CHR Extension: (Google Drive) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-14]
CHR Extension: (Google Search) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-14]
CHR Extension: (Video download helper) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm [2014-07-02]
CHR Extension: (Google Wallet) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-14]
CHR Extension: (Gmail) - C:\Users\Anatol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-18] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-04] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-19] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-05 20:01 - 2014-10-05 22:06 - 00000000 ____D () C:\FRST
2014-10-05 20:00 - 2014-10-05 22:06 - 00000000 ____D () C:\Users\Anatol\Desktop\Neuer Ordner
2014-10-05 20:00 - 2014-10-05 20:00 - 02109440 _____ (Farbar) C:\Users\Anatol\Downloads\FRST64(1).exe
2014-10-05 19:59 - 2014-10-05 19:59 - 01704938 _____ (Thisisu) C:\Users\Anatol\Downloads\JRT.exe
2014-10-05 19:59 - 2014-10-05 19:59 - 01375089 _____ () C:\Users\Anatol\Downloads\AdwCleaner_3.311.exe
2014-10-05 19:58 - 2014-10-05 19:58 - 02109440 _____ (Farbar) C:\Users\Anatol\Downloads\FRST64.exe
2014-09-30 21:57 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 21:57 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 19:57 - 2014-10-05 16:14 - 00000336 _____ () C:\Windows\setupact.log
2014-09-29 19:57 - 2014-09-29 19:57 - 00006992 _____ () C:\Windows\PFRO.log
2014-09-29 19:57 - 2014-09-29 19:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-29 19:56 - 2014-09-29 19:56 - 00000000 _____ () C:\asc_rdflag
2014-09-29 00:48 - 2014-09-29 00:48 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\ProductData
2014-09-29 00:46 - 2014-10-01 20:31 - 00002209 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-09-29 00:43 - 2014-09-29 00:45 - 38662680 _____ (IObit ) C:\Users\Anatol\Downloads\advanced-systemcare-setup.exe
2014-09-28 19:39 - 2014-09-28 19:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 00:19 - 2014-09-25 00:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-09-25 00:08 - 2014-09-25 00:08 - 00001135 _____ () C:\Users\Anatol\Desktop\Nexus Root Toolkit.lnk
2014-09-25 00:08 - 2014-09-25 00:08 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit
2014-09-25 00:08 - 2014-09-25 00:08 - 00000000 ____D () C:\Users\Anatol\.android
2014-09-25 00:08 - 2014-09-25 00:08 - 00000000 ____D () C:\Program Files (x86)\WugFresh Development
2014-09-25 00:08 - 2011-12-02 20:32 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-09-24 23:57 - 2014-09-24 23:59 - 29726138 _____ () C:\Users\Anatol\Downloads\NRT_v1.8.7.sfx.exe
2014-09-24 23:45 - 2014-09-24 23:45 - 00000000 ____D () C:\Users\Anatol\Desktop\vorrübergehende Sicherung Speicherkerte
2014-09-24 20:22 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 20:22 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-18 19:09 - 2014-09-18 19:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 19:09 - 2014-09-18 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 21:42 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-17 21:42 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-17 21:42 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 21:42 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 21:42 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 21:42 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-17 21:42 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-17 21:42 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 21:42 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-17 21:42 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-17 21:42 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 21:42 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 21:42 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 21:42 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 21:42 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 21:42 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-17 21:42 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 21:42 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-17 21:42 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 21:42 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-17 21:42 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-17 21:42 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 21:42 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 21:42 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-17 21:42 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 21:42 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 21:42 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 21:41 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 21:41 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 21:41 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 21:41 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 21:41 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 21:41 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 21:41 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-17 21:41 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-17 21:41 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 21:41 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-17 21:41 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-17 21:41 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-17 21:41 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 21:41 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-17 21:41 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 21:41 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 21:41 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 21:41 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-17 21:41 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 21:41 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 21:41 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-17 21:41 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 21:41 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 21:41 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-17 21:41 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 21:41 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 21:41 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 21:41 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 21:41 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 21:15 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-17 21:15 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-17 21:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-17 21:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-17 21:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-17 21:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-17 21:13 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-17 21:13 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-17 21:13 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-17 21:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-17 21:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-17 21:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-17 21:13 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-17 21:13 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-17 19:26 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-17 19:26 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-17 19:26 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-17 19:26 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-17 19:25 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 19:25 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 19:25 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-17 19:25 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-17 19:25 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-17 19:25 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-17 19:25 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-13 18:49 - 2014-09-13 18:49 - 00000000 ____D () C:\Users\Anatol\Desktop\Facharbeit komplett
2014-09-13 18:24 - 2014-09-13 18:24 - 00087704 _____ () C:\Windows\cadkasdeinst01.exe
2014-09-13 18:24 - 2014-09-13 18:24 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editor 4.0
2014-09-13 18:24 - 2014-09-13 18:24 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\CAD-KAS
2014-09-13 18:24 - 2014-09-13 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 4.0
2014-09-13 18:24 - 2014-09-13 18:24 - 00000000 ____D () C:\Program Files (x86)\PDF Editor 4
2014-09-13 18:23 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-09-13 18:23 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-09-13 18:22 - 2014-09-13 18:22 - 01101648 _____ () C:\Users\Anatol\Downloads\PDF Editor - CHIP-Installer.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-05 21:37 - 2014-01-01 20:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 21:34 - 2014-01-02 23:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 19:54 - 2014-01-30 23:49 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000UA.job
2014-10-05 19:36 - 2013-12-29 04:46 - 01265757 _____ () C:\Windows\WindowsUpdate.log
2014-10-05 17:41 - 2014-01-01 20:44 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\Skype
2014-10-05 16:23 - 2009-07-14 06:45 - 00022048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-05 16:23 - 2009-07-14 06:45 - 00022048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-05 16:15 - 2014-01-02 23:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-05 16:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-04 18:09 - 2014-01-12 18:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-02 22:54 - 2014-01-30 23:49 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000Core.job
2014-09-29 23:07 - 2014-01-03 19:44 - 00000000 ____D () C:\Users\Anatol\AppData\Roaming\vlc
2014-09-29 19:56 - 2014-03-31 19:10 - 64913408 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-29 19:56 - 2014-03-31 19:10 - 00270336 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-29 19:56 - 2014-03-31 19:09 - 46997504 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-09-29 19:56 - 2014-03-31 19:09 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-29 19:56 - 2014-03-31 19:09 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-29 19:56 - 2013-12-29 04:54 - 00000000 ____D () C:\Users\Anatol
2014-09-29 01:02 - 2014-07-19 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-09-29 00:48 - 2014-01-12 18:22 - 00000000 ____D () C:\ProgramData\IObit
2014-09-29 00:47 - 2014-03-28 00:57 - 00003096 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-09-29 00:47 - 2014-03-28 00:57 - 00002888 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-09-29 00:46 - 2014-03-28 00:57 - 00002856 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Anatol
2014-09-29 00:46 - 2014-03-28 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-09-28 22:07 - 2014-01-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-28 19:18 - 2013-12-29 05:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-25 20:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 00:56 - 2014-07-23 22:04 - 00000000 ____D () C:\Users\Anatol\Desktop\Wichtige Dateien von nexus 5
2014-09-25 00:27 - 2014-01-09 01:09 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-24 23:32 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-09-24 23:32 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-09-24 23:32 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 20:37 - 2014-01-01 20:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 20:37 - 2014-01-01 20:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 20:37 - 2014-01-01 20:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 23:57 - 2009-07-14 06:45 - 00296120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 19:09 - 2014-01-01 20:44 - 00000000 ____D () C:\ProgramData\Skype
2014-09-17 21:38 - 2013-12-30 18:29 - 01592628 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-17 21:36 - 2013-12-30 02:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 21:17 - 2013-12-30 02:11 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-17 21:15 - 2014-04-28 16:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 09:06 - 2013-12-29 06:23 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 18:14 - 2014-08-26 20:34 - 00000000 ____D () C:\Users\Anatol\.gimp-2.8
2014-09-13 18:13 - 2014-02-12 07:40 - 00000000 ____D () C:\ProgramData\CanonIJPLM
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-29 20:36
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-10-2014
Ran by Anatol at 2014-10-05 20:05:27
Running from C:\Users\Anatol\Desktop\Neuer Ordner
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E4490157-303F-F06F-FB6E-D2053A43A182}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0405.2205.37728 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0405.2205.37728 - Ihr Firmenname) Hidden
Attitude Gaming Network - Last Chaos Version Episode 2 (HKLM-x32\...\{FCBEBB23-6D2E-4E97-AA4E-DD7335C53598}_is1) (Version: Episode 2 - [ADM]Chicken.ShooT)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.7 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
IObit Apps Toolbar v9.6 (HKLM-x32\...\{4A2F13C3-F5C2-416B-AB75-68EAA4A5BC66}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
LastChaosGER (HKLM-x32\...\{A86A50FC-7C22-478B-BAEF-82393328825F}) (Version: 1.00.000 - Barunsongames CO., LTD.)
Markets.com MetaTrader (HKLM-x32\...\Markets.com MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SUPER © v2014.build.61+Recorder (2014/06/19) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.61+Recorder - eRightSoft)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TP-LINK TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WEB.DE Online-Speicher 1.7.3288.0 (HKCU\...\WEB.DE Application {sync-000021}) (Version: 1.7.3288.0 - 1&1 Mail & Media GmbH)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.4 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2882583504-2096780920-3334146220-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anatol\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2882583504-2096780920-3334146220-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2882583504-2096780920-3334146220-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2882583504-2096780920-3334146220-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2882583504-2096780920-3334146220-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anatol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-09-2014 08:01:31 Windows Update
28-09-2014 17:26:44 Windows-Sicherung
28-09-2014 22:52:53 Windows Update
30-09-2014 22:21:52 Windows Update
05-10-2014 14:19:08 Windows Update
05-10-2014 17:00:20 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1A6C5085-4FBD-4B29-88E5-C931350EDC70} - System32\Tasks\ASC7_SkipUac_Anatol => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {1DFE12B8-B9D5-4052-8319-0E405DCEE7AD} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {22CB5282-D415-443E-920E-8978006D0570} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {31D3B14B-58CB-4A6E-B250-C9817FF00365} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-02] (Google Inc.)
Task: {34BDD314-57CF-48D0-A4CF-D9827ECEB108} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000Core => C:\Users\Anatol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-30] (Facebook Inc.)
Task: {3E465003-F9EE-43E8-B134-1043FDFC2D39} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {43689AC3-9528-4174-AA07-33CD8EC14606} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-07] (AVAST Software)
Task: {9D1CC1F4-F5EB-422E-8AB1-D55E2F4226F4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B60A7189-D053-4971-953D-117C075AC199} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000UA => C:\Users\Anatol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-30] (Facebook Inc.)
Task: {D1345209-E344-442D-AEA8-B7A485A394C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000Core.job => C:\Users\Anatol\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2882583504-2096780920-3334146220-1000UA.job => C:\Users\Anatol\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-04-05 22:58 - 2012-04-05 22:58 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 17:03 - 2012-03-05 17:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 15:53 - 2012-02-16 15:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-04-05 22:57 - 2012-04-05 22:57 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-12 07:52 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-06-04 13:40 - 2014-06-04 13:40 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-15 21:29 - 2014-06-04 18:12 - 00104448 _____ () C:\Users\Anatol\AppData\Local\WEB.DE Application {sync-000021}\ConfigWizard.dll
2014-02-15 21:29 - 2014-06-04 18:12 - 00051200 _____ () C:\Users\Anatol\AppData\Local\WEB.DE Application {sync-000021}\CoreBranding.dll
2012-04-05 22:57 - 2012-04-05 22:57 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-04-05 23:00 - 2012-04-05 23:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 00173568 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\quazip.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 01080832 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\platforms\qwindows.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 00833024 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-12-18 23:36 - 2014-08-21 23:22 - 00102344 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-12-18 23:36 - 2014-08-21 23:22 - 00108488 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 00030208 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\imageformats\qgif.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 00233984 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-12-18 23:36 - 2014-08-21 23:22 - 00563656 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-12-18 23:36 - 2014-08-21 23:22 - 00579016 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-04-01 22:21 - 2014-04-01 22:21 - 00159232 _____ () D:\Spiele\Programme\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2013-04-09 23:13 - 2013-03-01 14:13 - 01300816 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
2013-04-09 23:20 - 2014-09-28 20:55 - 02453496 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
2014-09-28 20:56 - 2014-09-28 20:56 - 04081656 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
2013-07-24 03:47 - 2013-07-24 03:47 - 00074752 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
2014-03-28 00:57 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-08-07 14:28 - 2014-08-07 14:28 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-04 18:09 - 2014-10-04 18:09 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100400\algo.dll
2014-10-05 16:15 - 2014-10-05 16:15 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100500\algo.dll
2014-03-28 00:57 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-03-28 00:57 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-03-28 00:57 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-03-28 00:57 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00052224 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00087552 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srau.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00167424 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 02437632 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00068608 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\spbl.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00160256 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-10-01 00:38 - 2014-10-01 00:38 - 00015872 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\siem.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00069632 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\sppsm.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00698368 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00016384 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00080384 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00028672 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00072192 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srut.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00031232 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srsbs.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00067072 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00152064 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\smti.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00075264 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\smsp.dll
2014-10-01 00:38 - 2014-10-01 00:38 - 00011776 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\sidc.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00032256 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\smtu.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00040448 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\smta.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00032768 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srom.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00049152 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srbu.dll
2014-10-01 00:38 - 2014-10-01 00:38 - 00026112 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\sgml.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00063488 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00026624 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srpdm.dll
2014-10-01 00:38 - 2014-10-01 00:38 - 00045056 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-10-01 00:33 - 2014-10-01 00:33 - 00026624 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00036864 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-10-01 00:39 - 2014-10-01 00:39 - 00257024 _____ () C:\Users\Anatol\AppData\Local\Smartbar\Application\srns.dll
2014-08-07 14:28 - 2014-08-07 14:28 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-28 20:56 - 2014-09-28 20:56 - 01636856 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotLauncher.dll
2014-09-17 21:00 - 2014-09-17 21:00 - 42975744 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\libcef.dll
2014-09-17 21:00 - 2014-09-17 21:00 - 01559552 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icui18n.dll
2014-09-17 21:00 - 2014-09-17 21:00 - 01241088 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icuuc.dll
2014-09-17 21:00 - 2014-09-17 21:00 - 04945408 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\v8.dll
2014-09-28 20:56 - 2014-09-28 20:56 - 01712640 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotRadsIO.dll
2013-07-24 03:46 - 2013-07-24 03:46 - 04774248 _____ () D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-09-28 19:39 - 2014-09-28 19:39 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Anatol\Documents\Ihre Registrierung - Ashampoo® Burning Studio 6 (F_vbv_de) (deutsch).eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: DivXMediaServer => c:\program files (x86)\divx\divx media server\divxmediaserver.exe
MSCONFIG\startupreg: DivXUpdate => "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: SearchSettings => c:\program files (x86)\common files\spigot\search settings\searchsettings.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2882583504-2096780920-3334146220-500 - Administrator - Disabled)
Anatol (S-1-5-21-2882583504-2096780920-3334146220-1000 - Administrator - Enabled) => C:\Users\Anatol
Gast (S-1-5-21-2882583504-2096780920-3334146220-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2882583504-2096780920-3334146220-1008 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/05/2014 07:02:31 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (10/04/2014 08:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6c0
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3
Error: (10/04/2014 06:39:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/03/2014 01:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3
Error: (10/02/2014 06:30:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/01/2014 11:04:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3
Error: (10/01/2014 00:22:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3
Error: (09/30/2014 10:38:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/30/2014 00:27:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6c0
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3
Error: (09/29/2014 11:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b8554
ID des fehlerhaften Prozesses: 0x10d0
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3
System errors:
=============
Error: (10/05/2014 04:16:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/05/2014 04:15:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
aswKbd
Error: (10/05/2014 04:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/05/2014 04:14:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst avast! Firewall erreicht.
Error: (10/04/2014 08:09:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/04/2014 08:09:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1352
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/04/2014 08:09:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/04/2014 06:10:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (10/04/2014 06:09:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
aswKbd
Error: (10/04/2014 06:08:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/05/2014 07:02:31 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (10/04/2014 08:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.04f7e4d8cDevice.dll4.1.0.04f55e10bc000000500000000000033c16c001cfdfed80003c40C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dlla47cee90-4bf1-11e4-b1d8-00248c69c9e2
Error: (10/04/2014 06:39:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (10/03/2014 01:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.04f7e4d8cDevice.dll4.1.0.04f55e10bc000000500000000000033c172401cfde5a310d64d0C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllb6e04eb0-4a89-11e4-8278-00248c69c9e2
Error: (10/02/2014 06:30:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (10/01/2014 11:04:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.04f7e4d8cDevice.dll4.1.0.04f55e10bc000000500000000000033c172401cfdda5bff4e610C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll8add3ed0-49ae-11e4-b5c5-00248c69c9e2
Error: (10/01/2014 00:22:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.04f7e4d8cDevice.dll4.1.0.04f55e10bc000000500000000000033c16a401cfdce7805b6880C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll534bffb0-48f0-11e4-8558-00248c69c9e2
Error: (09/30/2014 10:38:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (09/30/2014 00:27:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.04f7e4d8cDevice.dll4.1.0.04f55e10bc000000500000000000033c16c001cfdc0ed61f5440C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllc4c8b5d0-4827-11e4-9770-00248c69c9e2
Error: (09/29/2014 11:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b855410d001cfdc2978ab5550D:\Spiele\Programme\online\League of Legends\League of Legends\RADS\system\rads_user_kernel.exeD:\Spiele\Programme\online\League of Legends\League of Legends\RADS\system\rads_user_kernel.exeb7e0d9c0-481c-11e4-9770-00248c69c9e2
==================== Memory info ===========================
Processor: AMD Phenom(tm) 9950 Quad-Core Processor
Percentage of memory in use: 69%
Total physical RAM: 4094.49 MB
Available physical RAM: 1257.72 MB
Total Pagefile: 8187.16 MB
Available Pagefile: 5148.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.49 GB) (Free:86.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lokales Datenvolumen) (Fixed) (Total:1618.72 GB) (Free:726.69 GB) NTFS
Drive e: (Sicherrungen) (Fixed) (Total:97.65 GB) (Free:0 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.15 GB) (Free:0.09 GB) NTFS
Drive l: (Crysis 2) (CDROM) (Total:7.59 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 61777466)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1716.4 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
