Mit Malwarebytes habe ich schonmal gescannt, habe es allerdings vergessen die Logdatei einzustellen:stirn:
Von gestern: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 04.12.2014
Suchlauf-Zeit: 20:46:33
Logdatei:
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2014.12.04.09
Rootkit Datenbank: v2014.12.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 390821
Verstrichene Zeit: 6 Min, 45 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 2
PUP.Optional.SpeedCheck.A, C:\Windows\Tasks\SpeedCheck Update.job, In Quarantäne, [f6e3da84106ca98d5a26aca5d92a4cb4],
PUP.Optional.Speedcheck.A, C:\Windows\System32\Tasks\SpeedCheck Update, In Quarantäne, [4099104ea2da6bcbcab7024fc24136ca],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Von heute: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 05.12.2014
Suchlauf-Zeit: 21:32:53
Logdatei:
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2014.12.05.11
Rootkit Datenbank: v2014.12.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 390847
Verstrichene Zeit: 8 Min, 5 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 0
(Keine schädliche Elemente erkannt)
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Ich hatte Malwarebytes schon auf dem PC installiert, bevor ich dieses Programm hatte.. Deshalb habe ich auch schon etwa 5 mal gescannt. Vielleicht hilft es den letzten Scan auch mit rein zu packen. Hier hatte ich das Problem schon.
1.12.2014: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.12.2014
Suchlauf-Zeit: 19:40:07
Logdatei:
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.09.15.07
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 374517
Verstrichene Zeit: 8 Min, 0 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1840, Löschen bei Neustart, [bd36cf1e0279f442b35a862c51b0827e]
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 26
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [bd36cf1e0279f442b35a862c51b0827e],
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, In Quarantäne, [bd36cf1e0279f442b35a862c51b0827e],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YTDownloader, In Quarantäne, [3db6787582f92f078e175e24828009f7],
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.37.0.1419, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [05eede0fee8d181ea362adbc20e4cb35],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [549fda138af18fa7bbdf171b3fc4c739],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [797a7578423968ce71841f2963a1b34d],
PUP.Optional.Qone8, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [549f6d80fb80a3935e32f85cd82c42be],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0N2X1N, In Quarantäne, [797a7578423968ce71841f2963a1b34d]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 9
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [b83b05e8f388a591dee1a8418c76fb05],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [b83b05e8f388a591dee1a8418c76fb05],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
Dateien: 33
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [bd36cf1e0279f442b35a862c51b0827e],
Trojan.Agent, C:\Program Files (x86)\YTDownloader\YTDUninstall.exe, In Quarantäne, [3db6787582f92f078e175e24828009f7],
Trojan.Agent, C:\Users\Tim\AppData\Local\Temp\Install_31637\ytd.exe, In Quarantäne, [4fa440adaad1d2643a6b493930d21ee2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\config.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\manifest.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.dll, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro64.dll, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\Updater.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\install.rdf, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\config.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\database1_0_0.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.sys, In Quarantäne, [876ce706a1daee48c401e125fa095ea2],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, In Quarantäne, [6c87bb32c5b6af87923e8086b54eac54],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, In Quarantäne, [49aacb224536ca6c9140dc2afe052ad6],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, In Quarantäne, [797acd2062194fe7cc0659ad838044bc],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii32.exe, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii64.exe, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.json, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro.dll, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro64.dll, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\spbihe.js, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Hier hatte ich das Problem noch nicht... Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 15.09.2014
Suchlauf-Zeit: 16:54:36
Logdatei:
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.09.15.07
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366548
Verstrichene Zeit: 8 Min, 49 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 4
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [cd268964532871c541b2394bb44e6d93],
PUP.Optional.PCPerformer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PCPerformer_is1, In Quarantäne, [35be955827546bcbc965af56a45fef11],
PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [35be8d60f6858da9ec78333343c154ac],
Registrierungswerte: 3
PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR|DisplayName, webinstr, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02]
PUP.Optional.SpeedTest, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest199@BestOffers, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, In Quarantäne, [28cbd01dfa81af87abede0280102e020]
Trojan.Agent, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater, C:\ProgramData\Updater\updater.exe, In Quarantäne, [2fc439b4d6a569cd86ffb2a345bf06fa]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 7
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\CT3323737, In Quarantäne, [17dc40ad58233ef8b35a7e54ef1314ec],
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc],
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [c72c1ecf691252e44769d3167989ff01],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
Dateien: 76
PUP.Optional.AdLyrics, C:\Program Files (x86)\ver1SpeedCheck\b5SpeedCheckh25.exe, In Quarantäne, [08eb6a83c9b20f272a43d380639d25db],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$R1V0ZN1.exe, In Quarantäne, [c3304da07a01da5ce71e00304db449b7],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$ROY0O0U.exe, In Quarantäne, [1bd833bac9b2dc5aa3626dc3907105fb],
PUP.Optional.Conduit.A, C:\Users\Chiara\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [fef58a635a210f2790b332fc25dc768a],
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsnF7C4.exe, In Quarantäne, [48ab935a3f3c49ed0151a396ea17df21],
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsxF2F9.exe, In Quarantäne, [27ccb736483355e1bd955bde639ee21e],
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsxF5DF.exe, In Quarantäne, [0ce76b821a6159dd4f03cd6c36cbd12f],
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nshAA3E.exe, In Quarantäne, [0ee569847efd0a2ca8aa2b0e629f827e],
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsnA83B.exe, In Quarantäne, [bc37d914106b46f0cc8695a425dc13ed],
PUP.Optional.NewPlayer, C:\Users\Tim\AppData\Local\Temp\92EFtmp\newvideoplayersetup.exe, In Quarantäne, [71827e6f5c1fc86e9ac93b7a8879936d],
PUP.Optional.SearchHijacker.A, C:\Users\Tim\AppData\Local\Temp\92F0tmp\lly_istartsurf.exe, In Quarantäne, [906311dcbac1023438331d9129d828d8],
Trojan.Agent, C:\Users\Tim\AppData\Local\Temp\is-ESLEQ.tmp\netlogger.exe, In Quarantäne, [63906786730842f4c001258fdd24ab55],
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\nsh90F2\SpSetup.exe, In Quarantäne, [af44816c176472c4c57e5ad4c04132ce],
PUP.Optional.AdLyrics, C:\Users\Tim\AppData\Local\Temp\92F1tmp\3333-2081_speedcheck.exe, In Quarantäne, [6a89eb02314a3ef8a3caada6e61af40c],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsf7CFE.exe, In Quarantäne, [a053d21b9ddeda5c143ea09924dd9967],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh51CB.exe, In Quarantäne, [d91a599475060e28fa58e15879880ef2],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh5FD0.exe, In Quarantäne, [e40f628bfb80e2540e4401380ff2f709],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm5BF9.exe, In Quarantäne, [c82bdf0e4239f83eb1a10d2cf40dd927],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm8910.exe, In Quarantäne, [f20105e857241a1c450df049c63b0cf4],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm89AC.exe, In Quarantäne, [a84bfdf015665adc61f199a0956cce32],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss51BC.exe, In Quarantäne, [0de6af3eeb90de5820320f2a1de408f8],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv70DD.exe, In Quarantäne, [af440be287f40630aca658e1ca3732ce],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv8104.exe, In Quarantäne, [33c0b5382358a096ef63e356a958817f],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsw2684.exe, In Quarantäne, [757e01ec90eb38fee36ffb3e36cb5da3],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nswC015.exe, In Quarantäne, [22d137b66b1058de440e53e6a55c31cf],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxAA38.exe, In Quarantäne, [747f8a639cdf8fa7db77d0698180fd03],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsa70FC.exe, In Quarantäne, [3fb45a93295257df2929c772ef126a96],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscA661.exe, In Quarantäne, [688be70695e6c373a6acbe7b649d5ba5],
PUP.Optional.DomaIQ, C:\Users\Tim\Downloads\Player Setup (1).exe, In Quarantäne, [f003faf3710ad165ae336ce73dc3cb35],
PUP.Optional.DomaIQ, C:\Users\Tim\Downloads\Player Setup.exe, In Quarantäne, [faf9d31aaccfa88ed908aea5689832ce],
PUP.Optional.PCPerformer.A, C:\Windows\System32\Tasks\PC Performer Logon Scan, In Quarantäne, [d71c01ec1c5ff145f99bbd47669daa56],
PUP.Optional.PCPerformer.A, C:\Windows\System32\Tasks\PC Performer Scheduled Scan, In Quarantäne, [db18e409a6d594a2dfb553b15ea5956b],
PUP.Optional.PCPerformer, C:\Windows\performersoftsetup.dll, In Quarantäne, [559e7776205b7db932fa81847093b54b],
PUP.Optional.Superfish.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [2ac9a24b7902a78f842697836c973cc4],
PUP.Optional.Superfish.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [6c875a937cff69cd4961f02a669d55ab],
PUP.Optional.Websteroids.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage, In Quarantäne, [599a3db0abd0d3634edb38ed2dd66799],
PUP.Optional.Websteroids.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, In Quarantäne, [f8fb97560675340261c83ee7c43feb15],
PUP.Optional.AddLyrics, C:\Windows\System32\drivers\webinstr.sys, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02],
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\CT3323737\ddt.csf, In Quarantäne, [17dc40ad58233ef8b35a7e54ef1314ec],
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc],
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc],
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc],
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [c72c1ecf691252e44769d3167989ff01],
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [c72c1ecf691252e44769d3167989ff01],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome.manifest, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\icon.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\install.rdf, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\background.html, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.xml, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\config.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\content.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.xul, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\jquery-1.9.1.min.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\options.xul, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\rjs.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\settings.json, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\subscriptloader.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin\framework.css, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4],
PUP.Optional.IStartSurf.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\preferences, Gut: (), Schlecht: ( "search_url": "hxxp://www.istartsurf.com/web/?type=ds&ts=1410290519&from=tugs&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525&q={searchTerms}"), Ersetzt,[73807b728deecd694c21c36d0ff69769]
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) :dankeschoen:
Hier noch den FRST log:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Tim (administrator) on SPIELE-PC-DIETZ on 06-12-2014 14:21:29
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgemca.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {3ad8cc06-2842-11e4-b6df-5404a667c7bf} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {7aeabb5e-d847-11e3-8a0a-5404a667c7bf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {8022c7e1-0128-11e4-a871-5404a667c7bf} - F:\Startme.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {c447e447-7c6d-11e3-b9be-5404a667c7bf} - G:\SETUP.EXE
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA318F53FECBCE01
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-28]
FF HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Firefox\Extensions: [{38193564-FF03-06D0-0062-53FFFF2F9C05}] - C:\Program Files (x86)\ver1SpeedCheck\178.xpi
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1417363290&from=amt&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-02]
CHR Extension: (WOT) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-02]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVGIDSAgent; D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
S2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [226080 2012-12-06] (H+H Software GmbH)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 14:21 - 2014-12-06 14:22 - 00019652 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-12-06 14:21 - 2014-12-06 14:21 - 00000000 ____D () C:\Users\Tim\Downloads\FRST-OlderVersion
2014-12-05 16:04 - 2014-12-05 16:09 - 00000000 ____D () C:\Users\Tim\AppData\Local\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00437645 _____ () C:\Users\Tim\Downloads\SnippingToolPlusv3-4-1-0.zip
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\ProgramData\www.rene-zeidler.de
2014-12-05 16:03 - 2014-12-05 16:03 - 01174352 _____ () C:\Users\Tim\Downloads\Snipping Tool Plus - CHIP-Installer.exe
2014-12-05 16:01 - 2014-12-05 16:01 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT64.exe
2014-12-05 15:54 - 2014-12-05 15:54 - 00000000 ____D () C:\Users\Tim\Downloads\Neuer Ordner
2014-12-04 20:55 - 2014-12-04 20:55 - 00001406 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Desktop\JRT64.exe
2014-12-04 16:31 - 2014-12-04 16:31 - 00045568 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-12-04 16:30 - 2014-12-04 16:30 - 00036404 _____ () C:\Users\Tim\Desktop\Addition.txt
2014-12-04 16:26 - 2014-12-06 14:21 - 00000000 ____D () C:\FRST
2014-12-04 16:25 - 2014-12-06 14:21 - 02118144 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-12-04 15:41 - 2014-12-04 15:41 - 00001415 _____ () C:\Users\Tim\Desktop\AdwCleaner[R3].txt
2014-12-03 15:13 - 2014-12-03 15:13 - 00000000 _____ () C:\Users\Tim\AppData\Local\{7449D0F4-AD5C-4D8A-BA98-687BB5203CD2}
2014-12-02 17:53 - 2014-12-02 17:53 - 00001068 _____ () C:\Users\Tim\Desktop\BMW.lnk
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-02 17:21 - 2014-12-06 14:16 - 00001464 _____ () C:\Windows\setupact.log
2014-12-02 17:21 - 2014-12-05 14:30 - 00004726 _____ () C:\Windows\PFRO.log
2014-12-02 17:21 - 2014-12-02 17:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 17:12 - 2014-12-02 17:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-12-02 17:08 - 2014-12-02 17:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-02 17:08 - 2014-12-02 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 17:08 - 2014-12-02 17:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-02 17:04 - 2014-12-02 17:05 - 00376202 _____ () C:\Users\Tim\Desktop\cc_20141202_170449.reg
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Stardock
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-12-02 16:07 - 2014-12-02 16:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-02 13:51 - 2014-12-02 13:51 - 00000000 ___DL () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-02 13:46 - 2014-12-02 15:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SymMover
2014-12-02 13:46 - 2014-12-02 13:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymMover
2014-12-02 13:44 - 2014-12-02 13:45 - 00000000 ____D () C:\Users\Tim\Symmover
2014-12-01 19:03 - 2014-12-01 19:03 - 00003132 _____ () C:\Windows\System32\Tasks\{2CB07BE7-18B5-42B0-9745-695514D19B69}
2014-11-30 17:01 - 2014-11-30 17:01 - 00004656 _____ () C:\Windows\SysWOW64\abengine.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00003086 _____ () C:\Windows\System32\Tasks\upfs7214
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\SysWOW64\abengineOff.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\system32\abengineOff.ini
2014-11-30 17:01 - 2014-11-23 23:23 - 00370584 _____ (Abengine) C:\Windows\system32\abengine64.dll
2014-11-30 16:57 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\itesing
2014-11-30 15:52 - 2014-12-01 19:00 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Anvsoft
2014-11-30 15:52 - 2014-11-30 15:52 - 00000000 ____D () C:\Users\Tim\Documents\Any Video Converter
2014-11-30 14:45 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\MAGIX_Software_GmbH
2014-11-29 15:04 - 2014-11-29 15:04 - 00000000 __SHD () C:\Users\Tim\AppData\Local\EmieBrowserModeList
2014-11-29 14:28 - 2014-11-30 15:56 - 00538128 _____ () C:\Users\Tim\Desktop\2014_09 HB-HH-HB.MVP
2014-11-22 22:43 - 2014-11-22 22:43 - 00000000 ____D () C:\Users\Tim\Desktop\Xperia Z
2014-11-22 21:08 - 2014-11-22 22:41 - 00000000 ____D () C:\Users\Tim\Desktop\Handy fotos
2014-11-21 15:32 - 2014-11-22 13:17 - 00000000 ____D () C:\Users\Tim\Desktop\Fotos Videos papa
2014-11-19 16:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-13 17:32 - 2014-11-13 17:32 - 00000000 __SHD () C:\Users\Chiara\AppData\Local\EmieBrowserModeList
2014-11-13 17:07 - 2014-11-13 17:07 - 01942161 _____ () C:\Users\Chiara\Downloads\wave-interference_en.jar
2014-11-13 17:07 - 2014-11-13 17:07 - 00000000 ____D () C:\Users\Chiara\.phet
2014-11-12 15:44 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:44 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:44 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:44 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 15:44 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 15:44 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:44 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:44 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:44 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:44 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:44 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:44 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:44 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:44 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 15:44 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:44 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:44 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 15:44 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 15:44 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:44 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:44 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:44 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:44 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:44 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:44 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:44 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:43 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:43 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:43 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:43 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:43 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:43 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:43 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-07 20:05 - 2014-11-07 20:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 14:21 - 2013-10-18 12:54 - 01514819 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 14:19 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-12-06 14:18 - 2014-10-18 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-12-06 14:18 - 2014-09-15 15:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 14:18 - 2013-11-17 13:10 - 00000000 ____D () C:\Users\Tim\AppData\Local\HTC MediaHub
2014-12-06 14:17 - 2014-05-10 16:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 14:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:33 - 2013-10-20 12:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-05 21:30 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-05 16:13 - 2014-05-10 16:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 14:31 - 2014-09-09 20:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-05 14:27 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-04 20:36 - 2014-09-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-04 15:40 - 2014-09-14 18:41 - 00000000 ____D () C:\AdwCleaner
2014-12-04 15:10 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-12-02 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-02 17:05 - 2013-10-18 13:57 - 00000000 ____D () C:\Windows\pss
2014-12-02 13:44 - 2013-10-18 12:55 - 00000000 ____D () C:\Users\Tim
2014-12-01 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-01 19:53 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-12-01 18:56 - 2014-05-10 16:16 - 00000000 ____D () C:\Users\Chiara\AppData\Local\LogMeIn Hamachi
2014-12-01 18:56 - 2013-11-17 12:35 - 00000000 ____D () C:\Users\Chiara\AppData\Local\HTC MediaHub
2014-11-30 20:23 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-11-30 20:23 - 2014-07-02 19:46 - 00000000 ____D () C:\Users\Tim\Desktop\Neuer Ordner
2014-11-30 20:23 - 2014-05-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-30 20:23 - 2014-03-15 10:29 - 00000000 ____D () C:\Users\Tim\Desktop\Papa musik
2014-11-30 20:23 - 2013-11-02 09:53 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\vlc
2014-11-30 20:23 - 2013-10-30 16:44 - 00000000 ____D () C:\Users\Chiara
2014-11-30 20:23 - 2013-10-27 16:26 - 00000000 ____D () C:\Users\Tim\Documents\BMW
2014-11-30 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-30 17:06 - 2014-01-13 16:35 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-11-30 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 17:02 - 2014-10-08 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
2014-11-30 17:02 - 2014-08-26 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-30 17:02 - 2014-08-25 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-30 17:02 - 2014-07-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-11-30 17:02 - 2014-06-25 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 17:02 - 2014-06-22 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-30 17:02 - 2014-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gabelstapler Simulator 2009
2014-11-30 17:02 - 2014-02-27 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-30 17:02 - 2014-01-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-30 17:02 - 2014-01-14 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-11-30 17:02 - 2013-12-06 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 17:02 - 2013-10-20 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-30 17:02 - 2013-10-20 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-30 17:02 - 2013-10-20 12:53 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-30 17:02 - 2013-10-18 12:55 - 00000000 ___RD () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:02 - 2011-05-06 23:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-30 17:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:01 - 2013-10-21 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-30 14:44 - 2014-02-23 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MAGIX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 11:37 - 2011-03-15 22:23 - 00714496 _____ () C:\Windows\system32\perfh007.dat
2014-11-23 11:37 - 2011-03-15 22:23 - 00154218 _____ () C:\Windows\system32\perfc007.dat
2014-11-23 11:37 - 2009-07-14 06:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 17:21 - 2013-10-27 16:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 15:32 - 2013-10-18 13:38 - 00170632 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 06:14 - 2014-09-15 15:54 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 15:08 - 2014-05-10 16:15 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 15:08 - 2014-05-10 16:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:29 - 2014-06-07 20:19 - 00000000 ____D () C:\Users\Chiara\Desktop\Server
2014-11-16 15:42 - 2013-11-17 12:23 - 00170632 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 15:41 - 2009-07-14 05:45 - 00563992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 15:38 - 2013-11-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-16 15:38 - 2013-11-17 12:32 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-16 15:37 - 2013-11-17 12:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Downloaded Installations
2014-11-16 15:36 - 2013-11-17 12:32 - 00000000 ____D () C:\Temp
2014-11-13 04:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2014-05-06 15:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:11 - 2014-01-13 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:08 - 2013-10-25 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2013-10-25 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 13:54 - 2014-09-10 15:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\AVG Web TuneUp
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Local\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-09 12:49 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-08 13:49 - 2014-11-01 20:39 - 00000000 ____D () C:\Users\Tim\Documents\Flight Simulator X-Dateien
2014-11-07 21:24 - 2013-12-27 21:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-11-07 20:05 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\Cobra11_Highway_Nights_Demo.exe
C:\Users\Tim\AppData\Local\Temp\sdan.exe
C:\Users\Tim\AppData\Local\Temp\sdapk.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-29 18:24
==================== End Of Log ============================ --- --- ---
--- --- ---
Und die Addtition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Tim at 2014-12-06 14:22:37
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.22 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies)
AVG 2014 (Version: 14.0.4235 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield Play4Free (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
City Bus Simulator 2010 - Gold Edition (HKLM-x32\...\{9FB088BB-47DC-452C-BE8E-036E2243B4C8}) (Version: 1.00 - TML-Studios)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version: - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCM1410LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Grafiktreiber 268.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
PhotoDose 5.1 (HKLM-x32\...\Photo Dose_is1) (Version: - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version: - )
Spotify (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SymMover (HKLM-x32\...\SymMover) (Version: - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\WorldofTanks) (Version: - WorldofTanks)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programme\Blender\BlendThumb64.dll ()
==================== Restore Points =========================
29-11-2014 17:30:59 Geplanter Prüfpunkt
30-11-2014 16:04:23 Removed HTC Driver Installer.
30-11-2014 19:18:51 Wiederherstellungsvorgang
01-12-2014 18:50:51 Revo Uninstaller's restore point - WorldofTanks
02-12-2014 16:15:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03324725-91F2-4B5C-A034-E26110AD72B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {1730127B-3E29-42CB-AD15-B14A2EB8B95B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {228DB8E0-BDB0-416C-8661-F1C426CE6A1D} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe
Task: {2290C1E2-D480-4D07-ACBA-D30E54D25E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {46E19EE6-1150-4B65-B080-3F036BB2871A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {70025206-866D-480E-9860-AFE98A976CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7CC1D3D8-5232-47EE-95C7-469EB2280DBF} - System32\Tasks\Google Updater and Installer => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8A02BA2F-0469-4455-A941-35993C066343} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {9997E983-4740-486F-B30F-C421F9BE7C9F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {A0495D01-3C2C-4F92-88DD-4BF1E014A182} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {AA38C0B9-AA52-4279-B5E3-47FE3B27E3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D510C4F0-0979-42C5-9014-D59588772E17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3274256860-3384179074-2863741347-1000
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-06 23:25 - 2010-11-03 10:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-05-06 23:25 - 2010-12-02 03:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-05-06 23:25 - 2010-10-21 10:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-10-24 13:38 - 2014-10-24 13:38 - 00613944 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 23:25 - 2014-12-06 14:16 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-05-06 23:25 - 2010-06-29 03:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-11-03 11:04 - 2014-11-03 11:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 11:06 - 2014-11-03 11:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 11:07 - 2014-11-03 11:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 36966968 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-27 22:05 - 2014-10-27 22:05 - 00117248 _____ () C:\Users\Tim\AppData\Roaming\itesing\marfacat.dll
2011-05-06 23:25 - 2011-01-12 19:53 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-05-06 23:25 - 2009-08-13 05:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-05-06 23:25 - 2011-02-17 20:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-05-06 23:25 - 2011-01-20 21:09 - 00964096 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-05-06 23:26 - 2011-03-12 04:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-05-06 23:26 - 2011-01-06 19:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-05-06 23:25 - 2011-01-14 01:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-05-06 23:25 - 2010-09-28 05:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-05-06 23:25 - 2011-01-08 01:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-05-06 23:25 - 2010-08-07 03:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-05-06 23:25 - 2010-08-07 03:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-05-06 23:25 - 2010-08-23 03:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00867896 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00886840 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00108600 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:F1A5FE8B
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => D:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
========================= Accounts: ==========================
Administrator (S-1-5-21-3274256860-3384179074-2863741347-500 - Administrator - Disabled)
Chiara (S-1-5-21-3274256860-3384179074-2863741347-1003 - Limited - Enabled) => C:\Users\Chiara
Gast (S-1-5-21-3274256860-3384179074-2863741347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274256860-3384179074-2863741347-1002 - Limited - Enabled)
Tim (S-1-5-21-3274256860-3384179074-2863741347-1000 - Administrator - Enabled) => C:\Users\Tim
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223
System errors:
=============
Error: (12/06/2014 02:20:19 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070420
Error: (12/06/2014 02:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/05/2014 09:31:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221
Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8104.29 MB
Available physical RAM: 4851.17 MB
Total Pagefile: 16206.77 MB
Available Pagefile: 12791.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:552.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1103.63 GB) (Free:756.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=745.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1103.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |