Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Pc ist zu langsam Und ich habe keine ahnugn, was ich tun soll (https://www.trojaner-board.de/162240-pc-langsam-habe-keine-ahnugn-tun.html)

PcAnfängerxD 28.12.2014 21:48
Pc ist zu langsam Und ich habe keine ahnugn, was ich tun soll
 
Hallo mein Name ist Justin, und bin nun das 2. mal bei Trojaner-Board um nach hilfe zu suchen.
Mein Problem besteht darin, dass mein Computer langsamer wird und ich weiß nicht wieso.
Ich selbst habe keine ahnung, worin das problem bestehen könnte, deswegen setze ich meine volle hoffnung in euch.

Bootsektor 28.12.2014 21:54
:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


PcAnfängerxD 28.12.2014 23:28
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Gast at 2014-12-28 23:27:14
Running from C:\Users\Gast\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Akamai) (Version:  - Akamai Technologies, Inc)
allday savings (HKLM\...\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A) (Version: 2.0.1 - allday savings)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version:  - Nexon)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4310 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1210.30) (Version: 3.5.1210.30 - Solveig Multimedia)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
Logitech Z-series Software 1.04 (HKLM\...\{B38BCB00-1C17-48F5-BB94-584BB89D34D0}) (Version: 1.04.153 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION!
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SmartSaver+ 15 (HKLM-x32\...\SmartSaver+ 15) (Version: 1.35.11.26 - smart-saverplus) <==== ATTENTION
Spotify (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Spotify) (Version: 0.9.14.11.g7e298e37 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb77600 (HKLM-x32\...\{79BB0733-58A2-486C-AA02-F9BAB929EFF8}) (Version: 1.0.0 - MSR) <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Treiber-Studio 2013 (HKLM\...\{2D3471B9-8671-46F0-9947-4C0DB6234403}) (Version: 8.1.428 - Publish Data)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list restore points.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-27 14:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


==================== Loaded Modules (whitelisted) =============

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AVM WLAN Connection Service => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: ClaraUpdater => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
MSCONFIG\startupreg: FLV Player => C:\Users\Margit\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
MSCONFIG\startupreg: GameforgeLive => "C:\Program Files (x86)\GameforgeLive\gfl_client.exe" -autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7D78684C04D130A2BFD725AA212F80C4 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: Spotify => "C:\Users\Margit\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Margit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

========================= Accounts: ==========================


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Systemfehler 5 aufgetreten.

Zugriff verweigert


==================== Memory info ===========================

Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 7918.12 MB
Available physical RAM: 5702.02 MB
Total Pagefile: 15834.41 MB
Available Pagefile: 13174.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.21 GB) (Free:34.95 GB) NTFS
Drive d: () (Fixed) (Total:270.45 GB) (Free:210.69 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Gast (ATTENTION: The logged in user is not administrator) on JUSTIN-PC on 28-12-2014 23:26:09
Running from C:\Users\Gast\Downloads
Loaded Profiles: Margit & Gast (Available profiles: Margit & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [416080 2014-12-18] (Perfect World Entertainment)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [GoogleChromeAutoLaunch_BB36B386FC91F3D4CC09C0FCB27081F3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Akamai NetSession Interface] => C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Speed AutoClicker] => C:\Users\Gast\Desktop\SpeedAutoClicker.exe [179200 2013-09-24] (fabi.me)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
URLSearchHook: [S-1-5-21-3413827966-1155256820-1680526860-1000] ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: SmartSaver+ 15 -> {11111111-1111-1111-1111-110611171196} -> C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll No File
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-501: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gast\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (From Dust) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Adblock Plus) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-30]
CHR Extension: (Google-Suche) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (Play Doraemon) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\diecmpcjhogeapcbiengjaglpkbaeana [2014-05-30]
CHR Extension: (Goku Games Collection) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccaelkmmfpncdjmihpnhoifcaghbgak [2014-05-30]
CHR Extension: (Cargo Bridge) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2014-05-30]
CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien [2014-05-30]
CHR Extension: (Google Wallet) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-30]
CHR Extension: (Google Mail) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [dapejillpcnbpfidhfkpidklcombbmel] - C:\Users\Margit\AppData\Local\CRE\dapejillpcnbpfidhfkpidklcombbmel.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [hfimjncgpflkpkhbnnblhblobjjjhjhd] - C:\Program Files (x86)\qualitink\hfimjncgpflkpkhbnnblhblobjjjhjhd.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jpfpfhlafnadialopcnmpnnonkoncnej] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3625\ch\MediaBuzzV1mode3625.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oeajfgfbfkoagohfgaimemkippdnedli] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release393\ch\RichMediaViewV1release393.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "eventlog" service could not be unlocked. <===== ATTENTION

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S4 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-06] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-15] ()
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-18] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-15] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R1 {50c078f1-4117-4aad-852a-0b3bbfb46b18}Gw64; C:\Windows\System32\drivers\{50c078f1-4117-4aad-852a-0b3bbfb46b18}Gw64.sys [61112 2014-04-24] (StdLib)
S3 ALSysIO; \??\C:\Users\Margit\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 drvr; \??\C:\Windows\system32\drivers\drvr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 23:22 - 2014-12-28 23:22 - 00000000 ____D () C:\FRST
2014-12-28 17:16 - 2014-12-28 17:16 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-27 02:19 - 2014-12-27 02:42 - 00000000 ___HD () C:\ArcTemp
2014-12-27 02:07 - 2014-12-28 23:13 - 00000000 ____D () C:\Program Files (x86)\Arc
2014-12-22 20:49 - 2014-12-22 20:49 - 00000000 ____D () C:\AeriaGames
2014-12-20 19:01 - 2014-12-20 19:01 - 00000000 ____D () C:\Windows\system32\log
2014-12-20 18:30 - 2014-12-20 18:32 - 00000000 ____D () C:\Kaminfeuer Comprehensive Edition 1080 - Eigene Kaminansichten
2014-12-20 18:30 - 2014-12-20 18:30 - 00000000 ____D () C:\Program Files (x86)\Kaminfeuer Comprehensive Edition 1080
2014-12-20 18:30 - 2013-06-19 18:54 - 26682880 _____ (Jochen Moschko) C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr
2014-12-20 18:30 - 2013-06-19 18:54 - 00193296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00111376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCIDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InetDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00000414 _____ () C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr.manifest
2014-12-20 18:27 - 2013-06-19 18:54 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00099866 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DE.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00072704 _____ (Microsoft Corporation) C:\Windows\ST5UNST.EXE
2014-12-20 18:27 - 2013-06-19 18:54 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5StKit.dll
2014-12-18 13:19 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:19 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 14:04 - 2014-12-11 14:04 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 21:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 21:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 11:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 11:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 11:53 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 11:53 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 11:53 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 11:53 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 11:53 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:53 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 11:53 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 11:53 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 11:53 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:53 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:53 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 11:53 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 11:53 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 11:53 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:53 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 11:53 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 11:53 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:53 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 11:53 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 11:53 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 11:53 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:53 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 11:53 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 11:53 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 11:53 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 11:53 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 11:53 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 11:53 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 11:53 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 11:53 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 11:53 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 11:53 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 11:53 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 11:53 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 11:53 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 11:53 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:53 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 11:53 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 11:53 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 11:53 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:53 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 11:53 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 11:53 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 11:53 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 11:53 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 11:53 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 11:53 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 11:53 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 11:53 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 11:53 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 11:53 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 11:53 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 11:53 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 11:53 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 11:53 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:53 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 11:53 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 11:52 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 11:52 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 11:52 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 11:52 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 11:52 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 11:52 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 11:52 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 11:52 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 22:03 - 2014-12-09 22:03 - 00000000 ____D () C:\Program Files\DivX
2014-12-09 21:12 - 2014-12-09 22:03 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-11-29 11:24 - 2014-11-29 11:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-28 18:44 - 2014-11-28 18:44 - 00000000 ____D () C:\Program Files (x86)\c8ccf9fa-7a1d-4523-896f-e42f5552dd59
2014-11-28 18:43 - 2014-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Search Extensions

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 23:20 - 2014-04-14 12:47 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-12-28 23:20 - 2012-12-17 10:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-28 23:15 - 2014-04-17 19:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-28 23:07 - 2014-03-14 16:07 - 00000000 ____D () C:\Program Files\HitmanPro
2014-12-28 23:07 - 2014-02-15 09:27 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-12-28 23:06 - 2014-05-26 09:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-28 23:05 - 2014-07-31 00:37 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-12-28 21:23 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 21:23 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 21:19 - 2012-12-17 10:33 - 01335007 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 21:16 - 2014-10-24 13:04 - 00014917 _____ () C:\Windows\setupact.log
2014-12-28 21:16 - 2013-06-13 12:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-28 17:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-24 19:24 - 2012-12-17 10:39 - 00000000 ____D () C:\Users\Margit
2014-12-23 16:07 - 2012-12-21 11:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 13:37 - 2014-08-21 15:29 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-22 12:31 - 2013-02-17 13:41 - 00000000 ____D () C:\Windows\pss
2014-12-21 16:54 - 2009-07-14 05:45 - 00389080 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-21 16:53 - 2014-10-24 13:03 - 00018864 _____ () C:\Windows\PFRO.log
2014-12-18 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 14:20 - 2014-02-20 16:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-11 14:04 - 2014-05-07 00:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 14:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 14:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 22:01 - 2013-07-13 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:58 - 2012-12-17 12:29 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 20:19 - 2012-12-17 13:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 20:19 - 2012-12-17 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-01 16:10 - 2012-12-17 19:27 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-12-01 16:10 - 2012-12-17 19:27 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-12-01 16:10 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

Bootsektor 29.12.2014 00:29
Hallo Justin,

bitte mache den Scan mit FRST mit Administratorenrechten nochmals, hake dabei das Feld addition.txt an. Danke.

PcAnfängerxD 29.12.2014 16:06
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Margit at 2014-12-29 16:05:04
Running from C:\Users\Gast\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Akamai) (Version:  - Akamai Technologies, Inc)
allday savings (HKLM\...\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A) (Version: 2.0.1 - allday savings)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira System Speedup 1.5 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.5 - 2000 - 2014 Avira Operations GmbH & Co. KG)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version:  - Nexon)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4310 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FLV Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\FLV Player) (Version: 1.1 - Somoto Ltd.) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1210.30) (Version: 3.5.1210.30 - Solveig Multimedia)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
Logitech Z-series Software 1.04 (HKLM\...\{B38BCB00-1C17-48F5-BB94-584BB89D34D0}) (Version: 1.04.153 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION!
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SmartSaver+ 15 (HKLM-x32\...\SmartSaver+ 15) (Version: 1.35.11.26 - smart-saverplus) <==== ATTENTION
Spotify (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Spotify (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Spotify) (Version: 0.9.14.11.g7e298e37 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb77600 (HKLM-x32\...\{79BB0733-58A2-486C-AA02-F9BAB929EFF8}) (Version: 1.0.0 - MSR) <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Treiber-Studio 2013 (HKLM\...\{2D3471B9-8671-46F0-9947-4C0DB6234403}) (Version: 8.1.428 - Publish Data)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION
YouTube (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659) (Version: 1.0.9.53204 - Pokki)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

27-12-2014 02:07:19 Installiert Arc
27-12-2014 02:48:32 Installed NVIDIA PhysX
28-12-2014 17:13:53 Removed LogMeIn Hamachi
28-12-2014 17:15:32 Installed LogMeIn Hamachi
28-12-2014 19:00:37 Windows-Sicherung
28-12-2014 23:00:21 Removed BlueStacks Notification Center
28-12-2014 23:03:20 Removed Samsung Kies3
28-12-2014 23:07:41 Loong Dragonblood wurde entfernt.
28-12-2014 23:09:31 Removed NVIDIA PhysX
28-12-2014 23:13:17 Removed Bonjour
29-12-2014 00:37:38 Avira System Speedup 1.5
29-12-2014 00:39:15 Erstelle Systemwiederherstellungspunkt bevor Junk-Dateien gelöscht werden

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-27 14:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00BFA346-0F61-4DB5-94CB-5A5D7D52CFB9} - System32\Tasks\{E853544F-29DE-4A80-9A15-633B15B19F21} => pcalua.exe -a C:\Users\Margit\AVM_Driver\FWLAN\pushinst.exe -d C:\Users\Margit\AVM_Driver\FWLAN
Task: {03AADB71-BB80-49F1-88BA-F99B59D1B6A8} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-7 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-7.exe <==== ATTENTION
Task: {03EA357E-52D0-413D-8D49-E1F45E0A4E95} - System32\Tasks\{06818C6F-1EE9-4624-BF19-CF01A8F021B5} => C:\Users\Margit\Downloads\chromeinstall-7u21 (1).exe
Task: {06BB9677-1401-45D0-9ABA-DFAF608AC7F0} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-3 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-3.exe <==== ATTENTION
Task: {09733722-776A-45A9-9129-2522CFC891A1} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {0B1358DA-D690-4549-A6FA-1AFA26FBC371} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-1 => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: {0C568E9E-8980-4DDA-A3AE-7F06A0BF85AF} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-1 => C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe <==== ATTENTION
Task: {0D6A0BA9-DF4E-4168-8AB5-2A3CA14209C1} - System32\Tasks\{2A83181E-E6A5-40A8-A1E7-0EDC4B1878FC} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {120F3038-D6AB-45D6-BA09-4D6610684BB2} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-6 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-6.exe <==== ATTENTION
Task: {128220D3-42FE-45F3-8149-555FB38DD8A8} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5_user => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-5.exe <==== ATTENTION
Task: {17427C4D-28CC-4B5A-8FD8-169A6749B4CA} - System32\Tasks\19d601e6-660f-49ec-a835-cad8ac3f3bc5 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-4.exe <==== ATTENTION
Task: {1F34B0D5-B054-42DE-A0C4-BC12095BA138} - System32\Tasks\{F42E840F-C5C0-4AE3-B967-3B87823AF4F0} => pcalua.exe -a E:\Setup\Setup.exe -d E:\
Task: {24723AB7-117D-437B-89F4-20634CDC8F09} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {24D9D543-971D-4236-B7BE-9A35544A7215} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-11 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-11.exe <==== ATTENTION
Task: {27D18596-A4E7-49C1-8B22-1C09B93019FA} - System32\Tasks\{25E61622-D504-4687-8CA0-DB1AE11A2406} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {3125A5D9-5466-4492-AB39-C3CC3275B630} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: {333C954D-759E-44B8-8A20-DDFDE24FDC83} - System32\Tasks\{F80032B6-FD8B-4C37-B4C9-F1D860EE2A6E} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {39873E48-0EA1-40B0-BEDF-CC81429EBA43} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-5.exe <==== ATTENTION
Task: {3CD639F6-8AD5-4455-B0E4-320967B3959E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {3E880599-19D0-424F-A0A9-F7A6C5E35E47} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-11 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-11.exe <==== ATTENTION
Task: {406E74AB-D31A-46D1-98F7-D0AF34EBF753} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-4 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-4.exe <==== ATTENTION
Task: {408161EA-4870-4E07-8E72-72EFA6EC3E90} - System32\Tasks\{F960AAB2-4C92-4C84-A958-DA87CFCD15FA} => pcalua.exe -a C:\Users\Margit\AVM_Driver\FWLAN\setup.exe -d C:\Users\Margit\AVM_Driver\FWLAN
Task: {414285DD-F86E-4FCB-91B8-50E84BE70E7A} - System32\Tasks\{9ACF3A99-E37B-43E0-A2AD-257222583004} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {4D631D49-3C48-428C-8669-7B90400A4711} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {4EBBCC70-8C9A-4670-90FA-8DFDFB0FD382} - System32\Tasks\{D1CBE8AD-32B1-4506-BCBC-71D28B9CD788} => pcalua.exe -a C:\Users\Margit\AppData\Local\Temp\{96C5A240-4257-448F-9F47-7D5C20A5C931}\setup.exe -d "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154"
Task: {4F341244-7A43-4425-98A3-31C14D63C1B5} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {51367041-B77D-410F-AF6F-70B86CD7DEF0} - System32\Tasks\{12D0D921-EA07-4C9E-984C-D9DB7599421C} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {527B4FD9-950D-4912-8AFA-CB39A7C691C9} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: {53DFE9F6-69FB-46AF-87B1-41A072EA47C5} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-4 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-4.exe <==== ATTENTION
Task: {57E857AC-D073-4F22-878D-3036530C67BC} - System32\Tasks\{127E358C-5CE0-4EC3-8BCE-A39481B22E42} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {597DEE36-BDBA-4B26-9FF6-A92D39DFDC16} - System32\Tasks\{25BCCB07-CC7E-41B9-883B-3186D30FAB59} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {5BC605D6-B780-4D41-9511-A48FFAA21B42} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {5D4C3598-0056-4C1B-B7CD-5E71AF7FF81F} - System32\Tasks\{AD5AFC9C-1A7A-4481-95C9-331FF3137DF4} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5F99CCCE-3299-42DA-9619-746671EF331A} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2014-12-11] (Avira Operations GmbH & Co. KG)
Task: {60935525-4DF8-4537-8D64-80B0ADDEEC19} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-3 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-3.exe <==== ATTENTION
Task: {626F3468-8501-4E35-BFE2-45C98209441A} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {6313AF1E-5AAB-424D-B3B2-BECBAC75A2DE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {65A0F700-07AC-464E-A0FC-FD3E558C0D11} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: {6B497FF9-1746-4952-8B20-16C385CBAF27} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-5.exe <==== ATTENTION
Task: {6D28985A-2C73-4074-8695-5B1B5191F109} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {6F532C9A-5BA9-4604-9E4D-F6B89FCFE5A7} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-2 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-2.exe <==== ATTENTION
Task: {6F80F16B-C2A1-4FA3-9357-20AB8F652410} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-3 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-3.exe <==== ATTENTION
Task: {6FFB1919-1FA9-4CDB-8523-686D2F9EA261} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {7D4E2D8C-5977-410D-AB87-06F5F8ED33E9} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-7 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-7.exe <==== ATTENTION
Task: {81B2819A-2FD4-4C10-A88D-FECDB52F6DA8} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-14] (ASUSTeK Computer Inc.)
Task: {84C6E91E-F093-48D0-B835-B6B05DD178DD} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-6 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-6.exe <==== ATTENTION
Task: {8B2C9AE4-5B90-4160-A208-2DBF97EBDF77} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1 => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: {8DBD1D33-B987-496D-A965-503153B9C155} - System32\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-7 => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-7.exe <==== ATTENTION
Task: {8F1573B8-40CD-4F08-9747-4577890147F9} - System32\Tasks\{10699523-0978-4EEC-B551-6B7DFEBF3E5B} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {93C744C3-25E6-4F60-B4F9-D657D1C1157E} - System32\Tasks\c362ce50-406e-4b59-873c-a9fd42ea9d9e => C:\Program Files (x86)\SmartSaver+ 15\c362ce50-406e-4b59-873c-a9fd42ea9d9e.exe <==== ATTENTION
Task: {98E89165-6ADF-4DB0-A1CF-2817E7C275C0} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-6 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-6.exe <==== ATTENTION
Task: {9952CC9E-442F-4C72-8559-FD64B07CFAD6} - System32\Tasks\{749B462B-1FCA-4DAD-9483-A1A03E48C574} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {A0D0F3C3-4813-41D0-A87E-93C239A1BF83} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-2 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-2.exe <==== ATTENTION
Task: {A47A0592-6656-4E9D-82FC-DB24584F8713} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {A562D2CB-6317-4ED9-98CE-7282382063B9} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5_user => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-5.exe <==== ATTENTION
Task: {B2D997F3-3C2B-4580-827C-8D10073AC37D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3413827966-1155256820-1680526860-1000Core => C:\Users\Margit\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B41DC9CA-413E-4BFC-ADAF-20114A8D82DB} - System32\Tasks\{891AAF44-5CAE-4B8A-931F-D71ADD64C53D} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {B746A350-8CCC-44B0-A11C-ADACF1731324} - System32\Tasks\{38081923-7D7F-4245-AE6B-B3FD6CADCB7B} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {B7BDC3B0-800B-48A1-A1EC-6E182B7AB7BF} - System32\Tasks\{135D557F-798B-4B30-9EF1-83F4CB2E14BF} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {BCEA647A-F118-4805-A05B-DA46186DF91B} - System32\Tasks\{19C2391B-B695-4206-ACEC-CFC188BFEAB6} => C:\Users\Margit\Desktop\HGWC Bypass\HGWC Bypass.exe
Task: {C247E5A5-194C-4C76-843C-BF61A1590952} - System32\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-4 => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-4.exe <==== ATTENTION
Task: {C48504B3-C984-4B65-8844-8EFD37641110} - System32\Tasks\{F33716A5-2C9C-4596-B5E9-8FAC56D6A5FF} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5CD14679-0F5A-4924-8C08-554D89A6A680}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{5CD14679-0F5A-4924-8C08-554D89A6A680}"
Task: {C951DF7B-DC4E-44BE-B1CF-8D0CD6E8EAD2} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-11.exe <==== ATTENTION
Task: {D424A41E-977B-4BC1-8465-571E3CAC97CE} - System32\Tasks\{CEED9F63-5F09-41F1-9A60-A21377CA528B} => C:\Users\Margit\Downloads\chromeinstall-7u21 (1).exe
Task: {D4A1E8FE-F77F-42B3-B38D-32D785A6D231} - System32\Tasks\{CA88250D-EDE0-415D-A7D9-80E1432B7A09} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {D6FDA0FC-3C68-4B92-ACFE-0CEE5DFE361D} - System32\Tasks\{27FC4681-DE2C-4C93-A5B5-F85ADDA5CD22} => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-12-13] (LogMeIn Inc.)
Task: {DF5648D2-25DC-4486-8F81-58F34C2D1376} - System32\Tasks\{C5C32378-3A80-41C0-A496-CB252C3EF91D} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {E05E5C77-C910-41BD-BA85-15707E2C0ACB} - System32\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2 => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-2.exe <==== ATTENTION
Task: {F5DC1BEA-DC5E-4B37-91FC-D34DAEF58010} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {F80EF664-B8BB-4371-AAA1-B250253DE11D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F8237811-A5CF-4425-B59D-3FAC773AB9D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3413827966-1155256820-1680526860-1000UA => C:\Users\Margit\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\19d601e6-660f-49ec-a835-cad8ac3f3bc5.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-3.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-4.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-6.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-7.job => C:\Program Files (x86)\TheHDvid-Codec V10\1db16b81-14f2-458c-8501-52fcd3ac4400-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-3.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-4.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-6.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-6.exeš/agentregpath='TheHDvid-Codec V10-nv' /appid=63315 /srcid='001824' /subid='0' /zdata='0' /bic=2047F6FA6C1E42E7938D3A81108A62CAIE /verifier=f569e54ab8bce34ccfbe790e98a5d492 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408631176 /statsdomain=hxxp://stats.inputgenserv.com /errorsdomain=hxxp://errors.inputgenserv.com /codedownloaddomain=hxxp://cr.install-daddy.com /defbro=ch /DllName32ToInjectToChrome='61099b86-a8d2-47b2-b788-4f68057e44e9.dll' /DllName64ToInjectToChrome='b7ce8f58-1cdd-43db-8e12-2bb2bb58c94c.dll' /nova64bitexe='3bd2a66d-6045-4320-bce5-355ba9209e38-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-7.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-7.exe´/updateapp /agentregpath='TheHDvid-Codec V10-nv' /appid=63315 /srcid='001824' /subid='0' /zdata='0' /bic=2047F6FA6C1E42E7938D3A81108A62CAIE /verifier=f569e54ab8bce34ccfbe790e98a5d492 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408631176 /statsdomain=hxxp://stats.inputgenserv.com /errorsdomain=hxxp://errors.inputgenserv.com /codedownloaddomain=hxxp://cr.install-daddy.com /defbro=ch /DllName32ToInjectToChrome='61099b86-a8d2-47b2-b788-4f68057e44e9.dll' /DllName64ToInjectToChrome='b7ce8f58-1cdd-43db-8e12-2bb2bb58c94c.dll' /nova64bitexe='3bd2a66d-6045-4320-bce5-355ba9209e38-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-1.job => C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-11.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-2.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-3.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-4.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5_user.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-6.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-7.job => C:\Program Files (x86)\SmartSaver+ 15\9b68a00a-4766-445b-85fd-a270c214116a-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\c362ce50-406e-4b59-873c-a9fd42ea9d9e.job => C:\Program Files (x86)\SmartSaver+ 15\c362ce50-406e-4b59-873c-a9fd42ea9d9e.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-04-29 22:25 - 2013-04-29 22:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 15:03 - 2012-03-05 15:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 13:53 - 2012-02-16 13:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-04-15 20:29 - 2014-05-29 14:39 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-15 20:29 - 2014-05-29 14:39 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-12-12 11:32 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 11:32 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 11:32 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 11:32 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 11:32 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AVM WLAN Connection Service => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: ClaraUpdater => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
MSCONFIG\startupreg: FLV Player => C:\Users\Margit\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
MSCONFIG\startupreg: GameforgeLive => "C:\Program Files (x86)\GameforgeLive\gfl_client.exe" -autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7D78684C04D130A2BFD725AA212F80C4 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: Spotify => "C:\Users\Margit\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Margit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3413827966-1155256820-1680526860-500 - Administrator - Disabled)
Gast (S-1-5-21-3413827966-1155256820-1680526860-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3413827966-1155256820-1680526860-1004 - Limited - Enabled)
Margit (S-1-5-21-3413827966-1155256820-1680526860-1000 - Administrator - Enabled) => C:\Users\Margit

==================== Faulty Device Manager Devices =============

Name: hamachi
Description: hamachi
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2014 03:43:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2014 03:02:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6f0
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (12/29/2014 00:31:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2014 00:28:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (12/28/2014 11:13:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bobrowser.exe, Version: 36.0.1985.136, Zeitstempel: 0x546b1ea6
Name des fehlerhaften Moduls: chrome.dll, Version: 36.0.1985.136, Zeitstempel: 0x546b1e3f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000f6338
ID des fehlerhaften Prozesses: 0x1ed4
Startzeit der fehlerhaften Anwendung: 0xbobrowser.exe0
Pfad der fehlerhaften Anwendung: bobrowser.exe1
Pfad des fehlerhaften Moduls: bobrowser.exe2
Berichtskennung: bobrowser.exe3

Error: (12/28/2014 11:11:26 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: JUSTIN-PC)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.

Error: (12/28/2014 09:17:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/28/2014 09:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x8cc
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (12/28/2014 08:50:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/28/2014 08:43:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x65c
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3


System errors:
=============
Error: (12/29/2014 03:02:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/29/2014 00:47:21 AM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/29/2014 00:34:14 AM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/29/2014 00:28:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/28/2014 11:48:47 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/28/2014 11:29:32 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/28/2014 11:27:16 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/28/2014 11:27:14 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/28/2014 11:27:14 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (12/28/2014 11:27:14 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (12/29/2014 03:43:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2014 03:02:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c16f001d022f62347af44C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllb71d6f96-8efe-11e4-9c8a-50465d9054db

Error: (12/29/2014 00:31:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/29/2014 00:28:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c17e801d022db1eb83566C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll2df68155-8ee9-11e4-8535-50465d9054db

Error: (12/28/2014 11:13:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bobrowser.exe36.0.1985.136546b1ea6chrome.dll36.0.1985.136546b1e3fc0000005000f63381ed401d022eb7078d8beC:\Users\Margit\AppData\Local\BoBrowser\Application\bobrowser.exeC:\Users\Margit\AppData\Local\BoBrowser\Application\36.0.1985.136\chrome.dllb313e1d3-8ede-11e4-8535-50465d9054db

Error: (12/28/2014 11:11:26 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: JUSTIN-PC)
Description: 1C:\Program Files (x86)\LPT\linmsl.exelinmsl05117110680

Error: (12/28/2014 09:17:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/28/2014 09:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c18cc01d022d768bf3f91C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllfebbc3c4-8ecd-11e4-9da0-50465d9054db

Error: (12/28/2014 08:50:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/28/2014 08:43:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c165c01d022a27db843adC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dlld799bacd-8ec9-11e4-a358-50465d9054db


CodeIntegrity Errors:
===================================
  Date: 2014-05-27 15:13:08.635
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-27 15:13:08.557
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 7918.12 MB
Available physical RAM: 5291.7 MB
Total Pagefile: 15834.41 MB
Available Pagefile: 12590.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.21 GB) (Free:39.04 GB) NTFS
Drive d: () (Fixed) (Total:270.45 GB) (Free:210.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A844CCAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Margit (administrator) on JUSTIN-PC on 29-12-2014 16:03:44
Running from C:\Users\Gast\Downloads
Loaded Profiles: Margit & Gast (Available profiles: Margit & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [416080 2014-12-18] (Perfect World Entertainment)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Margit\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Margit\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [FLV Player] => C:\Users\Margit\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [uTorrent] => "C:\Users\Margit\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [GoogleChromeAutoLaunch_BB36B386FC91F3D4CC09C0FCB27081F3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Akamai NetSession Interface] => C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Speed AutoClicker] => C:\Users\Gast\Desktop\SpeedAutoClicker.exe [179200 2013-09-24] (fabi.me)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bcbinit.vbs ()
Startup: C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyEnable: [S-1-5-19] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-19] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-20] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-20] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-21-3413827966-1155256820-1680526860-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3413827966-1155256820-1680526860-1000] => http=127.0.0.1:50416;https=127.0.0.1:50416
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408631283&from=ild&uid=HitachiXHDS721050CLA360_JP1572FR1P92PK1P92PKX
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> DefaultScope {B45C6E68-E31C-45D8-AD1E-4DE9B593D291} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1408631283&from=ild&uid=HitachiXHDS721050CLA360_JP1572FR1P92PK1P92PKX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {B45C6E68-E31C-45D8-AD1E-4DE9B593D291} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: SmartSaver+ 15 -> {11111111-1111-1111-1111-110611171196} -> C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll No File
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default
FF NetworkProxy: "type",
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Margit\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-501: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gast\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Amazon-Icon - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\amazon-icon@giga.de [2014-02-02]
FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org [2013-10-20]
FF Extension: qualitink - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox@qualitink.net [2013-11-15]
FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org.xpi [2013-10-20]
FF HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF
FF HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Firefox\Extensions: [{4444b3b9-67e2-4ab0-b4b6-2ed87c311594}] - C:\Program Files (x86)\Re-Markable\150.xpi
FF Extension: No Name - C:\Program Files (x86)\AmiExt\flashEnhancer\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home238\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release393\ff [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-15]
CHR Extension: (YouTube) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-27]
CHR Extension: (Google-Suche) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-27]
CHR Extension: (AdBlock Premium) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Mail) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-27]
CHR HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Chrome\Extension: [dapejillpcnbpfidhfkpidklcombbmel] - C:\Users\Margit\AppData\Local\CRE\dapejillpcnbpfidhfkpidklcombbmel.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dapejillpcnbpfidhfkpidklcombbmel] - C:\Users\Margit\AppData\Local\CRE\dapejillpcnbpfidhfkpidklcombbmel.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [hfimjncgpflkpkhbnnblhblobjjjhjhd] - C:\Program Files (x86)\qualitink\hfimjncgpflkpkhbnnblhblobjjjhjhd.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jpfpfhlafnadialopcnmpnnonkoncnej] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3625\ch\MediaBuzzV1mode3625.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oeajfgfbfkoagohfgaimemkippdnedli] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release393\ch\RichMediaViewV1release393.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S4 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-06] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-15] ()
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-18] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-15] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R1 {50c078f1-4117-4aad-852a-0b3bbfb46b18}Gw64; C:\Windows\System32\drivers\{50c078f1-4117-4aad-852a-0b3bbfb46b18}Gw64.sys [61112 2014-04-24] (StdLib)
S3 ALSysIO; \??\C:\Users\Margit\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 drvr; \??\C:\Windows\system32\drivers\drvr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-29 00:38 - 2014-12-29 00:38 - 00001129 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk
2014-12-29 00:37 - 2014-12-29 00:43 - 00000000 ____D () C:\Users\Margit\AppData\Local\AviraSpeedup
2014-12-29 00:37 - 2014-12-29 00:37 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2014-12-29 00:37 - 2014-12-29 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2014-12-29 00:02 - 2014-12-29 00:02 - 00000000 __SHD () C:\Users\Gast\AppData\Local\EmieBrowserModeList
2014-12-28 23:27 - 2014-12-28 23:27 - 00018331 _____ () C:\Users\Gast\Downloads\Addition.txt
2014-12-28 23:26 - 2014-12-29 16:04 - 00030814 _____ () C:\Users\Gast\Downloads\FRST.txt
2014-12-28 23:22 - 2014-12-29 16:03 - 00000000 ____D () C:\FRST
2014-12-28 23:09 - 2014-12-28 23:09 - 00000000 __SHD () C:\Users\Margit\AppData\Local\EmieBrowserModeList
2014-12-28 21:55 - 2014-12-28 21:55 - 02123264 _____ (Farbar) C:\Users\Gast\Downloads\FRST64.exe
2014-12-28 21:09 - 2014-12-28 21:09 - 00001164 _____ () C:\Users\Public\Desktop\NosTale.lnk
2014-12-28 21:09 - 2014-12-28 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE)
2014-12-28 20:52 - 2014-12-28 20:52 - 01054912 _____ (Adobe) C:\Users\Gast\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe
2014-12-28 17:48 - 2014-12-28 17:48 - 05225026 _____ () C:\Users\Gast\Downloads\huzuni.zip
2014-12-28 17:16 - 2014-12-29 15:49 - 00000000 ____D () C:\Users\Gast\AppData\Local\LogMeIn Hamachi
2014-12-28 17:16 - 2014-12-28 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-28 17:16 - 2014-12-28 17:16 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-28 17:11 - 2014-12-28 17:11 - 08536064 _____ () C:\Users\Gast\Downloads\hamachi291.msi
2014-12-28 17:05 - 2014-12-28 17:05 - 00000000 ____D () C:\Users\Margit\AppData\Local\Logitech
2014-12-27 02:50 - 2014-12-27 02:50 - 00000000 ____D () C:\Users\Margit\Documents\Raiderz
2014-12-27 02:19 - 2014-12-27 02:42 - 00000000 ___HD () C:\ArcTemp
2014-12-27 02:12 - 2014-12-27 02:17 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Arc
2014-12-27 02:12 - 2014-12-27 02:12 - 00000000 ____D () C:\Users\Public\Documents\Arc
2014-12-27 02:07 - 2014-12-28 23:13 - 00000000 ____D () C:\Program Files (x86)\Arc
2014-12-27 02:07 - 2014-12-27 02:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-12-27 02:06 - 2014-12-27 02:06 - 10189400 _____ (Perfect World Entertainment) C:\Users\Gast\Downloads\ArcInstall_v20141223a.exe
2014-12-27 01:30 - 2014-12-27 01:33 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\FiestaOnline
2014-12-25 18:09 - 2014-12-25 18:09 - 00094899 _____ () C:\Users\Gast\Downloads\SpeedAutoClicker.zip
2014-12-25 18:09 - 2013-09-24 10:14 - 00179200 _____ (fabi.me) C:\Users\Gast\Desktop\SpeedAutoClicker.exe
2014-12-25 01:11 - 2014-12-25 01:11 - 00000018 _____ () C:\Users\Gast\Downloads\bl.ini
2014-12-23 23:25 - 2014-12-23 23:25 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\7road
2014-12-23 21:27 - 2014-12-27 13:12 - 00171358 _____ () C:\Users\Gast\Downloads\xape.rar
2014-12-23 21:27 - 2014-12-23 21:28 - 00000000 ____D () C:\Users\Gast\Desktop\Neuer Ordner (2)
2014-12-23 18:02 - 2014-12-25 22:55 - 00001527 _____ () C:\Users\Gast\Downloads\Acc.ini
2014-12-23 18:01 - 2014-12-23 18:02 - 11166208 _____ (mfbot.de) C:\Users\Gast\Downloads\MFBot-3402-x64.exe
2014-12-22 20:49 - 2014-12-22 20:49 - 00000000 ____D () C:\AeriaGames
2014-12-22 20:44 - 2014-12-28 23:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Akamai
2014-12-22 13:37 - 2014-12-22 13:37 - 01214778 _____ () C:\Users\Margit\Downloads\mbam-log-2014-12-22 (12-49-48).xml
2014-12-21 18:35 - 2014-12-25 00:49 - 00000000 ____D () C:\Users\Margit\AppData\Local\mfbot.de
2014-12-20 19:02 - 2014-12-20 19:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Elex-tech
2014-12-20 19:01 - 2014-12-20 19:01 - 00000000 ____D () C:\Windows\system32\log
2014-12-20 18:41 - 2014-12-23 18:02 - 00000000 ____D () C:\Users\Gast\AppData\Local\mfbot.de
2014-12-20 18:30 - 2014-12-20 18:32 - 00000000 ____D () C:\Kaminfeuer Comprehensive Edition 1080 - Eigene Kaminansichten
2014-12-20 18:30 - 2014-12-20 18:30 - 00002074 _____ () C:\Users\Margit\Desktop\Kaminfeuer Comprehensive Edition 1080 starten.lnk
2014-12-20 18:30 - 2014-12-20 18:30 - 00001313 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaminfeuer Comprehensive Edition 1080.LNK
2014-12-20 18:30 - 2014-12-20 18:30 - 00000000 ____D () C:\Program Files (x86)\Kaminfeuer Comprehensive Edition 1080
2014-12-20 18:30 - 2013-06-19 18:54 - 26682880 _____ (Jochen Moschko) C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr
2014-12-20 18:30 - 2013-06-19 18:54 - 00193296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00111376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCIDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InetDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00000414 _____ () C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr.manifest
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start
2014-12-20 18:27 - 2013-06-19 18:54 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00099866 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DE.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00072704 _____ (Microsoft Corporation) C:\Windows\ST5UNST.EXE
2014-12-20 18:27 - 2013-06-19 18:54 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5StKit.dll
2014-12-18 13:19 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:19 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 14:04 - 2014-12-11 14:04 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 21:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 21:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 11:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 11:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 11:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 11:53 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 11:53 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 11:53 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 11:53 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 11:53 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:53 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 11:53 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 11:53 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 11:53 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:53 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:53 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 11:53 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 11:53 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 11:53 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:53 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 11:53 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 11:53 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:53 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 11:53 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 11:53 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 11:53 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:53 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 11:53 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 11:53 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 11:53 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 11:53 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 11:53 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 11:53 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 11:53 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 11:53 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 11:53 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 11:53 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 11:53 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 11:53 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 11:53 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 11:53 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:53 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 11:53 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 11:53 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 11:53 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:53 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 11:53 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 11:53 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 11:53 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 11:53 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 11:53 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 11:53 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 11:53 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 11:53 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 11:53 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 11:53 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 11:53 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 11:53 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 11:53 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 11:53 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:53 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 11:53 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 11:52 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 11:52 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 11:52 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 11:52 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 11:52 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 11:52 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 11:52 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 11:52 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 11:52 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 11:52 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 22:03 - 2014-12-09 22:03 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\DivX
2014-12-09 22:03 - 2014-12-09 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-12-09 22:03 - 2014-12-09 22:03 - 00000000 ____D () C:\Program Files\DivX
2014-12-09 21:12 - 2014-12-09 22:03 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-07 12:23 - 2014-12-07 12:23 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-12-07 12:23 - 2014-12-07 12:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\TeamSpeak 3 Client
2014-12-06 20:44 - 2014-12-06 20:44 - 00000000 ___RD () C:\Users\Gast\Documents\Notes
2014-11-29 11:31 - 2014-11-29 11:31 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TeamViewer
2014-11-29 11:24 - 2014-11-29 11:24 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-29 11:24 - 2014-11-29 11:24 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-29 11:24 - 2014-11-29 11:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-29 16:00 - 2014-07-11 15:37 - 00000280 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-12-29 15:56 - 2014-10-21 18:56 - 00004154 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-6.job
2014-12-29 15:51 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-29 15:51 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-29 15:48 - 2012-12-17 10:33 - 01361043 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 15:45 - 2014-05-30 11:22 - 00109152 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 15:44 - 2014-11-28 18:44 - 00005506 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-6.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00005172 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-11.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00005170 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-7.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00004482 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-4.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00003458 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-3.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00003440 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-1.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00002434 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5_user.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00002434 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-5.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00002098 _____ () C:\Windows\Tasks\9b68a00a-4766-445b-85fd-a270c214116a-2.job
2014-12-29 15:42 - 2014-11-28 18:44 - 00001444 _____ () C:\Windows\Tasks\c362ce50-406e-4b59-873c-a9fd42ea9d9e.job
2014-12-29 15:42 - 2014-10-24 13:04 - 00015029 _____ () C:\Windows\setupact.log
2014-12-29 15:42 - 2014-10-22 21:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-29 15:42 - 2014-10-21 18:57 - 00002442 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5_user.job
2014-12-29 15:42 - 2014-10-21 18:57 - 00002442 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-5.job
2014-12-29 15:42 - 2014-10-21 18:57 - 00002106 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-2.job
2014-12-29 15:42 - 2014-10-21 18:56 - 00005180 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-11.job
2014-12-29 15:42 - 2014-10-21 18:56 - 00004490 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-4.job
2014-12-29 15:42 - 2014-10-21 18:56 - 00003810 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-7.job
2014-12-29 15:42 - 2014-10-21 18:56 - 00003466 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-3.job
2014-12-29 15:42 - 2014-10-21 18:56 - 00003456 _____ () C:\Windows\Tasks\1db16b81-14f2-458c-8501-52fcd3ac4400-1.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00004492 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00004154 _____ () C:\Windows\Tasks\19d601e6-660f-49ec-a835-cad8ac3f3bc5.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00003130 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-3.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00002672 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-4.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00002270 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-7.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00002218 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-6.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00001848 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00001702 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00001682 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-12-29 15:42 - 2014-08-21 15:26 - 00001412 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-12-29 15:42 - 2014-07-11 15:37 - 00000274 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-12-29 15:42 - 2014-04-17 20:18 - 00000412 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-12-29 15:42 - 2013-06-13 12:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-29 15:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-29 15:42 - 2009-07-14 05:45 - 00390200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-29 02:43 - 2012-12-21 11:53 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Skype
2014-12-29 02:31 - 2014-10-22 21:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-29 02:18 - 2012-12-17 13:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-29 00:58 - 2014-07-25 22:41 - 00000000 ____D () C:\Users\Margit\AppData\Local\LogMeIn Hamachi
2014-12-29 00:49 - 2014-06-18 16:44 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Skype
2014-12-29 00:37 - 2014-02-20 16:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-29 00:37 - 2012-12-17 10:46 - 00109152 _____ () C:\Users\Margit\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 00:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-29 00:29 - 2014-10-24 13:03 - 00020610 _____ () C:\Windows\PFRO.log
2014-12-28 23:20 - 2014-04-14 12:48 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Samsung
2014-12-28 23:20 - 2014-04-14 12:48 - 00000000 ____D () C:\Users\Margit\AppData\Local\Samsung
2014-12-28 23:20 - 2014-04-14 12:47 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-12-28 23:20 - 2014-02-06 16:59 - 00000000 ____D () C:\ProgramData\Samsung
2014-12-28 23:20 - 2012-12-17 10:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-28 23:17 - 2014-09-20 19:14 - 00000000 ____D () C:\ProgramData\NexonUS
2014-12-28 23:16 - 2014-03-20 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-12-28 23:16 - 2014-03-20 21:56 - 00000000 ____D () C:\ProgramData\MAGIX
2014-12-28 23:15 - 2014-04-17 19:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-28 23:15 - 2014-03-20 21:59 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Premium_Download_Version
2014-12-28 23:13 - 2014-11-28 18:45 - 00000000 ____D () C:\Users\Margit\AppData\Local\BoBrowser
2014-12-28 23:10 - 2013-04-03 16:02 - 00000000 ____D () C:\ProgramData\InstallMate
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Opera Software
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Users\Margit\AppData\Local\Opera Software
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-28 23:07 - 2014-03-14 16:07 - 00000000 ____D () C:\Program Files\HitmanPro
2014-12-28 23:07 - 2014-02-15 09:27 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-28 23:07 - 2014-02-15 09:27 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-12-28 23:06 - 2014-05-26 09:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-28 23:05 - 2014-07-31 00:37 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-12-28 23:01 - 2013-09-09 09:48 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-12-28 23:01 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-28 21:25 - 2014-09-28 15:33 - 00000000 ____D () C:\Users\Gast\Desktop\Floral Flyff Client
2014-12-28 21:24 - 2014-08-17 18:25 - 00000000 ____D () C:\Users\Margit\Downloads\Gameforge Live
2014-12-28 20:53 - 2012-12-21 17:09 - 00000000 ____D () C:\Users\Margit\AppData\Local\Adobe
2014-12-28 18:55 - 2014-07-12 17:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\.minecraft
2014-12-28 17:21 - 2012-12-08 20:26 - 00000000 ____D () C:\Users\Gast\Desktop\Minecraft Bukkit Server 1.6.4
2014-12-28 17:07 - 2014-11-28 18:43 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-12-28 17:06 - 2014-05-03 21:34 - 00000000 ____D () C:\Users\Margit\AppData\Local\Akamai
2014-12-25 18:10 - 2014-07-09 09:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\fabi.me
2014-12-25 13:51 - 2014-11-06 16:05 - 00000000 ____D () C:\Users\Margit\AppData\Local\Windows Live
2014-12-24 21:16 - 2014-07-16 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Craften Terminal
2014-12-24 19:24 - 2012-12-17 10:39 - 00000000 ____D () C:\Users\Margit
2014-12-23 16:07 - 2012-12-21 11:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 21:07 - 2013-08-26 20:18 - 00000000 ____D () C:\Users\Margit\Documents\My Games
2014-12-22 21:05 - 2014-06-23 20:16 - 00000000 ____D () C:\Users\Gast\Documents\My Games
2014-12-22 13:37 - 2014-08-21 15:29 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-22 12:52 - 2014-04-19 22:04 - 00002948 _____ () C:\Windows\System32\Tasks\{9ACF3A99-E37B-43E0-A2AD-257222583004}
2014-12-22 12:52 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{CA88250D-EDE0-415D-A7D9-80E1432B7A09}
2014-12-22 12:52 - 2014-03-25 16:36 - 00003302 _____ () C:\Windows\System32\Tasks\{D1CBE8AD-32B1-4506-BCBC-71D28B9CD788}
2014-12-22 12:52 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{C5C32378-3A80-41C0-A496-CB252C3EF91D}
2014-12-22 12:52 - 2013-06-13 11:27 - 00002980 _____ () C:\Windows\System32\Tasks\{F80032B6-FD8B-4C37-B4C9-F1D860EE2A6E}
2014-12-22 12:51 - 2014-04-19 22:03 - 00002948 _____ () C:\Windows\System32\Tasks\{25E61622-D504-4687-8CA0-DB1AE11A2406}
2014-12-22 12:51 - 2014-04-19 22:02 - 00002948 _____ () C:\Windows\System32\Tasks\{2A83181E-E6A5-40A8-A1E7-0EDC4B1878FC}
2014-12-22 12:51 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{891AAF44-5CAE-4B8A-931F-D71ADD64C53D}
2014-12-22 12:51 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{25BCCB07-CC7E-41B9-883B-3186D30FAB59}
2014-12-22 12:51 - 2014-04-19 22:00 - 00002946 _____ () C:\Windows\System32\Tasks\{10699523-0978-4EEC-B551-6B7DFEBF3E5B}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{749B462B-1FCA-4DAD-9483-A1A03E48C574}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{38081923-7D7F-4245-AE6B-B3FD6CADCB7B}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002978 _____ () C:\Windows\System32\Tasks\{127E358C-5CE0-4EC3-8BCE-A39481B22E42}
2014-12-22 12:51 - 2013-05-14 17:59 - 00003038 _____ () C:\Windows\System32\Tasks\{AD5AFC9C-1A7A-4481-95C9-331FF3137DF4}
2014-12-22 12:51 - 2013-02-16 18:43 - 00002982 _____ () C:\Windows\System32\Tasks\{27FC4681-DE2C-4C93-A5B5-F85ADDA5CD22}
2014-12-22 12:46 - 2014-06-03 21:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Spotify
2014-12-22 12:31 - 2013-02-17 13:41 - 00000000 ____D () C:\Windows\pss
2014-12-20 19:11 - 2014-07-23 14:29 - 00000000 ____D () C:\Users\Gast\Desktop\Neuer Ordner
2014-12-20 19:02 - 2014-07-31 00:38 - 00002514 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-12-20 19:02 - 2013-05-01 11:11 - 00001213 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-20 13:05 - 2012-12-21 11:53 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 22:38 - 2014-06-19 17:39 - 00000000 ____D () C:\Users\Gast\AppData\Local\Game Dev Tycoon - Steam
2014-12-18 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 11:32 - 2014-10-22 21:22 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 14:20 - 2014-02-20 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-11 14:20 - 2013-12-14 14:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-11 14:04 - 2014-05-07 00:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 14:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 14:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 22:01 - 2013-07-13 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:58 - 2012-12-17 12:29 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 20:19 - 2012-12-17 13:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 20:19 - 2012-12-17 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 20:19 - 2012-12-17 13:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 22:03 - 2013-06-23 19:59 - 00000000 ____D () C:\ProgramData\DivX
2014-12-07 18:21 - 2014-07-13 20:37 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TS3Client
2014-12-01 16:10 - 2012-12-17 19:27 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-12-01 16:10 - 2012-12-17 19:27 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-12-01 16:10 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-30 18:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Margit\Desktopasdasd.exe
C:\Users\Margit\S4_League.exe


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-3-g9532cb6-b2887jnks.dll
C:\Users\Margit\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 11:54

==================== End Of Log ============================
--- --- ---

--- --- ---

Bootsektor 29.12.2014 21:37
Hallo Justin,


funktioniert Avira?

Ist der Proxy absichtlich im Internetexplorer gesetzt worden?

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

HDVidCodec
Java 7 Update 55
MyPC Backup
RocketTab
SmartSaver+ 15
System Update kb77600
WindowsMangerProtect20.0.0.722
Yahoo Community Smartbar

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.


Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

PcAnfängerxD 31.12.2014 13:54
Erstmal muss ich sagen, dass mein Pc die logfile einfach nicht anzeigen will ich selbst weiß nicht warum,deshalb würde ich fragen was ich nun tun soll, weil ich habe auch schon den oben an gegebenen text in die computer suchliste eingegeben C:\AdwCleaner\AdwCleaner[Sx].txt. aber er hat mir nichts angezeigt

Okay habe es doch geschafft
Code:
# AdwCleaner v4.106 - Bericht erstellt am 30/12/2014 um 19:55:32
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Local]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Margit - JUSTIN-PC
# Gestartet von : C:\Users\Gast\Downloads\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.95


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [38384 octets] - [30/12/2014 11:35:23]
AdwCleaner[R1].txt - [38445 octets] - [30/12/2014 11:47:59]
AdwCleaner[R2].txt - [1006 octets] - [30/12/2014 19:53:54]
AdwCleaner[S0].txt - [35401 octets] - [30/12/2014 12:03:35]
AdwCleaner[S1].txt - [931 octets] - [30/12/2014 19:55:32]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [990 octets] ##########

Bootsektor 31.12.2014 16:11
Hallo,

gut, dann weiter in der Anleitung :)

PcAnfängerxD 02.01.2015 12:36
Hallo ich kann in letzter Zeit nicht so oft an den Computer, deswegen wird es wahrscheinlich noch 1-2 tage dauern, bis ich wieder etwas in der liste abgearbeitet habe.
Ich hoffe sie haben Verständnis dafür :)

lg Justin

Bootsektor 02.01.2015 22:45
Hallo,

kein Problem, melde dich einfach hier in deinem Thread wieder, ich sehe das dann und vielen Dank fürs Bescheid sagen. :)

PcAnfängerxD 05.01.2015 20:25
Hallo ich werde Morgen mit der Liste weitermachen, nur damit sie bescheid wissen :)
LG: Justin :)

Bootsektor 05.01.2015 20:46
Hallo Justin,

danke für die Rückmeldung. Ich warte dann hier :)

PcAnfängerxD 14.01.2015 20:32
Ich finde es nicht egal was ich mache diese logfile von Mbam bringt mich zum wahnsinn ich will dieses Problem mit ihnen echt schnell beheben damit der rechner wieder normal läuft aber es funktioniert nicht ich finde diese logfile nicht Mbam suchte bei mit 7 std nach malware usw falls es noch etwas anderes sucht bin dann auch logfile exportieren gegangen, wie ich es sollte oder wie des heißt und dann Textokument.txt auf desktop aber da ist nichts

Ich will nicht noch länger ihre Zeit verbrauchen gibt es da irgendeinen code, den ich verwenden kann per Windowstaste+R damit sich diese logfile öffnet?

Bootsektor 16.01.2015 00:44
Hallo,

versuche mal folgendes:
  • Starte Malwarebytes
  • Gehe nun oben auf Verlauf
  • links findest du nun die Auswahl Quarantäne und Anwendungsprotokolle
  • Gehe auf Anwendungsprotokolle
  • suche hier das letzte Suchlaufsprotokoll und wähle das aus
  • nun gehe oben auf Ansicht, das Protokoll öffnet sich
  • unten links steht exportieren, wähle das aus und klicke auf Textdatei
  • speichere nun das Log unter mbam.txt ab
  • öffne das Log mit deinem Texteditor
  • poste mir den Inhalt

PcAnfängerxD 17.01.2015 15:36
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Scan, 11.01.2015 01:40:21, SYSTEM, JUSTIN-PC, Manual, Start: % 1 "% 2", Dauer: % 1 Std. 6 55 Minuten, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 8-Malwareerkennung,

(end)
FRST.txt
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
Ran by Margit (administrator) on JUSTIN-PC on 17-01-2015 14:45:46
Running from C:\Users\Gast\Downloads
Loaded Profiles: Margit & Gast (Available profiles: Margit & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\old_chrome.exe
(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Monitor.EXE
(Microsoft Corporation) C:\Windows\System32\MRT.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2015-01-15] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Monitor.exe [475136 2014-02-26] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Margit\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [GoogleChromeAutoLaunch_BB36B386FC91F3D4CC09C0FCB27081F3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2015-01-09] (Google Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Akamai NetSession Interface] => C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Speed AutoClicker] => "C:\Users\Gast\Desktop\SpeedAutoClicker.exe" -startup
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bcbinit.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyEnable: [S-1-5-19] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-19] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-20] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-20] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyServer: [S-1-5-21-3413827966-1155256820-1680526860-1000] => 127.0.0.1:50416
ProxyEnable: [S-1-5-21-3413827966-1155256820-1680526860-501] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-HMpgdgjYvVhoxYCg0yi4dHboSp48fxni59g1TUaspPffmSxXBgVz_6mg-bRZ-YoMRZNkmOuizwYuZIl0b1j3t5xVhRsGFFw,,
HKU\S-1-5-21-3413827966-1155256820-1680526860-501\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4HOTNQCpkaJv6syQ6cH4AKiPURCZrtEWLka4l3idyLsI8wBqV8ZDIj2mVKqr6LR-LM2JK9O1HffLnb4uScReyQOsWQbYF4FU6MEHEv6orrVzpV_YTRfAFKveuIni-doACzqhr9DaZOYhufg-dYV0rrxpw-Tbj5w,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> DefaultScope {48E74EE1-4439-450F-9E2E-7DA8549037E7} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {48E74EE1-4439-450F-9E2E-7DA8549037E7} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {805669DD-CC80-4E13-AF01-E6BBB8F7C34F} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000 -> {B45C6E68-E31C-45D8-AD1E-4DE9B593D291} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: SmartSaver+ 15 -> {11111111-1111-1111-1111-110611171196} -> C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default
FF NetworkProxy: "type",
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Margit\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-501: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gast\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Amazon-Icon - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\amazon-icon@giga.de [2014-02-02]
FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org [2013-10-20]
FF Extension: qualitink - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox@qualitink.net [2013-11-15]
FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org.xpi [2013-10-20]
FF Extension: No Name - C:\Program Files (x86)\AmiExt\flashEnhancer\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home238\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release393\ff [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-15]
CHR Extension: (YouTube) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-27]
CHR Extension: (Google-Suche) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-27]
CHR Extension: (AdBlock Premium) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Mail) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-27]
CHR HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Chrome\Extension: [dapejillpcnbpfidhfkpidklcombbmel] - C:\Users\Margit\AppData\Local\CRE\dapejillpcnbpfidhfkpidklcombbmel.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dapejillpcnbpfidhfkpidklcombbmel] - C:\Users\Margit\AppData\Local\CRE\dapejillpcnbpfidhfkpidklcombbmel.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [hfimjncgpflkpkhbnnblhblobjjjhjhd] - C:\Program Files (x86)\qualitink\hfimjncgpflkpkhbnnblhblobjjjhjhd.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jpfpfhlafnadialopcnmpnnonkoncnej] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3625\ch\MediaBuzzV1mode3625.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oeajfgfbfkoagohfgaimemkippdnedli] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release393\ch\RichMediaViewV1release393.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S4 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2015-01-15] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-06] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-15] ()
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-18] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-15] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\Margit\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 drvr; \??\C:\Windows\system32\drivers\drvr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 14:31 - 2015-01-17 14:31 - 00000000 ____D () C:\Users\Gast\Downloads\FRST-OlderVersion
2015-01-14 15:54 - 2015-01-14 15:54 - 00002067 _____ () C:\Users\Public\Desktop\AMD OverDrive.lnk
2015-01-14 15:54 - 2015-01-14 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2015-01-14 15:54 - 2015-01-14 15:54 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-14 12:44 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 12:44 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 12:44 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 12:44 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 12:44 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 12:44 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 12:43 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 12:43 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 12:43 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 12:43 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 12:43 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 12:43 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 12:43 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-12 19:17 - 2015-01-12 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-01-12 19:17 - 2015-01-12 19:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-01-11 01:39 - 2015-01-11 01:40 - 00004410 _____ () C:\Users\Margit\Downloads\mbam-log-2015-01-10 (18-43-32).xml
2015-01-11 01:39 - 2015-01-11 01:39 - 00001813 _____ () C:\Users\Margit\Desktop\MbamSuchlauf.txt
2015-01-10 18:41 - 2015-01-10 18:42 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-10 18:40 - 2015-01-10 18:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-10 18:40 - 2015-01-10 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-10 18:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-10 18:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-10 18:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 18:39 - 2015-01-10 18:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-10 18:29 - 2015-01-12 19:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-10 18:28 - 2015-01-12 19:17 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-01-02 12:47 - 2015-01-02 12:47 - 00000000 ____D () C:\Users\Margit\AppData\Local\A
2015-01-02 12:41 - 2015-01-02 12:41 - 00000000 ____D () C:\Users\Gast\AppData\Local\Aeria Games
2015-01-02 00:28 - 2015-01-02 00:28 - 00000000 ____D () C:\Users\Margit\AppData\Local\Aeria Games
2015-01-02 00:27 - 2015-01-02 00:27 - 00000000 ____D () C:\ProgramData\Aeria Games
2015-01-02 00:26 - 2015-01-02 00:26 - 00001665 _____ () C:\Users\Margit\Desktop\S4 League.lnk
2015-01-02 00:26 - 2015-01-02 00:26 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-01-02 00:19 - 2015-01-02 00:19 - 00002028 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-01-02 00:19 - 2015-01-02 00:19 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Aeria Games & Entertainment
2015-01-02 00:19 - 2015-01-02 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-01-02 00:19 - 2015-01-02 00:19 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
2015-01-01 05:38 - 2015-01-01 21:01 - 00001241 _____ () C:\Users\Margit\Desktop\Guns And Robots.lnk
2015-01-01 05:38 - 2015-01-01 06:20 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guns And Robots
2015-01-01 05:38 - 2015-01-01 05:40 - 00000000 ____D () C:\Users\Margit\AppData\Local\Guns And Robots
2015-01-01 05:37 - 2015-01-01 05:37 - 13031904 _____ (Mastheadstudios Ltd.) C:\Users\Margit\Downloads\GaRsetup.exe
2015-01-01 04:47 - 2015-01-01 04:47 - 00107683 _____ () C:\Users\Margit\Downloads\PaySafeCard Generator - HyperHacks.rar
2015-01-01 04:41 - 2015-01-01 04:41 - 08711768 _____ () C:\Users\Margit\Downloads\LOTROProgressive_de_4.28.exe
2015-01-01 03:05 - 2015-01-01 03:05 - 00001199 _____ () C:\Users\Margit\Desktop\NosTale - Verknüpfung.lnk
2014-12-31 23:19 - 2014-12-31 23:19 - 00003010 _____ () C:\Windows\System32\Tasks\{48918102-C41A-4E86-8F45-E5BF5F191957}
2014-12-31 23:16 - 2014-12-31 23:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-31 23:16 - 2014-12-31 23:16 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-12-31 23:16 - 2014-12-31 23:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-31 23:10 - 2014-12-31 23:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\OpenOffice
2014-12-31 14:05 - 2014-12-31 14:05 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\MingGuan
2014-12-31 13:53 - 2015-01-10 23:42 - 00864256 _____ () C:\Program Files (x86)\Option.exe
2014-12-31 13:53 - 2014-12-31 14:00 - 00000944 _____ () C:\Program Files (x86)\Config.ini
2014-12-31 13:53 - 2014-12-31 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller Pro
2014-12-31 13:53 - 2014-12-31 13:53 - 00000000 ____D () C:\Program Files (x86)\skins
2014-12-31 13:53 - 2014-09-03 15:58 - 00057344 _____ () C:\Program Files (x86)\lan.dll
2014-12-31 13:53 - 2014-02-26 14:45 - 00475136 _____ () C:\Program Files (x86)\Monitor.EXE
2014-12-31 13:53 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\hiddriver.dll
2014-12-31 13:52 - 2014-12-31 13:52 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\InstallShield
2014-12-31 13:44 - 2015-01-15 20:31 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-12-31 13:44 - 2014-12-31 13:44 - 01192533 _____ () C:\Windows\unins001.exe
2014-12-31 13:44 - 2014-12-31 13:44 - 00017982 _____ () C:\Windows\unins001.dat
2014-12-31 13:44 - 2014-12-31 13:44 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\MingGuan
2014-12-31 13:44 - 2014-12-31 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2014-12-30 11:35 - 2014-12-30 19:55 - 00000000 ____D () C:\AdwCleaner
2014-12-29 23:04 - 2014-12-29 23:05 - 06594837 _____ () C:\Users\Gast\Downloads\Z0rker.zip
2014-12-29 17:05 - 2014-12-29 17:05 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\LolClient
2014-12-29 00:38 - 2014-12-29 00:38 - 00001129 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk
2014-12-29 00:37 - 2014-12-29 00:43 - 00000000 ____D () C:\Users\Margit\AppData\Local\AviraSpeedup
2014-12-29 00:37 - 2014-12-29 00:37 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2014-12-29 00:37 - 2014-12-29 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2014-12-29 00:02 - 2014-12-29 00:02 - 00000000 __SHD () C:\Users\Gast\AppData\Local\EmieBrowserModeList
2014-12-28 23:26 - 2015-01-17 14:46 - 00024271 _____ () C:\Users\Gast\Downloads\FRST.txt
2014-12-28 23:22 - 2015-01-17 14:45 - 00000000 ____D () C:\FRST
2014-12-28 23:09 - 2014-12-28 23:09 - 00000000 __SHD () C:\Users\Margit\AppData\Local\EmieBrowserModeList
2014-12-28 21:55 - 2015-01-17 14:31 - 02125824 _____ (Farbar) C:\Users\Gast\Downloads\FRST64.exe
2014-12-28 21:09 - 2014-12-28 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE)
2014-12-28 17:16 - 2015-01-14 17:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\LogMeIn Hamachi
2014-12-28 17:16 - 2014-12-28 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-28 17:16 - 2014-12-28 17:16 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-28 17:05 - 2014-12-28 17:05 - 00000000 ____D () C:\Users\Margit\AppData\Local\Logitech
2014-12-27 02:50 - 2014-12-27 02:50 - 00000000 ____D () C:\Users\Margit\Documents\Raiderz
2014-12-27 02:19 - 2014-12-27 02:42 - 00000000 ___HD () C:\ArcTemp
2014-12-27 02:12 - 2014-12-27 02:17 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Arc
2014-12-27 02:12 - 2014-12-27 02:12 - 00000000 ____D () C:\Users\Public\Documents\Arc
2014-12-27 02:07 - 2014-12-28 23:13 - 00000000 ____D () C:\Program Files (x86)\Arc
2014-12-27 02:07 - 2014-12-27 02:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-12-27 01:30 - 2014-12-27 01:33 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\FiestaOnline
2014-12-23 23:25 - 2014-12-23 23:25 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\7road
2014-12-22 20:49 - 2015-01-02 00:19 - 00000000 ____D () C:\AeriaGames
2014-12-22 20:44 - 2014-12-28 23:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Akamai
2014-12-22 13:37 - 2014-12-22 13:37 - 01214778 _____ () C:\Users\Margit\Downloads\mbam-log-2014-12-22 (12-49-48).xml
2014-12-21 18:35 - 2014-12-25 00:49 - 00000000 ____D () C:\Users\Margit\AppData\Local\mfbot.de
2014-12-20 19:01 - 2014-12-30 12:04 - 00000000 ____D () C:\Windows\system32\log
2014-12-20 18:41 - 2014-12-23 18:02 - 00000000 ____D () C:\Users\Gast\AppData\Local\mfbot.de
2014-12-20 18:30 - 2014-12-20 18:32 - 00000000 ____D () C:\Kaminfeuer Comprehensive Edition 1080 - Eigene Kaminansichten
2014-12-20 18:30 - 2014-12-20 18:30 - 00002074 _____ () C:\Users\Margit\Desktop\Kaminfeuer Comprehensive Edition 1080 starten.lnk
2014-12-20 18:30 - 2014-12-20 18:30 - 00001313 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaminfeuer Comprehensive Edition 1080.LNK
2014-12-20 18:30 - 2014-12-20 18:30 - 00000000 ____D () C:\Program Files (x86)\Kaminfeuer Comprehensive Edition 1080
2014-12-20 18:30 - 2013-06-19 18:54 - 26682880 _____ (Jochen Moschko) C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr
2014-12-20 18:30 - 2013-06-19 18:54 - 00193296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00111376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-12-20 18:30 - 2013-06-19 18:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCIDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InetDE.dll
2014-12-20 18:30 - 2013-06-19 18:54 - 00000414 _____ () C:\Windows\Kaminfeuer Comprehensive Edition 1080.scr.manifest
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start
2014-12-20 18:27 - 2013-06-19 18:54 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00099866 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DE.dll
2014-12-20 18:27 - 2013-06-19 18:54 - 00072704 _____ (Microsoft Corporation) C:\Windows\ST5UNST.EXE
2014-12-20 18:27 - 2013-06-19 18:54 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5StKit.dll
2014-12-18 13:19 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:19 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 14:31 - 2014-10-22 21:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-17 14:18 - 2012-12-17 13:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-17 13:31 - 2012-12-17 10:33 - 01355653 _____ () C:\Windows\WindowsUpdate.log
2015-01-17 12:59 - 2014-10-24 13:04 - 00023398 _____ () C:\Windows\setupact.log
2015-01-17 12:01 - 2014-06-18 16:44 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Skype
2015-01-17 11:33 - 2014-10-22 21:22 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 21:31 - 2014-10-22 21:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 20:30 - 2013-05-14 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-01-15 20:30 - 2013-05-14 18:01 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick
2015-01-15 18:18 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 18:18 - 2009-07-14 05:45 - 00042160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 17:55 - 2014-07-12 17:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\.minecraft
2015-01-15 17:52 - 2014-07-16 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Craften Terminal
2015-01-15 13:15 - 2014-04-17 20:18 - 00000412 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-01-15 13:15 - 2013-06-13 12:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-15 13:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 22:08 - 2013-07-13 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 22:08 - 2012-12-17 12:29 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 18:54 - 2014-09-28 15:33 - 00000000 ____D () C:\Users\Gast\Desktop\Floral Flyff Client
2015-01-14 16:18 - 2012-12-17 13:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 16:18 - 2012-12-17 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 16:18 - 2012-12-17 13:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 15:52 - 2013-06-21 15:36 - 00000000 ____D () C:\Users\Margit\AppData\Local\Downloaded Installations
2015-01-13 22:07 - 2014-09-30 14:49 - 00000180 _____ () C:\Users\Gast\Desktop\Neues Textdokument (3).txt
2015-01-11 14:01 - 2014-10-24 13:03 - 00052188 _____ () C:\Windows\PFRO.log
2015-01-11 01:40 - 2014-08-21 15:26 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2015-01-10 18:29 - 2012-12-21 17:09 - 00000000 ____D () C:\Users\Margit\AppData\Local\Adobe
2015-01-09 18:32 - 2014-11-06 17:50 - 00000000 ____D () C:\Users\Gast\Desktop\NosTale
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-02 02:36 - 2012-12-21 11:53 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Skype
2015-01-02 00:19 - 2014-06-27 19:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-01-02 00:19 - 2014-04-23 16:06 - 00264192 ___SH () C:\Users\Margit\Desktop\Thumbs.db
2015-01-02 00:10 - 2014-05-03 21:34 - 00000000 ____D () C:\Users\Margit\AppData\Local\Akamai
2015-01-01 23:58 - 2014-04-17 19:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-01 21:01 - 2013-07-09 12:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-01 05:40 - 2014-02-27 12:14 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Apple Computer
2015-01-01 02:51 - 2014-05-30 11:22 - 00001421 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-01 02:46 - 2014-11-06 17:39 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-01-01 02:46 - 2012-12-21 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-31 23:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-31 23:37 - 2014-07-24 17:53 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-12-31 23:37 - 2014-06-23 20:16 - 00000000 ____D () C:\Users\Gast\Documents\My Games
2014-12-31 23:30 - 2014-08-17 18:25 - 00000000 ____D () C:\Users\Margit\Downloads\Gameforge Live
2014-12-31 23:16 - 2014-07-25 22:41 - 00000000 ____D () C:\Users\Margit\AppData\Local\LogMeIn Hamachi
2014-12-31 23:16 - 2012-12-17 10:45 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-31 14:01 - 2014-07-13 20:37 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TS3Client
2014-12-31 13:53 - 2012-12-17 10:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-31 13:28 - 2014-05-30 11:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-12-30 12:05 - 2014-11-28 18:43 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-12-29 22:09 - 2013-04-22 14:55 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-29 15:45 - 2014-05-30 11:22 - 00109152 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 15:42 - 2009-07-14 05:45 - 00390200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-29 00:37 - 2014-02-20 16:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-29 00:37 - 2012-12-17 10:46 - 00109152 _____ () C:\Users\Margit\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 00:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-28 23:20 - 2014-04-14 12:48 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Samsung
2014-12-28 23:20 - 2014-04-14 12:48 - 00000000 ____D () C:\Users\Margit\AppData\Local\Samsung
2014-12-28 23:20 - 2014-04-14 12:47 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-12-28 23:20 - 2014-02-06 16:59 - 00000000 ____D () C:\ProgramData\Samsung
2014-12-28 23:17 - 2014-09-20 19:14 - 00000000 ____D () C:\ProgramData\NexonUS
2014-12-28 23:16 - 2014-03-20 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-12-28 23:16 - 2014-03-20 21:56 - 00000000 ____D () C:\ProgramData\MAGIX
2014-12-28 23:15 - 2014-03-20 21:59 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Premium_Download_Version
2014-12-28 23:10 - 2013-04-03 16:02 - 00000000 ____D () C:\ProgramData\InstallMate
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Users\Margit\AppData\Roaming\Opera Software
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Users\Margit\AppData\Local\Opera Software
2014-12-28 23:09 - 2014-10-22 21:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-28 23:07 - 2014-03-14 16:07 - 00000000 ____D () C:\Program Files\HitmanPro
2014-12-28 23:07 - 2014-02-15 09:27 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-28 23:07 - 2014-02-15 09:27 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-12-28 23:06 - 2014-05-26 09:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-28 23:05 - 2014-07-31 00:37 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-12-28 23:01 - 2013-09-09 09:48 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-12-28 23:01 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-28 17:21 - 2012-12-08 20:26 - 00000000 ____D () C:\Users\Gast\Desktop\Minecraft Bukkit Server 1.6.4
2014-12-25 18:10 - 2014-07-09 09:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\fabi.me
2014-12-25 13:51 - 2014-11-06 16:05 - 00000000 ____D () C:\Users\Margit\AppData\Local\Windows Live
2014-12-24 19:24 - 2012-12-17 10:39 - 00000000 ____D () C:\Users\Margit
2014-12-23 16:07 - 2012-12-21 11:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 21:07 - 2013-08-26 20:18 - 00000000 ____D () C:\Users\Margit\Documents\My Games
2014-12-22 12:52 - 2014-04-19 22:04 - 00002948 _____ () C:\Windows\System32\Tasks\{9ACF3A99-E37B-43E0-A2AD-257222583004}
2014-12-22 12:52 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{CA88250D-EDE0-415D-A7D9-80E1432B7A09}
2014-12-22 12:52 - 2014-03-25 16:36 - 00003302 _____ () C:\Windows\System32\Tasks\{D1CBE8AD-32B1-4506-BCBC-71D28B9CD788}
2014-12-22 12:52 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{C5C32378-3A80-41C0-A496-CB252C3EF91D}
2014-12-22 12:52 - 2013-06-13 11:27 - 00002980 _____ () C:\Windows\System32\Tasks\{F80032B6-FD8B-4C37-B4C9-F1D860EE2A6E}
2014-12-22 12:51 - 2014-04-19 22:03 - 00002948 _____ () C:\Windows\System32\Tasks\{25E61622-D504-4687-8CA0-DB1AE11A2406}
2014-12-22 12:51 - 2014-04-19 22:02 - 00002948 _____ () C:\Windows\System32\Tasks\{2A83181E-E6A5-40A8-A1E7-0EDC4B1878FC}
2014-12-22 12:51 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{891AAF44-5CAE-4B8A-931F-D71ADD64C53D}
2014-12-22 12:51 - 2014-04-19 22:01 - 00002948 _____ () C:\Windows\System32\Tasks\{25BCCB07-CC7E-41B9-883B-3186D30FAB59}
2014-12-22 12:51 - 2014-04-19 22:00 - 00002946 _____ () C:\Windows\System32\Tasks\{10699523-0978-4EEC-B551-6B7DFEBF3E5B}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{749B462B-1FCA-4DAD-9483-A1A03E48C574}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002980 _____ () C:\Windows\System32\Tasks\{38081923-7D7F-4245-AE6B-B3FD6CADCB7B}
2014-12-22 12:51 - 2013-06-20 19:32 - 00002978 _____ () C:\Windows\System32\Tasks\{127E358C-5CE0-4EC3-8BCE-A39481B22E42}
2014-12-22 12:51 - 2013-05-14 17:59 - 00003038 _____ () C:\Windows\System32\Tasks\{AD5AFC9C-1A7A-4481-95C9-331FF3137DF4}
2014-12-22 12:51 - 2013-02-16 18:43 - 00002982 _____ () C:\Windows\System32\Tasks\{27FC4681-DE2C-4C93-A5B5-F85ADDA5CD22}
2014-12-22 12:46 - 2014-06-03 21:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Spotify
2014-12-22 12:31 - 2013-02-17 13:41 - 00000000 ____D () C:\Windows\pss
2014-12-20 19:02 - 2014-07-31 00:38 - 00002514 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-12-20 19:02 - 2013-05-01 11:11 - 00001213 _____ () C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-20 13:05 - 2012-12-21 11:53 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 22:38 - 2014-06-19 17:39 - 00000000 ____D () C:\Users\Gast\AppData\Local\Game Dev Tycoon - Steam
2014-12-18 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

==================== Files in the root of some directories =======
2014-12-31 13:53 - 2014-12-31 14:00 - 0000944 _____ () C:\Program Files (x86)\Config.ini
2014-12-31 13:53 - 2012-08-14 22:41 - 0061440 _____ () C:\Program Files (x86)\hiddriver.dll
2014-12-31 13:53 - 2013-09-12 14:15 - 0331510 _____ () C:\Program Files (x86)\Icon.ico
2014-12-31 13:53 - 2014-09-03 15:58 - 0057344 _____ () C:\Program Files (x86)\lan.dll
2014-12-31 13:53 - 2014-02-26 14:45 - 0475136 _____ () C:\Program Files (x86)\Monitor.EXE
2014-12-31 13:53 - 2015-01-10 23:42 - 0864256 _____ () C:\Program Files (x86)\Option.exe
2014-12-31 13:53 - 2006-08-22 15:05 - 0002238 _____ () C:\Program Files (x86)\Uninstall.ico
2013-08-18 12:44 - 2013-08-18 12:46 - 0047104 ___SH () C:\Users\Margit\AppData\Roaming\Thumbs.db
2014-02-20 21:57 - 2014-03-14 12:56 - 0000053 _____ () C:\Users\Margit\AppData\Roaming\WB.CFG
2012-12-20 17:46 - 2013-04-06 03:00 - 0007680 _____ () C:\Users\Margit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Files to move or delete:
====================
C:\Users\Margit\Desktopasdasd.exe
C:\Users\Margit\S4_League.exe


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-3-g9532cb6-b2887jnks.dll
C:\Users\Gast\AppData\Local\Temp\_is787A.exe
C:\Users\Gast\AppData\Local\Temp\_isC1B9.exe
C:\Users\Gast\AppData\Local\Temp\_isE60B.exe
C:\Users\Gast\AppData\Local\Temp\_isF4E9.exe
C:\Users\Margit\AppData\Local\Temp\avgnt.exe
C:\Users\Margit\AppData\Local\Temp\Bypass.dll
C:\Users\Margit\AppData\Local\Temp\Quarantine.exe
C:\Users\Margit\AppData\Local\Temp\sqlite3.dll
C:\Users\Margit\AppData\Local\Temp\_is1B8C.exe
C:\Users\Margit\AppData\Local\Temp\_is363D.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 20:52

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
Ran by Margit at 2015-01-17 14:46:47
Running from C:\Users\Gast\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Akamai) (Version:  - Akamai Technologies, Inc)
allday savings (HKLM\...\1B796EA6-F42D-4E01-A7B0-A6417AD3DE4A) (Version: 2.0.1 - allday savings)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira System Speedup 1.5 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.5 - 2000 - 2014 Avira Operations GmbH & Co. KG)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version:  - Nexon)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4310 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guns And Robots (HKLM-x32\...\Guns And Robots) (Version: 1.0 - Mastheadstudios Ltd.)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1210.30) (Version: 3.5.1210.30 - Solveig Multimedia)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
Logitech Z-series Software 1.04 (HKLM\...\{B38BCB00-1C17-48F5-BB94-584BB89D34D0}) (Version: 1.04.153 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skiller Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Spotify (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Spotify) (Version: 0.9.14.11.g7e298e37 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb77600 (HKLM-x32\...\{79BB0733-58A2-486C-AA02-F9BAB929EFF8}) (Version: 1.0.0 - MSR) <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Treiber-Studio 2013 (HKLM\...\{2D3471B9-8671-46F0-9947-4C0DB6234403}) (Version: 8.1.428 - Publish Data)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
YouTube (HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659) (Version: 1.0.9.53204 - Pokki)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413827966-1155256820-1680526860-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

02-01-2015 12:01:07 Windows Update
04-01-2015 19:00:45 Windows-Sicherung
06-01-2015 14:36:16 Windows Update
09-01-2015 14:41:58 Windows Update
11-01-2015 19:00:35 Windows-Sicherung
13-01-2015 14:14:01 Windows Update
14-01-2015 15:53:27 Installed AMD OverDrive.
14-01-2015 22:08:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-27 14:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00BFA346-0F61-4DB5-94CB-5A5D7D52CFB9} - System32\Tasks\{E853544F-29DE-4A80-9A15-633B15B19F21} => pcalua.exe -a C:\Users\Margit\AVM_Driver\FWLAN\pushinst.exe -d C:\Users\Margit\AVM_Driver\FWLAN
Task: {03EA357E-52D0-413D-8D49-E1F45E0A4E95} - System32\Tasks\{06818C6F-1EE9-4624-BF19-CF01A8F021B5} => C:\Users\Margit\Downloads\chromeinstall-7u21 (1).exe
Task: {0D6A0BA9-DF4E-4168-8AB5-2A3CA14209C1} - System32\Tasks\{2A83181E-E6A5-40A8-A1E7-0EDC4B1878FC} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {1F34B0D5-B054-42DE-A0C4-BC12095BA138} - System32\Tasks\{F42E840F-C5C0-4AE3-B967-3B87823AF4F0} => pcalua.exe -a E:\Setup\Setup.exe -d E:\
Task: {24723AB7-117D-437B-89F4-20634CDC8F09} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {27D18596-A4E7-49C1-8B22-1C09B93019FA} - System32\Tasks\{25E61622-D504-4687-8CA0-DB1AE11A2406} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {3125A5D9-5466-4492-AB39-C3CC3275B630} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: {333C954D-759E-44B8-8A20-DDFDE24FDC83} - System32\Tasks\{F80032B6-FD8B-4C37-B4C9-F1D860EE2A6E} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {3CD639F6-8AD5-4455-B0E4-320967B3959E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {408161EA-4870-4E07-8E72-72EFA6EC3E90} - System32\Tasks\{F960AAB2-4C92-4C84-A958-DA87CFCD15FA} => pcalua.exe -a C:\Users\Margit\AVM_Driver\FWLAN\setup.exe -d C:\Users\Margit\AVM_Driver\FWLAN
Task: {414285DD-F86E-4FCB-91B8-50E84BE70E7A} - System32\Tasks\{9ACF3A99-E37B-43E0-A2AD-257222583004} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {4EBBCC70-8C9A-4670-90FA-8DFDFB0FD382} - System32\Tasks\{D1CBE8AD-32B1-4506-BCBC-71D28B9CD788} => pcalua.exe -a C:\Users\Margit\AppData\Local\Temp\{96C5A240-4257-448F-9F47-7D5C20A5C931}\setup.exe -d "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154"
Task: {51367041-B77D-410F-AF6F-70B86CD7DEF0} - System32\Tasks\{12D0D921-EA07-4C9E-984C-D9DB7599421C} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {57E857AC-D073-4F22-878D-3036530C67BC} - System32\Tasks\{127E358C-5CE0-4EC3-8BCE-A39481B22E42} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {597DEE36-BDBA-4B26-9FF6-A92D39DFDC16} - System32\Tasks\{25BCCB07-CC7E-41B9-883B-3186D30FAB59} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {5D4C3598-0056-4C1B-B7CD-5E71AF7FF81F} - System32\Tasks\{AD5AFC9C-1A7A-4481-95C9-331FF3137DF4} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5F99CCCE-3299-42DA-9619-746671EF331A} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2014-12-11] (Avira Operations GmbH & Co. KG)
Task: {626F3468-8501-4E35-BFE2-45C98209441A} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {6313AF1E-5AAB-424D-B3B2-BECBAC75A2DE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {6FFB1919-1FA9-4CDB-8523-686D2F9EA261} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {81B2819A-2FD4-4C10-A88D-FECDB52F6DA8} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-14] (ASUSTeK Computer Inc.)
Task: {8520F69A-B90C-4530-A22B-105D5E08919E} - System32\Tasks\{48918102-C41A-4E86-8F45-E5BF5F191957} => C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\NosTale\Nostale.exe
Task: {8F1573B8-40CD-4F08-9747-4577890147F9} - System32\Tasks\{10699523-0978-4EEC-B551-6B7DFEBF3E5B} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {9952CC9E-442F-4C72-8559-FD64B07CFAD6} - System32\Tasks\{749B462B-1FCA-4DAD-9483-A1A03E48C574} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {A47A0592-6656-4E9D-82FC-DB24584F8713} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {B2D997F3-3C2B-4580-827C-8D10073AC37D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3413827966-1155256820-1680526860-1000Core => C:\Users\Margit\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B41DC9CA-413E-4BFC-ADAF-20114A8D82DB} - System32\Tasks\{891AAF44-5CAE-4B8A-931F-D71ADD64C53D} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {B746A350-8CCC-44B0-A11C-ADACF1731324} - System32\Tasks\{38081923-7D7F-4245-AE6B-B3FD6CADCB7B} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {B7BDC3B0-800B-48A1-A1EC-6E182B7AB7BF} - System32\Tasks\{135D557F-798B-4B30-9EF1-83F4CB2E14BF} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {BCEA647A-F118-4805-A05B-DA46186DF91B} - System32\Tasks\{19C2391B-B695-4206-ACEC-CFC188BFEAB6} => C:\Users\Margit\Desktop\HGWC Bypass\HGWC Bypass.exe
Task: {C48504B3-C984-4B65-8844-8EFD37641110} - System32\Tasks\{F33716A5-2C9C-4596-B5E9-8FAC56D6A5FF} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5CD14679-0F5A-4924-8C08-554D89A6A680}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{5CD14679-0F5A-4924-8C08-554D89A6A680}"
Task: {D424A41E-977B-4BC1-8465-571E3CAC97CE} - System32\Tasks\{CEED9F63-5F09-41F1-9A60-A21377CA528B} => C:\Users\Margit\Downloads\chromeinstall-7u21 (1).exe
Task: {D4A1E8FE-F77F-42B3-B38D-32D785A6D231} - System32\Tasks\{CA88250D-EDE0-415D-A7D9-80E1432B7A09} => C:\Program Files (x86)\Steam\Steam.exe [2014-12-20] (Valve Corporation)
Task: {D6FDA0FC-3C68-4B92-ACFE-0CEE5DFE361D} - System32\Tasks\{27FC4681-DE2C-4C93-A5B5-F85ADDA5CD22} => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-12-13] (LogMeIn Inc.)
Task: {DF5648D2-25DC-4486-8F81-58F34C2D1376} - System32\Tasks\{C5C32378-3A80-41C0-A496-CB252C3EF91D} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
Task: {F5DC1BEA-DC5E-4B37-91FC-D34DAEF58010} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {F80EF664-B8BB-4371-AAA1-B250253DE11D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F8237811-A5CF-4425-B59D-3FAC773AB9D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3413827966-1155256820-1680526860-1000UA => C:\Users\Margit\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2013-04-29 22:25 - 2013-04-29 22:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 15:03 - 2012-03-05 15:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 13:53 - 2012-02-16 13:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-04-15 20:29 - 2014-05-29 14:39 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-15 20:29 - 2014-05-29 14:39 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-12-31 13:44 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-12-31 13:53 - 2014-02-26 14:45 - 00475136 _____ () C:\Program Files (x86)\Monitor.EXE
2014-12-31 13:44 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2014-12-31 13:44 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-12-31 13:53 - 2014-09-03 15:58 - 00057344 _____ () C:\Program Files (x86)\lan.dll
2014-12-31 13:53 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\hiddriver.dll
2014-12-31 13:44 - 2013-11-05 16:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-01-17 11:32 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-17 11:32 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-17 11:32 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-17 11:32 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AVM WLAN Connection Service => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: ClaraUpdater => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: Arc => C:\Program Files (x86)\Arc\ArcLauncher.exe /autorun
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
MSCONFIG\startupreg: FLV Player => C:\Users\Margit\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
MSCONFIG\startupreg: GameforgeLive => "C:\Program Files (x86)\GameforgeLive\gfl_client.exe" -autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7D78684C04D130A2BFD725AA212F80C4 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: Spotify => "C:\Users\Margit\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Margit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3413827966-1155256820-1680526860-500 - Administrator - Disabled)
Gast (S-1-5-21-3413827966-1155256820-1680526860-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3413827966-1155256820-1680526860-1004 - Limited - Enabled)
Margit (S-1-5-21-3413827966-1155256820-1680526860-1000 - Administrator - Enabled) => C:\Users\Margit

==================== Faulty Device Manager Devices =============

Name: hamachi
Description: hamachi
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2015 02:24:35 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=3CDDBDFBD665422797510C4541AF0A16;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\79c3d9aa-ad57-4cdc-8132-4412e22f2daf.dmp

Error: (01/17/2015 01:17:13 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=3CDDBDFBD665422797510C4541AF0A16;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\0a7dd8e3-e485-46fa-bd44-a7f6d8328fce.dmp

Error: (01/17/2015 01:14:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.0.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f3c

Startzeit: 01d03244e69c0f7a

Endzeit: 6

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: 6253519a-9e42-11e4-bfe1-50465d9054db

Error: (01/16/2015 10:20:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2015 01:16:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 10:14:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x718
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (01/14/2015 08:52:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/14/2015 00:41:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.550.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1334

Startzeit: 01d02fee6514c3cf

Endzeit: 7

Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID: 0c292e65-9be2-11e4-853f-50465d9054db

Error: (01/14/2015 00:34:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 10:07:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f39a1
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3


System errors:
=============
Error: (01/17/2015 00:01:13 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/16/2015 03:52:56 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/16/2015 03:15:44 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/15/2015 10:17:08 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/15/2015 10:16:51 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/15/2015 10:16:33 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/15/2015 10:16:11 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/15/2015 10:15:54 PM) (Source: DCOM) (EventID: 10016) (User: JUSTIN-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}JUSTIN-PCGastS-1-5-21-3413827966-1155256820-1680526860-501LocalHost (unter Verwendung von LRPC)

Error: (01/14/2015 10:14:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/14/2015 09:50:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus lautet: 105.


Microsoft Office Sessions:
=========================
Error: (01/17/2015 02:24:35 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=3CDDBDFBD665422797510C4541AF0A16;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\79c3d9aa-ad57-4cdc-8132-4412e22f2daf.dmp

Error: (01/17/2015 01:17:13 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=3CDDBDFBD665422797510C4541AF0A16;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\0a7dd8e3-e485-46fa-bd44-a7f6d8328fce.dmp

Error: (01/17/2015 01:14:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.0.0.102f3c01d03244e69c0f7a6C:\Program Files (x86)\Skype\Phone\Skype.exe6253519a-9e42-11e4-bfe1-50465d9054db

Error: (01/16/2015 10:20:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/15/2015 01:16:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 10:14:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c171801d02fedcca9e17dC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll5c151515-9c32-11e4-853f-50465d9054db

Error: (01/14/2015 08:52:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/14/2015 00:41:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.550.13133401d02fee6514c3cf7C:\Program Files\Java\jre7\bin\javaw.exe0c292e65-9be2-11e4-853f-50465d9054db

Error: (01/14/2015 00:34:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 10:07:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c175801d02f320c674249C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll2ad77595-9b68-11e4-97c9-50465d9054db


CodeIntegrity Errors:
===================================
  Date: 2014-05-27 15:13:08.635
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-27 15:13:08.557
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:29 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131