Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijacked, HijackThis-scan results


  • This topic is locked This topic is locked
8 replies to this topic

#1 September27

September27

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 27 September 2014 - 06:59 AM

Hello, can I get help on this scan result? Which files are the bad files?

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:31:37, on 27.09.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)


FIREFOX: 32.0.3 (x86 de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Users\Felix_Michael\Programm_HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.mystartsearch.com/?type=hp&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14366;https=127.0.0.1:14366
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: aviraBHO - {A18A516C-AA41-46A9-92DB-60208917E442} - C:\Program Files (x86)\avira\Internet Explorer\avira32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: SpeedChecker - {C94EB83D-8928-757E-64A2-A94F91D39DD2} - C:\Program Files (x86)\ver5SpeedChecker\179.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ba696155-d96e-4281-b467-0367a0456474} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [mbot_de_107] "C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\RunOnce: [upmbot_de_107.exe] C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MotoCast] "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: StormWatchApp.lnk = Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {92808042-fb78-4fa0-bb4f-c9a95e0e9c10} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {439B6D3C-A359-4D73-8515-2AFE8CF90C08} (TS4WCtrl Class) - http://www.tradesignalonline.com/charts/bin/axts5we.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: Search Protect Service (CltMngSvc) - Unknown owner - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe (file missing)
O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - F:\Hamachi\hamachi-2.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxeaCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
O23 - Service: lxea_device -   - C:\Windows\system32\lxeacoms.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: VO Service component (servervo) - Unknown owner - C:\Users\Felix_Michael\AppData\Roaming\VOPackage\VOsrv.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SpeedChecker - Unknown owner - C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14006 bytes
 



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:50 PM

Posted 27 September 2014 - 07:40 AM

Hello September27 and Welcome to the BleepingComputer. :welcome:  

 

My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.
 

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.

 

  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks

------------------------------------------------------------------------------------------------------------------------------

 

I see some malicious software.  Please do the following, for a detailed review

 

---------------------------------

 

FRST Scan:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

:hello:

 

Sincerely


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 September27

September27
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 27 September 2014 - 09:47 AM

Hello Yilmaz,  Thank you to answer so fast. Here ist the scan result of FRST.txt and Addition.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by Felix_Michael (administrator) on FELIX-SELF-PC on 27-09-2014 16:42:43
Running from C:\Users\Felix_Michael\FArbar
Loaded Profiles: Felix_Michael & UpdatusUser (Available profiles: Felix_Michael & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ver5SpeedChecker\E5z.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\x64\3\lxeaserv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
() C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [150264 2013-01-23] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe [3971528 2014-09-25] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [upmbot_de_107.exe] => C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe [3303928 2014-09-25] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2055 2014-05-24] ()
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\MountPoints2: {43b5c243-e362-11e3-be14-bc5ff4782281} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\MountPoints2: {6f05a699-9555-11e2-9466-806e6f6e6963} - D:\CDSETUP.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-18] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe ()
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4220798184-1966174994-1977611950-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14366;https=127.0.0.1:14366
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x24B77CE14429CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SpeedChecker -> {C94EB83D-8928-757E-64A2-A94F91D39DD2} -> C:\Program Files (x86)\ver5SpeedChecker\179_x64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SpeedChecker -> {C94EB83D-8928-757E-64A2-A94F91D39DD2} -> C:\Program Files (x86)\ver5SpeedChecker\179.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {ba696155-d96e-4281-b467-0367a0456474} -  No File
DPF: HKLM-x32 {439B6D3C-A359-4D73-8515-2AFE8CF90C08} http://www.tradesignalonline.com/charts/bin/axts5we.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Felix_Michael\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: Avira Savings Advisor - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\ciuvo-extension@avira.de [2014-08-01]
FF Extension: Fast Start - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\faststartff@gmail.com [2014-09-25]
FF Extension: YouTube Unblocker - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\youtubeunblocker@unblocker.yt [2014-09-16]
FF Extension: Tradesignal Online Chart - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2014-09-18]
FF Extension: MPEG4 Service - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{105d4532-6459-4703-ab9d-0c9d97f474aa}.xpi [2014-06-03]
FF Extension: {a5368f84-a43f-4786-b180-410ece2f73a8} - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{a5368f84-a43f-4786-b180-410ece2f73a8}.xpi [2014-05-28]
FF Extension: Adblock Plus - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-01]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\extensions\faststartff@gmail.com
FF HKCU\...\Firefox\Extensions: [{46BE1F86-357E-3BA6-AB56-FDE635626853}] - C:\Program Files (x86)\ver5SpeedChecker\179.xpi
FF Extension: SpeedChecker - C:\Program Files (x86)\ver5SpeedChecker\179.xpi [2014-09-25]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV="
CHR DefaultSearchKeyword: Default -> 2243C265F381BFC91C5FA7A095C4028D001A389FA0C38CA5973AB96C548FCA32
CHR DefaultSearchURL: Default -> D599F79481F4955CF094E4CC1A19BE7B6B8E555F1BF56C722593A70E4C17235C
CHR Profile: C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-09-24]
CHR Extension: (chessmail ~ Schach) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkgfhmdidjkcoflclddnmgacgeaahkk [2013-09-24]
CHR Extension: (Angry Birds) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-24]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-19]
CHR Extension: (Avira Savings Advisor) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb [2014-08-01]
CHR Extension: (Google Search) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-16]
CHR Extension: (ProxMate) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2013-11-09]
CHR Extension: (Plants vs Zombies) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-09-24]
CHR Extension: (Google Wallet) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (SpeedChecker) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbljjjibmmjckmbpaaiimpcjhanmmeb [2014-09-25]
CHR Extension: (Quick start) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [cojnmaaohncijldefpkpkkakjonfmgeb] - C:\Program Files (x86)\avira\Chrome\avira-1.5.14.crx [2013-12-11]
CHR HKLM-x32\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2013-12-11]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7101288 2014-07-28] (Reimage®)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpeedChecker; C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe [330752 2014-09-25] () [File not signed]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-05-13] (WiseCleaner.com)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 Hamachi2Svc; F:\Hamachi\hamachi-2.exe -s [X]
S2 servervo; C:\Users\Felix_Michael\AppData\Roaming\VOPackage\VOsrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-08-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-03-25] (FNet Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2008-04-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWOW64\ZDCNDIS6a64.sys [41280 2008-04-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 cpuz134; \??\C:\Users\FELIX_~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 DfSdkS; No ImagePath
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 16:42 - 2014-09-27 16:42 - 00000000 ____D () C:\FRST
2014-09-27 16:41 - 2014-09-27 16:42 - 00000000 ____D () C:\Users\Felix_Michael\FArbar
2014-09-27 16:40 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140927-164003.backup
2014-09-27 13:24 - 2014-09-27 13:31 - 00000000 ____D () C:\Users\Felix_Michael\Programm_HijackThis
2014-09-27 12:42 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140927-124227.backup
2014-09-27 10:59 - 2014-09-27 10:59 - 00010940 _____ () C:\Windows\wininit.ini
2014-09-27 10:10 - 2014-09-27 12:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-27 10:10 - 2014-09-27 10:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-27 10:10 - 2014-09-27 10:10 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-27 10:10 - 2014-09-27 10:10 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-27 10:10 - 2014-09-27 10:10 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-27 10:10 - 2014-09-27 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-27 10:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-27 09:57 - 2014-09-27 12:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-25 21:28 - 2014-09-26 06:40 - 00044882 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 21:26 - 2014-09-27 12:02 - 00049966 _____ () C:\Windows\PFRO.log
2014-09-25 21:26 - 2014-09-27 12:02 - 00000224 _____ () C:\Windows\setupact.log
2014-09-25 21:26 - 2014-09-25 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-25 21:08 - 2014-09-25 21:08 - 00004300 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-09-25 21:08 - 2014-09-25 21:08 - 00003476 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-09-25 21:06 - 2014-09-25 21:09 - 00000000 ____D () C:\rei
2014-09-25 21:06 - 2014-09-25 21:08 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-25 21:06 - 2014-09-25 21:08 - 00000000 ____D () C:\Program Files\Reimage
2014-09-25 21:06 - 2014-09-25 21:06 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-25 21:06 - 2014-09-25 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-25 21:05 - 2014-09-25 21:07 - 12745272 _____ (Reimage®) C:\TRANSLATE
2014-09-25 21:04 - 2014-09-25 21:09 - 00000165 _____ () C:\Windows\Reimage.ini
2014-09-25 21:04 - 2014-09-25 21:04 - 00850216 _____ (Reimage®) C:\Users\Felix_Michael\Downloads\ReimageRepair(1).exe
2014-09-25 21:03 - 2014-09-25 21:04 - 00850216 _____ (Reimage®) C:\Users\Felix_Michael\Downloads\ReimageRepair.exe
2014-09-25 20:54 - 2014-09-25 21:24 - 00001110 _____ () C:\Users\Felix_Michael\Desktop\Continue Live Installation.lnk
2014-09-25 18:39 - 2014-09-25 18:39 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\mystartsearch
2014-09-25 18:39 - 2014-09-25 18:39 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-25 18:38 - 2014-09-27 15:08 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\mbot_de_107
2014-09-25 18:38 - 2014-09-27 12:02 - 00000440 _____ () C:\Windows\Tasks\SpeedChecker Update.job
2014-09-25 18:38 - 2014-09-25 18:38 - 00003104 _____ () C:\Windows\System32\Tasks\SpeedChecker Update
2014-09-25 18:38 - 2014-09-25 18:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Program Files (x86)\ver5SpeedChecker
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Program Files (x86)\mbot_de_107
2014-09-25 18:37 - 2014-09-25 18:37 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-25 18:36 - 2014-09-27 09:55 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\StormWatch
2014-09-25 18:36 - 2014-09-25 18:36 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
2014-09-25 18:05 - 2014-09-25 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 06:05 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 06:05 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Users\Felix_Michael\Documents\Hanschke-Claudia
2014-09-10 07:06 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 07:06 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 07:06 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 07:06 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 07:06 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 07:06 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 07:06 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 07:06 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 07:06 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 07:06 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 07:06 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 07:06 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 07:06 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 07:06 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 07:06 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 07:06 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 07:06 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 07:06 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 07:06 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 07:06 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 07:06 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 07:06 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 07:06 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 07:06 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 07:06 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 07:06 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 07:06 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 07:06 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 07:06 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 07:06 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 07:06 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 07:06 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 07:06 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 07:06 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 07:06 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 07:06 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 07:06 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 07:06 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 07:06 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 07:06 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 07:06 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 07:06 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 07:06 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 07:06 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 07:06 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 07:06 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 07:06 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 07:06 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 07:06 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 07:06 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 07:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 07:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 06:28 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 06:28 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 06:24 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 06:24 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 06:24 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 06:24 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 06:24 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 06:24 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 06:24 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 06:24 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 06:24 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-06 17:55 - 2014-09-06 17:55 - 00783980 _____ () C:\Users\Felix_Michael\Downloads\TTB-Weber_Tradevorstellung-04092014.xlsm
2014-09-05 05:59 - 2014-09-05 05:59 - 00619375 _____ () C:\Users\Felix_Michael\Downloads\Laufende Trades.xlsm
2014-08-28 20:14 - 2014-08-28 20:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Motousbnet_01009.Wdf
2014-08-28 20:14 - 2014-08-28 20:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motfilt_01009.Wdf
2014-08-28 20:13 - 2014-08-28 20:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motusbdevice_01009.Wdf
2014-08-28 20:13 - 2014-08-28 20:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-08-28 06:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 16:43 - 2014-08-05 17:15 - 00000610 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000.job
2014-09-27 16:41 - 2013-03-27 18:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-27 16:41 - 2013-03-25 09:25 - 00000000 ____D () C:\Users\Felix_Michael
2014-09-27 16:21 - 2013-03-25 10:38 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-27 16:15 - 2013-05-05 18:15 - 00000308 _____ () C:\Windows\Tasks\DSite.job
2014-09-27 15:21 - 2013-12-08 16:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-27 13:35 - 2014-08-05 17:15 - 00003662 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000
2014-09-27 13:13 - 2013-03-25 09:25 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\VirtualStore
2014-09-27 12:09 - 2009-07-14 06:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 12:09 - 2009-07-14 06:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 12:03 - 2014-05-24 21:43 - 00000000 ____D () C:\Users\Felix_Michael\.gstreamer-0.10
2014-09-27 12:03 - 2014-05-24 21:39 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\MotoCast
2014-09-27 12:03 - 2013-05-04 18:14 - 00060780 _____ () C:\ProgramData\lxeascan.log
2014-09-27 12:02 - 2013-03-25 11:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-27 12:02 - 2013-03-25 11:13 - 00000000 ____D () C:\temp
2014-09-27 12:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 11:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 10:59 - 2013-07-27 16:04 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-09-27 10:59 - 2013-06-18 01:44 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Systweak
2014-09-27 10:57 - 2013-05-05 18:15 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-27 10:30 - 2013-07-27 13:33 - 00000094 _____ () C:\Users\Felix_Michael\AppData\Roaming\WB.CFG
2014-09-27 09:59 - 2013-04-03 16:23 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DBACCF5-4CA7-4BF1-A007-9F8D0D34760F}
2014-09-25 21:26 - 2013-05-19 06:32 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Wise Care 365
2014-09-25 21:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-25 21:22 - 2013-10-24 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AgenaTrader
2014-09-25 21:22 - 2013-03-25 14:48 - 00000000 ____D () C:\Windows\Minidump
2014-09-25 21:19 - 2013-07-27 16:05 - 00004140 _____ () C:\Windows\System32\Tasks\FreeDriverScout
2014-09-25 20:52 - 2014-04-27 14:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 18:39 - 2014-04-27 14:27 - 00001365 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-25 18:39 - 2014-04-27 14:27 - 00001353 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-25 18:39 - 2013-03-27 22:26 - 00002047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-25 18:39 - 2013-03-27 20:12 - 00001639 _____ () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-25 18:39 - 2013-03-25 10:38 - 00002377 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 18:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-25 18:36 - 2013-04-13 17:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 06:41 - 2013-03-27 18:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 06:41 - 2013-03-27 18:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 06:41 - 2013-03-25 10:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 06:32 - 2013-05-04 18:16 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-20 15:43 - 2014-02-09 11:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-20 13:21 - 2013-05-05 18:25 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\CUSTPDF Writer
2014-09-18 21:38 - 2013-04-19 06:33 - 00000000 ____D () C:\Users\Felix_Michael\Documents\Michael_130419
2014-09-12 04:12 - 2013-07-27 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 04:11 - 2014-08-06 12:16 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-12 04:11 - 2014-08-01 05:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 04:11 - 2014-08-01 05:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-10 07:05 - 2013-10-06 16:22 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 07:05 - 2013-08-18 22:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 07:05 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-10 07:05 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-10 07:05 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 07:01 - 2013-03-27 19:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 07:00 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-03 12:38 - 2013-05-04 22:13 - 00001407 _____ () C:\ProgramData\lxeaDiagnostics.log
2014-08-28 18:17 - 2009-07-14 06:45 - 00437440 _____ () C:\Windows\system32\FNTCACHE.DAT

Files to move or delete:
====================
C:\Users\Felix_Michael\CTX.DAT
C:\Users\Felix_Michael\setup.exe
C:\Users\Public\AlexaNSISPlugin.5928.dll


Some content of TEMP:
====================
C:\Users\Felix_Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Felix_Michael\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 10:50

==================== End Of Log ============================

 

Addition.txt.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014
Ran by Felix_Michael at 2014-09-27 16:43:13
Running from C:\Users\Felix_Michael\FArbar
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{A00CC809-7137-B31B-D13D-401DA7BD962F}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock 3TB+ Unlocker v1.0 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version:  - ASRock Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 3.0 - Abelssoft)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.109 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.109 - Etron Technology) Hidden
EXPERTool v8.5 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.5.0.1 - Gainward Co. Ltd.)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Free Driver Scout (HKLM-x32\...\{f1bb882c-f066-4399-8b97-7ca5b7030774}) (Version: 1.0.0.127 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.127 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.4.3.1767 (HKCU\...\GoToMeeting) (Version: 6.4.3.1767 - CitrixOnline)
HomeTab 3.7 (HKLM-x32\...\{3a4935b3-b7a0-4065-8ccc-0030471b33f1}_is1) (Version: 3.7 - HomeTab) <==== ATTENTION
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
InovisionViewer (HKLM-x32\...\InovisionViewer) (Version:  - NEXUS_INOVIT_GmbH)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.294 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.294 - LogMeIn, Inc.) Hidden
MetaTrader - Alpari UK (HKLM-x32\...\MetaTrader - Alpari UK) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyBestOffersToday 014.107 (HKLM-x32\...\mbot_de_107_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
Nero 2014 (HKLM-x32\...\{4AD31A53-7852-4D98-86F3-156B34B49F40}) (Version: 15.0.03400 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20051 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.22900 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12010 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Info (x32 Version: 15.1.0023 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.10000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.20.8300 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Packages (HKCU\...\Nero Packages) (Version:  - ) <==== ATTENTION
Nero PiP Effects 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.14000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 12.0.11700 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15003 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.15000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Netzwerkaufzeichnungs-Player (HKLM-x32\...\{CC5BDE4C-A0D2-4DE0-ACB9-1D5CB019C9CF}) (Version: 28.12.2.17378 - Cisco WebEx LLC)
NVIDIA 3D Vision Controller-Treiber 305.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.57 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PDF Creator (HKLM\...\PDF Creator) (Version:  - )
Plants Vs Zombies: Game of the Year Edition (HKLM-x32\...\Plants Vs Zombies: Game of the Year Edition) (Version: 1.2.0.1073 - Pogo.com)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.6.6 - Reimage)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SpeedChecker (HKLM-x32\...\3813DB38-E2C8-B894-98D8-F5C7E9B734FF) (Version:  - SpeedChecker-software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StormWatch (HKCU\...\StormWatch) (Version: 1.0.1.10 - StormWatch)
streamWriter (HKLM-x32\...\streamWriter_is1) (Version:  - )
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.5 - Synthesia LLC)
Tradesignal Online Chart (HKLM-x32\...\{3FB043FD-4C4C-4E99-8678-BA00A465C3F8}) (Version: 7.3.0.15 - Tradesignal GmbH)
Update for PDF Creator (HKCU\...\DSite) (Version:  - ) <==== ATTENTION
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wise Care 365 version 2.45 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.45 - WiseCleaner.com, Inc.)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.30 - ASRock Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4220798184-1966174994-1977611950-1000_Classes\CLSID\{766956A0-FE17-42E6-AB17-0D1F8617D4A2}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4220798184-1966174994-1977611950-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

05-09-2014 03:20:01 Geplanter Prüfpunkt
10-09-2014 05:00:34 Windows Update
18-09-2014 16:40:09 Geplanter Prüfpunkt
24-09-2014 04:37:41 Windows Update
25-09-2014 19:24:56 Created by Wise Care 365
25-09-2014 19:25:14 Created by Wise Care 365
27-09-2014 11:08:07 Säuberung (Spybot - Search & Destroy 2.4, Administratorrechte)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {060F20C9-271B-49B2-8D0E-5D1298DAE22D} - System32\Tasks\DSite => C:\Users\Felix_Michael\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-05-05] () <==== ATTENTION
Task: {0B97F5FD-3522-453A-9E77-159FF3E941FD} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {126E49C7-840F-4031-A378-5CA09DD9E4E7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {149166E7-F252-4304-A04B-21F92E32C788} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-08-16] (Nero AG)
Task: {21012682-E848-4745-A45E-D278D2E45B24} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {395A1625-EB92-45CE-B51A-D7C39EF2C484} - System32\Tasks\{CBF0263F-3708-47C5-ADE1-8B33D191F2B9} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {552B73D2-C734-4868-94B6-C7EB07A3E890} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: {55C51841-8139-4219-874F-77730F67245C} - System32\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000 => C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1767\g2mupdate.exe [2014-09-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {57A7FA00-F4F3-4E5F-90D8-69CF7F6625DB} - System32\Tasks\EPUpdater => C:\Users\FELIX_~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {61AD8405-32CD-4114-8F6D-D7388B8243D9} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6739AF9E-9B80-4152-94EC-9313CDA99487} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-07-05] ()
Task: {6E1F184F-9267-4390-81E5-E20E6323A845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: {7AFC1D25-15DF-431A-A41A-D3779B62ED55} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7F292922-EEF2-4B55-B8DC-230023EFD0E1} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {81145827-B88B-4125-82E5-F35E68D7CEFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {82E3AFA1-A1A6-4344-8CE7-B4E9AF05D1E2} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {89C7E19F-0A21-4785-9775-C0D37BEA184B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {985BC9E5-153D-4BC7-BFEA-7537E78E517C} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-07-27] ()
Task: {9F08CFAF-3D4D-4511-813F-1E023479EACA} - System32\Tasks\SpeedChecker Update => C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe [2014-09-25] ()
Task: {A8E0392E-3F03-4A1E-B73C-74AE38934730} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {B313AF3F-4E8C-473E-B45F-8ADE67C3BAEF} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2014-07-28] (Reimage®)
Task: {BCADB347-9A25-4A8C-9E4A-28C94E23A895} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {D3AC1F40-B2FB-4ACD-B357-C5096D9EC370} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {D9D2DBC1-5EAA-4E91-8EF2-7F19003B68F2} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {EBC795C3-E27A-45B2-89E2-9C10FC549574} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {EC5C87D8-0E66-4390-96D8-18D8738E2427} - System32\Tasks\{A1472292-76AB-4411-B743-B64C2A341C1F} => c:\program files (x86)\opera\opera.exe [2013-07-08] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\FELIX_~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000.job => C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1767\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedChecker Update.job => C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe

==================== Loaded Modules (whitelisted) =============

2013-03-25 11:13 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-05 18:15 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2013-05-04 18:14 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-09-25 18:38 - 2014-09-25 18:38 - 00262144 _____ () C:\Program Files (x86)\ver5SpeedChecker\E5z.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00745984 _____ () C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe
2014-03-23 14:18 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-25 18:38 - 2014-09-25 18:38 - 00330752 _____ () C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00553472 _____ () C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe
2014-09-25 18:38 - 2014-09-25 12:26 - 03303928 _____ () C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe
2013-05-04 18:14 - 2013-01-23 13:43 - 00150264 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
2014-08-13 20:19 - 2014-08-13 20:19 - 01140760 _____ () C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
2014-09-25 18:38 - 2014-09-25 12:26 - 03971528 _____ () C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe
2013-05-04 18:14 - 2013-01-23 13:43 - 00772712 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
2012-10-19 21:46 - 2012-10-19 21:46 - 00240056 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00226816 _____ () C:\Program Files (x86)\ver5SpeedChecker\z6De179.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-10-31 17:05 - 2013-10-31 17:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-09-27 10:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-27 10:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-27 10:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-27 10:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-27 10:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-25 17:41 - 2014-06-25 17:41 - 00612664 _____ () C:\Program Files (x86)\ver5SpeedChecker\sqlite3.dll
2013-05-04 18:14 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL
2013-05-04 18:14 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
2013-05-04 18:14 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL
2013-05-04 18:14 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL
2013-05-04 18:14 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL
2013-05-04 18:14 - 2009-06-23 06:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll
2013-05-04 18:14 - 2009-06-23 06:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
2013-05-04 18:14 - 2009-06-23 06:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll
2013-05-04 18:14 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
2013-05-04 18:14 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
2014-09-27 12:02 - 2014-09-27 12:02 - 00205824 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\WindowsAPI.dll1052913577192855270.lib
2014-09-25 21:28 - 2014-09-25 21:28 - 00509440 _____ () C:\Users\Felix_Michael\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
2014-09-27 12:03 - 2014-09-27 12:03 - 00314368 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\WindowsFolderWatcher.dll5084226808732937023.lib
2014-09-27 12:03 - 2014-09-27 12:03 - 00160256 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\ZumoLocalGateway.dll1310226606946384498.lib
2014-09-25 21:27 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Felix_Michael\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-05-04 18:14 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
2013-05-04 18:14 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
2013-05-04 18:14 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll
2013-05-04 18:14 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
2013-05-04 18:13 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeasm.dll
2013-05-04 18:13 - 2009-04-28 02:56 - 00024064 _____ () C:\Windows\system32\lxeasmr.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00699392 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01396736 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00085504 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00030208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00471552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00253440 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00109568 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038400 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00048640 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00126976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038912 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00017920 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00248352 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123947 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00133120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00098304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00078848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00052224 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00041984 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00212480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00016896 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00086016 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00091136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00073216 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00026624 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00187904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00331264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00023552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01694208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00122880 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 02009600 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00033280 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00036864 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00088064 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01376256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01563136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00363008 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00531968 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00119296 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029696 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00037888 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035840 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069632 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276992 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00207872 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00047616 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00150528 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00039936 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00025088 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00132608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00190976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035328 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00054784 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00051712 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00061952 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032768 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00162304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01520128 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00050688 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00196608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00042496 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00013312 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
2014-09-25 18:05 - 2014-09-25 18:05 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-09 23:41 - 2014-09-09 23:41 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4220798184-1966174994-1977611950-500 - Administrator - Disabled)
Felix_Michael (S-1-5-21-4220798184-1966174994-1977611950-1000 - Administrator - Enabled) => C:\Users\Felix_Michael
Gast (S-1-5-21-4220798184-1966174994-1977611950-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4220798184-1966174994-1977611950-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-4220798184-1966174994-1977611950-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2014 10:51:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2014 06:30:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2da4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:58:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2fb8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:58:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2fac
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:55:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x11c8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 06:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x166c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/23/2014 07:12:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/21/2014 01:28:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/20/2014 03:42:27 PM) (Source: MsiInstaller) (EventID: 1024) (User: FELIX-SELF-PC)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (09/27/2014 00:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/27/2014 00:04:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/27/2014 00:02:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VO Service component" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎27.‎09.‎2014 um 12:01:25 unerwartet heruntergefahren.

Error: (09/27/2014 10:59:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VO Service component" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/27/2014 09:53:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/27/2014 09:53:53 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/27/2014 09:51:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (09/27/2014 10:51:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/26/2014 06:30:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2da401cfd942952f7d3cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dlle8adf627-4535-11e4-852d-bc5ff4782281

Error: (09/25/2014 08:58:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2fb801cfd8f29e2f445bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dllf036ce53-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:58:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2fac01cfd8f29e2f445bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dllef02f97d-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a204401cfd8f275f9cd96C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dlld467e8ae-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:55:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a11c801cfd8f211636398C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dll92a3aa3b-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 06:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b166c01cfd8df31f324cdC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll831ee063-44d2-11e4-87a1-bc5ff4782281

Error: (09/23/2014 07:12:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/21/2014 01:28:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/20/2014 03:42:27 PM) (Source: MsiInstaller) (EventID: 1024) (User: FELIX-SELF-PC)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-09-25 20:57:12.946
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.369
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX™-4130 Quad-Core Processor
Percentage of memory in use: 22%
Total physical RAM: 16341.18 MB
Available physical RAM: 12663.74 MB
Total Pagefile: 32680.55 MB
Available Pagefile: 28805.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:818.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6404707C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 September27

September27
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 27 September 2014 - 09:55 AM

Hello Yilmaz,  first time I forgot to deactivate my Antivir-Programme "Avira" and the Firewall. Here now ist the scan after deactivating Avira and Firewall.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014
Ran by Felix_Michael at 2014-09-27 16:50:24
Running from C:\Users\Felix_Michael\FArbar
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{A00CC809-7137-B31B-D13D-401DA7BD962F}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock 3TB+ Unlocker v1.0 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version:  - ASRock Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 3.0 - Abelssoft)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.109 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.109 - Etron Technology) Hidden
EXPERTool v8.5 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.5.0.1 - Gainward Co. Ltd.)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Free Driver Scout (HKLM-x32\...\{f1bb882c-f066-4399-8b97-7ca5b7030774}) (Version: 1.0.0.127 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.127 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.4.3.1767 (HKCU\...\GoToMeeting) (Version: 6.4.3.1767 - CitrixOnline)
HomeTab 3.7 (HKLM-x32\...\{3a4935b3-b7a0-4065-8ccc-0030471b33f1}_is1) (Version: 3.7 - HomeTab) <==== ATTENTION
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
InovisionViewer (HKLM-x32\...\InovisionViewer) (Version:  - NEXUS_INOVIT_GmbH)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.294 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.294 - LogMeIn, Inc.) Hidden
MetaTrader - Alpari UK (HKLM-x32\...\MetaTrader - Alpari UK) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyBestOffersToday 014.107 (HKLM-x32\...\mbot_de_107_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
Nero 2014 (HKLM-x32\...\{4AD31A53-7852-4D98-86F3-156B34B49F40}) (Version: 15.0.03400 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20051 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.22900 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12010 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.24000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Info (x32 Version: 15.1.0023 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.10000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.20.8300 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Packages (HKCU\...\Nero Packages) (Version:  - ) <==== ATTENTION
Nero PiP Effects 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.14000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 12.0.11700 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15003 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.15000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Netzwerkaufzeichnungs-Player (HKLM-x32\...\{CC5BDE4C-A0D2-4DE0-ACB9-1D5CB019C9CF}) (Version: 28.12.2.17378 - Cisco WebEx LLC)
NVIDIA 3D Vision Controller-Treiber 305.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.57 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PDF Creator (HKLM\...\PDF Creator) (Version:  - )
Plants Vs Zombies: Game of the Year Edition (HKLM-x32\...\Plants Vs Zombies: Game of the Year Edition) (Version: 1.2.0.1073 - Pogo.com)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.6.6 - Reimage)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SpeedChecker (HKLM-x32\...\3813DB38-E2C8-B894-98D8-F5C7E9B734FF) (Version:  - SpeedChecker-software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StormWatch (HKCU\...\StormWatch) (Version: 1.0.1.10 - StormWatch)
streamWriter (HKLM-x32\...\streamWriter_is1) (Version:  - )
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.5 - Synthesia LLC)
Tradesignal Online Chart (HKLM-x32\...\{3FB043FD-4C4C-4E99-8678-BA00A465C3F8}) (Version: 7.3.0.15 - Tradesignal GmbH)
Update for PDF Creator (HKCU\...\DSite) (Version:  - ) <==== ATTENTION
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wise Care 365 version 2.45 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.45 - WiseCleaner.com, Inc.)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.30 - ASRock Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4220798184-1966174994-1977611950-1000_Classes\CLSID\{766956A0-FE17-42E6-AB17-0D1F8617D4A2}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4220798184-1966174994-1977611950-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

05-09-2014 03:20:01 Geplanter Prüfpunkt
10-09-2014 05:00:34 Windows Update
18-09-2014 16:40:09 Geplanter Prüfpunkt
24-09-2014 04:37:41 Windows Update
25-09-2014 19:24:56 Created by Wise Care 365
25-09-2014 19:25:14 Created by Wise Care 365
27-09-2014 11:08:07 Säuberung (Spybot - Search & Destroy 2.4, Administratorrechte)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {060F20C9-271B-49B2-8D0E-5D1298DAE22D} - System32\Tasks\DSite => C:\Users\Felix_Michael\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-05-05] () <==== ATTENTION
Task: {0B97F5FD-3522-453A-9E77-159FF3E941FD} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {126E49C7-840F-4031-A378-5CA09DD9E4E7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {149166E7-F252-4304-A04B-21F92E32C788} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-08-16] (Nero AG)
Task: {21012682-E848-4745-A45E-D278D2E45B24} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {395A1625-EB92-45CE-B51A-D7C39EF2C484} - System32\Tasks\{CBF0263F-3708-47C5-ADE1-8B33D191F2B9} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {552B73D2-C734-4868-94B6-C7EB07A3E890} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: {55C51841-8139-4219-874F-77730F67245C} - System32\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000 => C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1767\g2mupdate.exe [2014-09-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {57A7FA00-F4F3-4E5F-90D8-69CF7F6625DB} - System32\Tasks\EPUpdater => C:\Users\FELIX_~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {61AD8405-32CD-4114-8F6D-D7388B8243D9} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6739AF9E-9B80-4152-94EC-9313CDA99487} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-07-05] ()
Task: {6E1F184F-9267-4390-81E5-E20E6323A845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: {7AFC1D25-15DF-431A-A41A-D3779B62ED55} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7F292922-EEF2-4B55-B8DC-230023EFD0E1} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {81145827-B88B-4125-82E5-F35E68D7CEFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {82E3AFA1-A1A6-4344-8CE7-B4E9AF05D1E2} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {89C7E19F-0A21-4785-9775-C0D37BEA184B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {985BC9E5-153D-4BC7-BFEA-7537E78E517C} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-07-27] ()
Task: {9F08CFAF-3D4D-4511-813F-1E023479EACA} - System32\Tasks\SpeedChecker Update => C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe [2014-09-25] ()
Task: {A8E0392E-3F03-4A1E-B73C-74AE38934730} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {B313AF3F-4E8C-473E-B45F-8ADE67C3BAEF} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2014-07-28] (Reimage®)
Task: {BCADB347-9A25-4A8C-9E4A-28C94E23A895} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {D3AC1F40-B2FB-4ACD-B357-C5096D9EC370} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {D9D2DBC1-5EAA-4E91-8EF2-7F19003B68F2} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {EBC795C3-E27A-45B2-89E2-9C10FC549574} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {EC5C87D8-0E66-4390-96D8-18D8738E2427} - System32\Tasks\{A1472292-76AB-4411-B743-B64C2A341C1F} => c:\program files (x86)\opera\opera.exe [2013-07-08] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\FELIX_~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000.job => C:\Users\Felix_Michael\AppData\Local\Citrix\GoToMeeting\1767\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedChecker Update.job => C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe

==================== Loaded Modules (whitelisted) =============

2013-03-25 11:13 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-05 18:15 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2013-05-04 18:14 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-09-25 18:38 - 2014-09-25 18:38 - 00262144 _____ () C:\Program Files (x86)\ver5SpeedChecker\E5z.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00745984 _____ () C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe
2014-03-23 14:18 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-25 18:38 - 2014-09-25 18:38 - 00330752 _____ () C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00553472 _____ () C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe
2014-09-25 18:38 - 2014-09-25 12:26 - 03303928 _____ () C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe
2013-05-04 18:14 - 2013-01-23 13:43 - 00150264 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
2014-08-13 20:19 - 2014-08-13 20:19 - 01140760 _____ () C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
2014-09-25 18:38 - 2014-09-25 12:26 - 03971528 _____ () C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe
2013-05-04 18:14 - 2013-01-23 13:43 - 00772712 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
2012-10-19 21:46 - 2012-10-19 21:46 - 00240056 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
2014-09-25 18:38 - 2014-09-25 18:38 - 00226816 _____ () C:\Program Files (x86)\ver5SpeedChecker\z6De179.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-10-31 17:05 - 2013-10-31 17:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-09-27 10:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-27 10:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-27 10:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-27 10:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-27 10:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-25 17:41 - 2014-06-25 17:41 - 00612664 _____ () C:\Program Files (x86)\ver5SpeedChecker\sqlite3.dll
2013-05-04 18:14 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL
2013-05-04 18:14 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
2013-05-04 18:14 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL
2013-05-04 18:14 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL
2013-05-04 18:14 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL
2013-05-04 18:14 - 2009-06-23 06:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll
2013-05-04 18:14 - 2009-06-23 06:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
2013-05-04 18:14 - 2009-06-23 06:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll
2013-05-04 18:14 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
2013-05-04 18:14 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
2014-09-27 12:02 - 2014-09-27 12:02 - 00205824 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\WindowsAPI.dll1052913577192855270.lib
2014-09-25 21:28 - 2014-09-25 21:28 - 00509440 _____ () C:\Users\Felix_Michael\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
2014-09-27 12:03 - 2014-09-27 12:03 - 00314368 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\WindowsFolderWatcher.dll5084226808732937023.lib
2014-09-27 12:03 - 2014-09-27 12:03 - 00160256 ____N () C:\Users\Felix_Michael\AppData\Local\Temp\ZumoLocalGateway.dll1310226606946384498.lib
2014-09-25 21:27 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Felix_Michael\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-05-04 18:14 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
2013-05-04 18:14 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
2013-05-04 18:14 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll
2013-05-04 18:14 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
2013-05-04 18:13 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeasm.dll
2013-05-04 18:13 - 2009-04-28 02:56 - 00024064 _____ () C:\Windows\system32\lxeasmr.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00699392 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01396736 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00085504 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00030208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00471552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00253440 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00109568 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038400 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00048640 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00126976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038912 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00017920 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00248352 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123947 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00133120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00098304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00078848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00052224 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00041984 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00212480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00016896 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00086016 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00091136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00073216 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00026624 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00187904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00331264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00023552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01694208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00122880 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 02009600 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00033280 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00036864 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00088064 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01376256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01563136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00363008 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00531968 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00119296 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029696 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00037888 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035840 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069632 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276992 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00207872 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00047616 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00150528 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00039936 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00025088 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00132608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00190976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035328 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00054784 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00051712 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00061952 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032768 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00162304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01520128 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00050688 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00196608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00042496 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00013312 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
2014-09-25 18:05 - 2014-09-25 18:05 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-09 23:41 - 2014-09-09 23:41 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4220798184-1966174994-1977611950-500 - Administrator - Disabled)
Felix_Michael (S-1-5-21-4220798184-1966174994-1977611950-1000 - Administrator - Enabled) => C:\Users\Felix_Michael
Gast (S-1-5-21-4220798184-1966174994-1977611950-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4220798184-1966174994-1977611950-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-4220798184-1966174994-1977611950-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2014 10:51:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2014 06:30:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2da4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:58:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2fb8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:58:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2fac
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 08:55:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: HomeTab.dll, Version: 3.7.0.0, Zeitstempel: 0x51d03e49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015c7a
ID des fehlerhaften Prozesses: 0x11c8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/25/2014 06:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x166c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/23/2014 07:12:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/21/2014 01:28:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/20/2014 03:42:27 PM) (Source: MsiInstaller) (EventID: 1024) (User: FELIX-SELF-PC)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (09/27/2014 00:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/27/2014 00:04:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/27/2014 00:02:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VO Service component" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 00:02:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎27.‎09.‎2014 um 12:01:25 unerwartet heruntergefahren.

Error: (09/27/2014 10:59:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VO Service component" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/27/2014 09:53:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/27/2014 09:53:53 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/27/2014 09:51:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (09/27/2014 10:51:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/26/2014 06:30:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2da401cfd942952f7d3cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dlle8adf627-4535-11e4-852d-bc5ff4782281

Error: (09/25/2014 08:58:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2fb801cfd8f29e2f445bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dllf036ce53-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:58:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a2fac01cfd8f29e2f445bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dllef02f97d-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a204401cfd8f275f9cd96C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dlld467e8ae-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 08:55:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acHomeTab.dll3.7.0.051d03e49c000000500015c7a11c801cfd8f211636398C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Felix_Michael\AppData\Roaming\HomeTab\HomeTab.dll92a3aa3b-44e5-11e4-8887-bc5ff4782281

Error: (09/25/2014 06:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b166c01cfd8df31f324cdC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll831ee063-44d2-11e4-87a1-bc5ff4782281

Error: (09/23/2014 07:12:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/21/2014 01:28:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/20/2014 03:42:27 PM) (Source: MsiInstaller) (EventID: 1024) (User: FELIX-SELF-PC)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-09-25 20:57:12.946
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.369
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:57:12.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX™-4130 Quad-Core Processor
Percentage of memory in use: 21%
Total physical RAM: 16341.18 MB
Available physical RAM: 12792.48 MB
Total Pagefile: 32680.55 MB
Available Pagefile: 28936.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:818.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6404707C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by Felix_Michael (administrator) on FELIX-SELF-PC on 27-09-2014 16:50:03
Running from C:\Users\Felix_Michael\FArbar
Loaded Profiles: Felix_Michael & UpdatusUser (Available profiles: Felix_Michael & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ver5SpeedChecker\E5z.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\ver5SpeedChecker\SpeedChecker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\x64\3\lxeaserv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
() C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [150264 2013-01-23] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => C:\Program Files (x86)\mbot_de_107\mbot_de_107.exe [3971528 2014-09-25] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [upmbot_de_107.exe] => C:\Users\Felix_Michael\AppData\Local\mbot_de_107\upmbot_de_107.exe [3303928 2014-09-25] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2055 2014-05-24] ()
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\MountPoints2: {43b5c243-e362-11e3-be14-bc5ff4782281} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-4220798184-1966174994-1977611950-1000\...\MountPoints2: {6f05a699-9555-11e2-9466-806e6f6e6963} - D:\CDSETUP.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-18] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Users\Felix_Michael\AppData\Local\StormWatch\StormWatchApp.exe ()
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4220798184-1966174994-1977611950-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14366;https=127.0.0.1:14366
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x24B77CE14429CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SpeedChecker -> {C94EB83D-8928-757E-64A2-A94F91D39DD2} -> C:\Program Files (x86)\ver5SpeedChecker\179_x64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SpeedChecker -> {C94EB83D-8928-757E-64A2-A94F91D39DD2} -> C:\Program Files (x86)\ver5SpeedChecker\179.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {ba696155-d96e-4281-b467-0367a0456474} -  No File
DPF: HKLM-x32 {439B6D3C-A359-4D73-8515-2AFE8CF90C08} http://www.tradesignalonline.com/charts/bin/axts5we.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Felix_Michael\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: Avira Savings Advisor - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\ciuvo-extension@avira.de [2014-08-01]
FF Extension: Fast Start - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\faststartff@gmail.com [2014-09-25]
FF Extension: YouTube Unblocker - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\youtubeunblocker@unblocker.yt [2014-09-16]
FF Extension: Tradesignal Online Chart - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2014-09-18]
FF Extension: MPEG4 Service - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{105d4532-6459-4703-ab9d-0c9d97f474aa}.xpi [2014-06-03]
FF Extension: {a5368f84-a43f-4786-b180-410ece2f73a8} - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{a5368f84-a43f-4786-b180-410ece2f73a8}.xpi [2014-05-28]
FF Extension: Adblock Plus - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-01]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\extensions\faststartff@gmail.com
FF HKCU\...\Firefox\Extensions: [{46BE1F86-357E-3BA6-AB56-FDE635626853}] - C:\Program Files (x86)\ver5SpeedChecker\179.xpi
FF Extension: SpeedChecker - C:\Program Files (x86)\ver5SpeedChecker\179.xpi [2014-09-25]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MA74BDC01-7A2A-445C-9C1E-532202940926&SearchSource=55&CUI=&UM=2&UP=SP607BE037-B9D4-4258-BBE0-EAF8C4C89CA7&SSPV="
CHR DefaultSearchKeyword: Default -> 2243C265F381BFC91C5FA7A095C4028D001A389FA0C38CA5973AB96C548FCA32
CHR DefaultSearchURL: Default -> D599F79481F4955CF094E4CC1A19BE7B6B8E555F1BF56C722593A70E4C17235C
CHR Profile: C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-09-24]
CHR Extension: (chessmail ~ Schach) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkgfhmdidjkcoflclddnmgacgeaahkk [2013-09-24]
CHR Extension: (Angry Birds) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-24]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-19]
CHR Extension: (Avira Savings Advisor) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb [2014-08-01]
CHR Extension: (Google Search) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-16]
CHR Extension: (ProxMate) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2013-11-09]
CHR Extension: (Plants vs Zombies) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-09-24]
CHR Extension: (Google Wallet) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (SpeedChecker) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbljjjibmmjckmbpaaiimpcjhanmmeb [2014-09-25]
CHR Extension: (Quick start) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [cojnmaaohncijldefpkpkkakjonfmgeb] - C:\Program Files (x86)\avira\Chrome\avira-1.5.14.crx [2013-12-11]
CHR HKLM-x32\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2013-12-11]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.mystartsearch.com/?type=sc&ts=1411663166&from=tugs&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S261024110241
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7101288 2014-07-28] (Reimage®)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpeedChecker; C:\Program Files (x86)\ver5SpeedChecker\z6De179.exe [330752 2014-09-25] () [File not signed]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-05-13] (WiseCleaner.com)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 Hamachi2Svc; F:\Hamachi\hamachi-2.exe -s [X]
S2 servervo; C:\Users\Felix_Michael\AppData\Roaming\VOPackage\VOsrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-08-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-03-25] (FNet Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2008-04-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWOW64\ZDCNDIS6a64.sys [41280 2008-04-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 cpuz134; \??\C:\Users\FELIX_~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 DfSdkS; No ImagePath
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 16:42 - 2014-09-27 16:50 - 00000000 ____D () C:\FRST
2014-09-27 16:41 - 2014-09-27 16:50 - 00000000 ____D () C:\Users\Felix_Michael\FArbar
2014-09-27 16:40 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140927-164003.backup
2014-09-27 13:24 - 2014-09-27 13:31 - 00000000 ____D () C:\Users\Felix_Michael\Programm_HijackThis
2014-09-27 12:42 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140927-124227.backup
2014-09-27 10:59 - 2014-09-27 10:59 - 00010940 _____ () C:\Windows\wininit.ini
2014-09-27 10:10 - 2014-09-27 12:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-27 10:10 - 2014-09-27 10:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-27 10:10 - 2014-09-27 10:10 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-27 10:10 - 2014-09-27 10:10 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-27 10:10 - 2014-09-27 10:10 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-27 10:10 - 2014-09-27 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-27 10:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-27 09:57 - 2014-09-27 12:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-25 21:28 - 2014-09-26 06:40 - 00044882 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 21:26 - 2014-09-27 12:02 - 00049966 _____ () C:\Windows\PFRO.log
2014-09-25 21:26 - 2014-09-27 12:02 - 00000224 _____ () C:\Windows\setupact.log
2014-09-25 21:26 - 2014-09-25 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-25 21:08 - 2014-09-25 21:08 - 00004300 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-09-25 21:08 - 2014-09-25 21:08 - 00003476 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-09-25 21:06 - 2014-09-25 21:09 - 00000000 ____D () C:\rei
2014-09-25 21:06 - 2014-09-25 21:08 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-25 21:06 - 2014-09-25 21:08 - 00000000 ____D () C:\Program Files\Reimage
2014-09-25 21:06 - 2014-09-25 21:06 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-25 21:06 - 2014-09-25 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-25 21:05 - 2014-09-25 21:07 - 12745272 _____ (Reimage®) C:\TRANSLATE
2014-09-25 21:04 - 2014-09-25 21:09 - 00000165 _____ () C:\Windows\Reimage.ini
2014-09-25 21:04 - 2014-09-25 21:04 - 00850216 _____ (Reimage®) C:\Users\Felix_Michael\Downloads\ReimageRepair(1).exe
2014-09-25 21:03 - 2014-09-25 21:04 - 00850216 _____ (Reimage®) C:\Users\Felix_Michael\Downloads\ReimageRepair.exe
2014-09-25 20:54 - 2014-09-25 21:24 - 00001110 _____ () C:\Users\Felix_Michael\Desktop\Continue Live Installation.lnk
2014-09-25 18:39 - 2014-09-25 18:39 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\mystartsearch
2014-09-25 18:39 - 2014-09-25 18:39 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-25 18:38 - 2014-09-27 15:08 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\mbot_de_107
2014-09-25 18:38 - 2014-09-27 12:02 - 00000440 _____ () C:\Windows\Tasks\SpeedChecker Update.job
2014-09-25 18:38 - 2014-09-25 18:38 - 00003104 _____ () C:\Windows\System32\Tasks\SpeedChecker Update
2014-09-25 18:38 - 2014-09-25 18:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Program Files (x86)\ver5SpeedChecker
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Program Files (x86)\mbot_de_107
2014-09-25 18:37 - 2014-09-25 18:37 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-25 18:36 - 2014-09-27 09:55 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\StormWatch
2014-09-25 18:36 - 2014-09-25 18:36 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
2014-09-25 18:05 - 2014-09-25 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 06:05 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 06:05 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Users\Felix_Michael\Documents\Hanschke-Claudia
2014-09-10 07:06 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 07:06 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 07:06 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 07:06 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 07:06 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 07:06 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 07:06 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 07:06 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 07:06 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 07:06 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 07:06 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 07:06 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 07:06 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 07:06 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 07:06 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 07:06 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 07:06 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 07:06 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 07:06 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 07:06 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 07:06 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 07:06 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 07:06 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 07:06 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 07:06 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 07:06 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 07:06 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 07:06 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 07:06 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 07:06 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 07:06 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 07:06 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 07:06 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 07:06 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 07:06 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 07:06 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 07:06 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 07:06 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 07:06 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 07:06 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 07:06 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 07:06 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 07:06 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 07:06 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 07:06 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 07:06 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 07:06 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 07:06 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 07:06 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 07:06 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 07:06 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 07:06 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 07:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 07:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 06:28 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 06:28 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 06:24 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 06:24 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 06:24 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 06:24 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 06:24 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 06:24 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 06:24 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 06:24 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 06:24 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-06 17:55 - 2014-09-06 17:55 - 00783980 _____ () C:\Users\Felix_Michael\Downloads\TTB-Weber_Tradevorstellung-04092014.xlsm
2014-09-05 05:59 - 2014-09-05 05:59 - 00619375 _____ () C:\Users\Felix_Michael\Downloads\Laufende Trades.xlsm
2014-08-28 20:14 - 2014-08-28 20:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Motousbnet_01009.Wdf
2014-08-28 20:14 - 2014-08-28 20:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motfilt_01009.Wdf
2014-08-28 20:13 - 2014-08-28 20:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motusbdevice_01009.Wdf
2014-08-28 20:13 - 2014-08-28 20:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-08-28 06:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 06:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 06:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 16:43 - 2014-08-05 17:15 - 00000610 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000.job
2014-09-27 16:41 - 2013-03-27 18:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-27 16:41 - 2013-03-25 09:25 - 00000000 ____D () C:\Users\Felix_Michael
2014-09-27 16:21 - 2013-03-25 10:38 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-27 16:15 - 2013-05-05 18:15 - 00000308 _____ () C:\Windows\Tasks\DSite.job
2014-09-27 15:21 - 2013-12-08 16:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-27 13:35 - 2014-08-05 17:15 - 00003662 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4220798184-1966174994-1977611950-1000
2014-09-27 13:13 - 2013-03-25 09:25 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\VirtualStore
2014-09-27 12:09 - 2009-07-14 06:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 12:09 - 2009-07-14 06:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 12:03 - 2014-05-24 21:43 - 00000000 ____D () C:\Users\Felix_Michael\.gstreamer-0.10
2014-09-27 12:03 - 2014-05-24 21:39 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\MotoCast
2014-09-27 12:03 - 2013-05-04 18:14 - 00060780 _____ () C:\ProgramData\lxeascan.log
2014-09-27 12:02 - 2013-03-25 11:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-27 12:02 - 2013-03-25 11:13 - 00000000 ____D () C:\temp
2014-09-27 12:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 11:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 10:59 - 2013-07-27 16:04 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-09-27 10:59 - 2013-06-18 01:44 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Systweak
2014-09-27 10:57 - 2013-05-05 18:15 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-27 10:30 - 2013-07-27 13:33 - 00000094 _____ () C:\Users\Felix_Michael\AppData\Roaming\WB.CFG
2014-09-27 09:59 - 2013-04-03 16:23 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DBACCF5-4CA7-4BF1-A007-9F8D0D34760F}
2014-09-25 21:26 - 2013-05-19 06:32 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Roaming\Wise Care 365
2014-09-25 21:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-25 21:22 - 2013-10-24 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AgenaTrader
2014-09-25 21:22 - 2013-03-25 14:48 - 00000000 ____D () C:\Windows\Minidump
2014-09-25 21:19 - 2013-07-27 16:05 - 00004140 _____ () C:\Windows\System32\Tasks\FreeDriverScout
2014-09-25 20:52 - 2014-04-27 14:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 18:39 - 2014-04-27 14:27 - 00001365 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-25 18:39 - 2014-04-27 14:27 - 00001353 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-25 18:39 - 2013-03-27 22:26 - 00002047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-25 18:39 - 2013-03-27 20:12 - 00001639 _____ () C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-25 18:39 - 2013-03-25 10:38 - 00002377 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 18:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-25 18:36 - 2013-04-13 17:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 06:41 - 2013-03-27 18:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 06:41 - 2013-03-27 18:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 06:41 - 2013-03-25 10:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 06:32 - 2013-05-04 18:16 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-20 15:43 - 2014-02-09 11:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-20 13:21 - 2013-05-05 18:25 - 00000000 ____D () C:\Users\Felix_Michael\AppData\Local\CUSTPDF Writer
2014-09-18 21:38 - 2013-04-19 06:33 - 00000000 ____D () C:\Users\Felix_Michael\Documents\Michael_130419
2014-09-12 04:12 - 2013-07-27 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 04:11 - 2014-08-06 12:16 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-12 04:11 - 2014-08-01 05:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 04:11 - 2014-08-01 05:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-10 07:05 - 2013-10-06 16:22 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 07:05 - 2013-08-18 22:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 07:05 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-10 07:05 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-10 07:05 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 07:01 - 2013-03-27 19:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 07:00 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-03 12:38 - 2013-05-04 22:13 - 00001407 _____ () C:\ProgramData\lxeaDiagnostics.log
2014-08-28 18:17 - 2009-07-14 06:45 - 00437440 _____ () C:\Windows\system32\FNTCACHE.DAT

Files to move or delete:
====================
C:\Users\Felix_Michael\CTX.DAT
C:\Users\Felix_Michael\setup.exe
C:\Users\Public\AlexaNSISPlugin.5928.dll


Some content of TEMP:
====================
C:\Users\Felix_Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Felix_Michael\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 10:50

==================== End Of Log ============================

Attached Files



#5 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:50 PM

Posted 27 September 2014 - 06:13 PM

Hello Yilmaz,  first time I forgot to deactivate my Antivir-Programme "Avira" and the Firewall. Here now ist the scan after deactivating Avira and Firewall.

 

OK. Thanks.

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

İmportant:

 

The following is referring to Ashampoo WinOptimizer and Wise Care 365
Please be aware that bleepingcomputer staff do not recommend the usage of registry cleaners / tools due to the following facts:

  • Registry tools can cause irreparable damage to your Operating System
  • Registry tools can, as a result of the above, render your pc to be inoperable.

This is done, assuming that the major audience here at this board might be inexperienced users and thus a suggested safeguard from our side. If you feel you have the need for a registry cleaner, then you are just as welcome to keep it. This is what we refer to an "optional fix" and is up to the user, so just take this as a recommendation from my side.

For more information about why you should avoid using a such programs please take a look here

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

ProxyServer: http=127.0.0.1:14366;https=127.0.0.1:14366

This proxy setting is related  with  ProxMate. Can we delete?

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Please uninstall the following via Start->(or Computer)->Control Panel->(Programs)->Programs and Features if it still exists:
Please uninstall the following applications:

 

Reimage
mystartsearch uninstall
Ashampoo WinOptimizer
Wise Care 365
PCTRunner
HomeTab
MYBESTOFFERSTODAY
Mozilla Maintenance

 

C:\Program Files\Reimage
C:\Program Files (x86)\HomeTab
C:\Program Files (x86)\PCTRunner
C:\Program Files (x86)\Mozilla Maintenance Service

 

---------------------------------------------------------------------------------------

 

Step 1:

 

FRST Script:

 

Ensure your external and/or USB drives are inserted during the scan
 

Please download this attached  txt.gif  fixlist.txt   11.05KB   0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Step 2:

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 3:

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4:

 

Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Attached Files


Edited by olgun52, 28 September 2014 - 09:24 AM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 September27

September27
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 28 September 2014 - 05:16 AM

Hello Yilmaz,

Thank you for your engaged help. It seems that I was successful in elimination the malware. Here are the log files:

1. The first step says, after pressing the fix button, that a fixlog.txt - file was missing. Did I do something wrong?

 

2. AdwCleaner-Scan:

# AdwCleaner v3.310 - Bericht erstellt am 28/09/2014 um 11:09:41
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Felix_Michael - FELIX-SELF-PC
# Gestartet von : C:\Users\Felix_Michael\Downloads\adwcleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : servervo
[#] Dienst Gelöscht : SPPD

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\iWin
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\LocalLow\HomeTab
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\0V1L2Z2Z1T1I1L1T
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\software4u
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\Extensions\faststartff@gmail.com
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\BabMaint.exe
Datei Gelöscht : C:\Users\Felix_Michael\Desktop\Continue Live Installation.lnk
Datei Gelöscht : C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : DSite
Task Gelöscht : EPUpdater
Task Gelöscht : FreeDriverScout

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA696155-D96E-4281-B467-0367A0456474}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 de)

[ Datei : C:\Users\Felix_Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rpt133xy.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v37.0.2062.124

[ Datei : C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8076 octets] - [28/09/2014 11:08:12]
AdwCleaner[S0].txt - [7116 octets] - [28/09/2014 11:09:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7176 octets] ##########

 

3. JRT-SCAN:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.3 (09.27.2014:1)
OS: Windows 7 Home Premium x64
Ran by Felix_Michael on 28.09.2014 at 11:18:42,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.09.2014 at 11:21:23,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

4.  MBAM-SCAN:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.09.2014
Scan Time: 11:29:24
Logfile: MBAM_scan-log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.28.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Felix_Michael

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347668
Time Elapsed: 7 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [ce3452a1a5d67abc2fb0cbb0d33140c0],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [ba48c42f700b88ae4a941b6062a2f60a],
PUP.Optional.MyOSProtect.A, HKLM\SOFTWARE\WOW6432NODE\PCTRunner, Quarantined, [13ef985babd03df9eb488a830af956aa],
PUP.Optional.MyOSProtect.A, HKU\S-1-5-21-4220798184-1966174994-1977611950-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PCTRunner, Delete-on-Reboot, [0af8b73c1368a096250fa8650ff4926e],
PUP.Optional.FastStart.A, HKU\S-1-5-21-4220798184-1966174994-1977611950-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Delete-on-Reboot, [8979c62d43380135c5a8ea24ad56e917],

Registry Values: 2
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_107, Quarantined, [be44bf344d2ee551de0b27eb04ffdc24],
PUP.Optional.FastStart.A, HKU\S-1-5-21-4220798184-1966174994-1977611950-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Delete-on-Reboot, [8979c62d43380135c5a8ea24ad56e917]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 7
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-4220798184-1966174994-1977611950-1000\$RKG3XHZ.exe, Quarantined, [d82ad91aa5d6c96d3dac79b87a87ed13],
PUP.Optional.Searchprotect, C:\$Recycle.Bin\S-1-5-21-4220798184-1966174994-1977611950-1000\$RAAV6ML.exe, Quarantined, [19e9b04393e81224c7a21419fb0630d0],
PUP.Optional.Vittalia, C:\Users\Felix_Michael\Downloads\installer_nero_Deutsch.exe, Quarantined, [8b77ef04205b83b3df1fe6d4b05110f0],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, Quarantined, [db2713e0394233037ad0c5d9629f7e82],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [0cf68073adce42f47e644635897b7789],
PUP.Optional.ReMarkable.A, C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [ee14f8fbf18acd696d624b3110f4be42],
PUP.Optional.ReMarkable.A, C:\Users\Felix_Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Quarantined, [9969c0336912ad8928a7126a20e4c838],

Physical Sectors: 0
(No malicious items detected)


(end)



#7 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:50 PM

Posted 28 September 2014 - 09:32 AM

Hello Yilmaz,

Thank you for your engaged help. It seems that I was successful in elimination the malware. Here are the log files:

1. The first step says, after pressing the fix button, that a fixlog.txt - file was missing. Did I do something wrong?

 

I am sorry. The fault is My. But it was fixed. Please re-run step1 fixlist. Sorry again.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#8 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:50 PM

Posted 30 September 2014 - 06:03 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:50 PM

Posted 03 October 2014 - 02:26 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users