was ist Compatibilitycheck.exe und warum öffnet es sich 10 mal?

KhaosKnight · 18.01.2015, 18:52

Hallo,
Ich hätte eine frage warum öffnet sich immer Compatibilitycheck über 10x in meinem task manager und was ist das überhaupt ich höre dadurch immer werbung obwohl ich mein browser nicht offen habe und mein pc wird immer langsamer könnte mir vielleicht jemand helfen?

Danke im vorraus.

schrauber · 18.01.2015, 18:55

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

KhaosKnight · 18.01.2015, 19:11

So hier sind die txt's

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015 01
Ran by Yusuf (administrator) on YUSUF-PC on 18-01-2015 19:00:14
Running from C:\Users\Yusuf\Downloads
Loaded Profiles: Yusuf & UpdatusUser (Available profiles: Yusuf & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\004\rqpbhevlkc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
() C:\Windows\Temp\db23.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\Temp\db23.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamSpeak Systems GmbH) C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-248453525-2652161971-1904461991-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-248453525-2652161971-1904461991-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-17] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Yusuf\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-248453525-2652161971-1904461991-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-248453525-2652161971-1904461991-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-248453525-2652161971-1904461991-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-248453525-2652161971-1904461991-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=MB92CC9EE-F547-43A0-936E-A2E0F76EC644&SearchSource=58&CUI=&UM=6&UP=SPDF9EDF90-F618-43C0-B221-21C6C299AC1B&q={searchTerms}&SSPV=
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-248453525-2652161971-1904461991-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.9 195.234.128.16

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @pmang.com/npPMangFX -> C:\Windows\system32\npPMangFX-x86.DLL No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-16]
CHR Extension: (Google Drive) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (YouTube) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-16]
CHR Extension: (Adblock Plus) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-30]
CHR Extension: (Google-Suche) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-16]
CHR Extension: (Google Wallet) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-16]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-01-18]
CHR Extension: (Google Mail) - C:\Users\Yusuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-16]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - No Path
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2015-01-01] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 rqpbhevlkc64; C:\Program Files\004\rqpbhevlkc64.exe [709120 2014-08-13] () [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-18] (Enigma Software Group USA, LLC.)
R4 Verifies and fixes application compatibility issues; C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [91304 2015-01-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-25] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 19:00 - 2015-01-18 19:02 - 00015435 _____ () C:\Users\Yusuf\Downloads\FRST.txt
2015-01-18 18:59 - 2015-01-18 19:00 - 00000000 ____D () C:\FRST
2015-01-18 18:58 - 2015-01-18 18:59 - 02126848 _____ (Farbar) C:\Users\Yusuf\Downloads\FRST64.exe
2015-01-18 18:43 - 2015-01-18 18:43 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Yusuf\Downloads\SpyHunter-Installer (2).exe
2015-01-18 18:40 - 2015-01-18 18:41 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Yusuf\Downloads\SpyHunter-Installer (1).exe
2015-01-18 17:39 - 2015-01-18 17:39 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-01-18 17:39 - 2015-01-18 17:39 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-01-18 17:38 - 2015-01-18 17:39 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-01-18 17:38 - 2015-01-18 17:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-01-18 17:35 - 2015-01-18 17:38 - 14107296 _____ (Microsoft Corporation) C:\Users\Yusuf\Downloads\mseinstall (1).exe
2015-01-18 17:35 - 2015-01-18 17:37 - 14107296 _____ (Microsoft Corporation) C:\Users\Yusuf\Downloads\mseinstall.exe
2015-01-18 17:31 - 2015-01-18 17:31 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-01-18 17:31 - 2015-01-18 17:31 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Enigma Software Group
2015-01-18 17:31 - 2015-01-18 17:31 - 00000000 _____ () C:\autoexec.bat
2015-01-18 17:30 - 2015-01-18 17:30 - 00000000 ____D () C:\sh4ldr
2015-01-18 17:26 - 2015-01-18 17:26 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-18 17:26 - 2015-01-18 17:26 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-18 17:25 - 2015-01-18 17:25 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Yusuf\Downloads\SpyHunter-Installer.exe
2015-01-17 13:48 - 2015-01-17 13:48 - 00017307 _____ () C:\Users\Yusuf\Downloads\Download (2).htm
2015-01-16 14:26 - 2015-01-16 14:26 - 00125971 _____ () C:\Users\Yusuf\Downloads\Index (1).php
2015-01-16 13:04 - 2015-01-16 13:04 - 00004136 _____ () C:\Users\Yusuf\Downloads\vote-mmt2 (1).htm
2015-01-15 15:56 - 2015-01-18 19:01 - 00000112 _____ () C:\ProgramData\yNCBiUHk.dat
2015-01-15 15:42 - 2015-01-18 17:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-15 15:42 - 2015-01-18 17:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-14 16:00 - 2015-01-14 16:00 - 00184113 _____ () C:\Users\Yusuf\Downloads\watch (11).htm
2015-01-14 15:58 - 2015-01-14 15:58 - 00182365 _____ () C:\Users\Yusuf\Downloads\watch (10).htm
2015-01-14 15:07 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:03 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:03 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:03 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:03 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:03 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 15:01 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:01 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:01 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:01 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:01 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:01 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:01 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:00 - 2015-01-14 15:01 - 00003957 _____ () C:\Users\Yusuf\Downloads\vote-mmt2.htm
2015-01-14 14:58 - 2015-01-14 14:59 - 00015246 _____ () C:\Users\Yusuf\Downloads\Download (1).htm
2015-01-13 19:52 - 2015-01-13 19:52 - 00010099 _____ () C:\Users\Yusuf\Downloads\index.htm
2015-01-13 17:06 - 2015-01-18 17:06 - 00000000 ____D () C:\Users\Yusuf\Desktop\MoonMt2_Dezember
2015-01-12 16:45 - 2015-01-12 16:57 - 00015025 _____ () C:\Users\Yusuf\Downloads\Le Zeichen
2015-01-10 17:13 - 2015-01-10 17:15 - 850904486 _____ () C:\Users\Yusuf\Downloads\JuicyMT2 Newschool-Client (PvP-Fun) (8.11.2014).rar
2015-01-10 17:11 - 2015-01-10 17:23 - 02705209 _____ () C:\Users\Yusuf\Downloads\32Bit Injector.zip
2015-01-10 15:34 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-10 15:34 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-10 15:34 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-10 15:33 - 2015-01-18 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-01-10 15:33 - 2015-01-10 15:33 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2015-01-10 15:30 - 2015-01-10 15:31 - 30668968 _____ (Riot Games) C:\Users\Yusuf\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-01-09 13:31 - 2015-01-13 13:50 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-09 13:31 - 2015-01-09 13:31 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2015-01-08 17:47 - 2015-01-18 17:11 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier
2015-01-07 16:54 - 2015-01-07 16:55 - 1299722770 _____ () C:\Users\Yusuf\Downloads\MoonMt2_Dezember (1).rar
2015-01-06 18:11 - 2015-01-06 18:11 - 00000470 _____ () C:\Users\Yusuf\Downloads\url (6).htm
2015-01-06 13:52 - 2015-01-06 13:54 - 00000000 ____D () C:\Windows\SysWOW64\Resources
2015-01-06 13:52 - 2015-01-06 13:52 - 07933440 _____ () C:\Windows\SysWOW64\M2Bob_Dll.dll
2015-01-06 13:52 - 2015-01-06 13:52 - 05363712 _____ () C:\Windows\SysWOW64\M2Bob.exe
2015-01-05 21:51 - 2015-01-05 21:51 - 12473960 _____ () C:\Users\Yusuf\Downloads\M2Bob - Version 4.0.1_install (1).exe
2015-01-05 21:46 - 2015-01-06 13:51 - 00000000 ____D () C:\Users\Yusuf\Downloads\M2Bob - Version 4.0.1
2015-01-05 21:45 - 2015-01-05 21:45 - 12473960 _____ () C:\Users\Yusuf\Downloads\M2Bob - Version 4.0.1_install.exe
2015-01-05 16:17 - 2015-01-05 16:17 - 1299722770 _____ () C:\Users\Yusuf\Downloads\MoonMt2_Dezember.rar
2015-01-03 19:53 - 2015-01-03 19:53 - 00000632 _____ () C:\Users\Yusuf\Downloads\1382712707.bmp
2015-01-03 18:25 - 2015-01-03 18:25 - 00364180 _____ () C:\Users\Yusuf\Downloads\SilphiiTv.htm
2015-01-02 18:20 - 2015-01-18 17:06 - 00000000 ____D () C:\Users\Yusuf\Desktop\Kertania2
2015-01-02 18:16 - 2015-01-02 18:18 - 1256450081 _____ () C:\Users\Yusuf\Downloads\Kertania2.rar
2015-01-01 23:47 - 2015-01-09 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manic Digger
2015-01-01 23:46 - 2015-01-01 23:46 - 03489552 _____ ( ) C:\Users\Yusuf\Downloads\ManicDigger2014-08-05Setup.exe
2015-01-01 23:44 - 2015-01-09 13:27 - 00000000 ____D () C:\Manic Digger
2015-01-01 23:43 - 2015-01-01 23:43 - 03489552 _____ ( ) C:\Users\Yusuf\Downloads\manic-digger-2014-08-05-en-win.exe
2015-01-01 21:48 - 2015-01-01 21:48 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\.mono
2015-01-01 21:46 - 2015-01-01 21:44 - 00182304 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-01-01 16:05 - 2015-01-01 16:05 - 00000000 ____D () C:\Users\Yusuf\Documents\Splashtop Whiteboard
2015-01-01 16:05 - 2015-01-01 16:05 - 00000000 ____D () C:\Users\Yusuf\Documents\Splashtop Presenter
2014-12-30 18:19 - 2014-12-30 18:19 - 00000282 _____ () C:\SSUUpdater.log
2014-12-30 18:02 - 2014-12-30 18:02 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\Splashtop
2014-12-30 18:00 - 2015-01-01 16:05 - 00000000 ____D () C:\Program Files (x86)\Splashtop
2014-12-30 17:58 - 2014-12-30 17:59 - 20699800 _____ (Splashtop Inc.) C:\Users\Yusuf\Downloads\Splashtop_Streamer_WIN_v2.6.2.4.EXE
2014-12-30 16:10 - 2014-12-30 16:39 - 701897648 _____ () C:\Users\Yusuf\Downloads\FSX.rar
2014-12-28 20:17 - 2014-12-28 20:17 - 00095299 _____ () C:\Users\Yusuf\Downloads\Purple_Dream_-_Anime_TS3-Skin.rar
2014-12-28 20:08 - 2014-12-28 20:08 - 01328557 _____ () C:\Users\Yusuf\Downloads\full_interest_skin_teamspeak3.zip
2014-12-27 19:56 - 2014-12-27 19:56 - 02465832 _____ () C:\Users\Yusuf\Downloads\Elsword_Downloader.exe
2014-12-27 19:46 - 2014-12-27 19:47 - 20213712 _____ (Gameforge ) C:\Users\Yusuf\Downloads\Elsword_GameforgeLiveSetup.exe
2014-12-27 18:10 - 2014-12-27 18:10 - 31708272 _____ (Trion Worlds Inc.) C:\Users\Yusuf\Downloads\GlyphInstall.exe
2014-12-27 18:04 - 2014-12-27 18:05 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Trove
2014-12-27 17:54 - 2014-12-27 19:57 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\Glyph
2014-12-27 17:54 - 2014-12-27 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-12-27 17:54 - 2014-12-27 17:54 - 00000000 ____D () C:\ProgramData\Glyph
2014-12-27 17:50 - 2014-12-27 17:51 - 31708272 _____ (Trion Worlds Inc.) C:\Users\Yusuf\Downloads\GlyphInstall-0-131.exe
2014-12-25 18:28 - 2015-01-18 17:11 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\LogMeIn Hamachi
2014-12-25 18:28 - 2014-12-25 18:28 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\LogMeIn
2014-12-25 18:28 - 2014-12-25 18:28 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-25 18:26 - 2015-01-18 17:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-25 18:23 - 2014-12-25 18:23 - 08536064 _____ () C:\Users\Yusuf\Downloads\hamachi291.msi
2014-12-25 18:23 - 2014-12-25 18:23 - 08536064 _____ () C:\Users\Yusuf\Downloads\hamachi291 (1).msi
2014-12-25 14:21 - 2014-12-26 12:06 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-12-25 14:21 - 2014-12-25 14:21 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\Razer_Inc
2014-12-25 14:21 - 2014-12-25 14:21 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 19:35 - 2014-12-24 19:35 - 00701322 _____ () C:\Users\Yusuf\Downloads\Unity_Little_Radar.rar
2014-12-24 19:24 - 2014-12-24 19:24 - 00006458 _____ () C:\Users\Yusuf\Downloads\External Multihack v7.zip
2014-12-24 19:20 - 2014-12-16 15:38 - 00000047 _____ () C:\Users\Yusuf\AppData\Roaming\CounterStrikeHackv2.bat
2014-12-24 19:20 - 2014-12-16 15:34 - 00467782 _____ () C:\Users\Yusuf\AppData\Roaming\CounterStrickHackv2.sfx.exe
2014-12-24 19:19 - 2014-12-24 19:19 - 00468480 _____ () C:\Users\Yusuf\Downloads\CounterStrikeHACKv2.rar
2014-12-23 22:57 - 2014-12-23 22:57 - 03248702 _____ () C:\Users\Yusuf\Downloads\CSGO Key Hack.zip
2014-12-23 22:49 - 2014-12-23 22:49 - 00017257 _____ () C:\Users\Yusuf\Downloads\Xile Wallhack v1.3r4(GameLoversPro.BlogSpot.com).zip
2014-12-23 22:42 - 2014-12-23 22:42 - 00033954 _____ () C:\Users\Yusuf\Downloads\Aimbot (1).rar
2014-12-23 22:36 - 2014-12-23 22:36 - 01209689 _____ () C:\Users\Yusuf\Downloads\Counter Strike Global Offensive Hack (1).rar
2014-12-23 22:21 - 2014-12-23 22:22 - 04490829 _____ () C:\Users\Yusuf\Downloads\Counter-Strike-Global-Offensive-Hack-MultiHack-v2.91.0.rar
2014-12-23 22:18 - 2014-12-23 22:19 - 01717788 _____ () C:\Users\Yusuf\Downloads\Counter Strike Global Offensive Hack.rar
2014-12-23 22:11 - 2014-12-23 22:11 - 00207971 _____ () C:\Users\Yusuf\Downloads\Uni-Hack (07-12-14).rar
2014-12-23 22:05 - 2014-12-23 22:05 - 01150651 _____ () C:\Users\Yusuf\Downloads\NetSharkGo.zip
2014-12-23 21:59 - 2014-12-23 21:59 - 00054710 _____ () C:\Users\Yusuf\Downloads\Project-7 Pub v 1.1.zip
2014-12-22 14:55 - 2014-12-22 14:55 - 00000363 _____ () C:\Windows\DirectX.log
2014-12-22 13:12 - 2015-01-18 17:07 - 00004390 _____ () C:\Windows\setupact.log
2014-12-22 13:12 - 2014-12-22 13:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-21 22:15 - 2015-01-09 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-12-21 22:13 - 2014-12-21 22:14 - 46655528 _____ (Hi-Rez Studios) C:\Users\Yusuf\Downloads\InstallSmite (1).exe
2014-12-21 21:22 - 2014-12-21 21:22 - 00135982 _____ () C:\Users\Yusuf\Downloads\Aimbot.rar
2014-12-21 21:19 - 2014-12-21 21:19 - 00314742 _____ () C:\Users\Yusuf\Downloads\[www.OldSchoolHack.de]_CSGOrevision.rar
2014-12-20 15:10 - 2014-12-20 15:10 - 00000219 _____ () C:\Users\Yusuf\Desktop\Counter-Strike Global Offensive.url
2014-12-20 14:27 - 2015-01-18 17:05 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-12-20 14:25 - 2014-12-20 14:26 - 46655528 _____ (Hi-Rez Studios) C:\Users\Yusuf\Downloads\InstallSmite.exe
2014-12-19 23:21 - 2014-12-19 23:21 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Unity
2014-12-19 22:08 - 2014-12-19 22:08 - 00187139 _____ () C:\Users\Yusuf\Downloads\watch (9).htm
2014-12-19 19:34 - 2014-12-19 19:34 - 03099552 _____ (Blizzard Entertainment) C:\Users\Yusuf\Downloads\Hearthstone-Setup-deDE.exe
2014-12-19 13:18 - 2014-12-19 13:24 - 00000000 ____D () C:\Games
2014-12-19 13:14 - 2014-12-19 13:15 - 533637945 _____ () C:\Users\Yusuf\Downloads\CS GO Patch V5.zip
2014-12-19 13:02 - 2014-12-19 13:05 - 3076198261 _____ () C:\Users\Yusuf\Downloads\Counter Strike Global Offensive.zip
2014-12-19 11:54 - 2014-12-19 11:54 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 19:02 - 2014-06-16 13:32 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Skype
2015-01-18 18:42 - 2014-06-15 18:40 - 01094030 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 18:26 - 2014-06-16 13:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 18:25 - 2014-06-16 13:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 17:44 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 17:44 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 17:31 - 2014-06-15 18:59 - 00000000 ____D () C:\Users\Yusuf
2015-01-18 17:11 - 2014-12-13 23:02 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Curse Client
2015-01-18 17:11 - 2014-06-18 18:11 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\TS3Client
2015-01-18 17:07 - 2014-06-16 13:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 17:07 - 2014-06-15 19:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-18 17:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 17:06 - 2014-06-21 14:11 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\TP-LINK
2015-01-18 17:06 - 2014-06-16 13:41 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-18 17:06 - 2014-06-16 13:41 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-18 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-18 17:05 - 2014-12-13 14:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-18 17:05 - 2014-06-17 19:18 - 00000000 ____D () C:\Program Files (x86)\osu!
2015-01-18 17:05 - 2014-06-16 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-18 17:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-15 13:32 - 2014-06-16 13:37 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Riot Games
2015-01-14 19:25 - 2014-06-16 13:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 19:25 - 2014-06-16 13:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 19:25 - 2014-06-16 13:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-11 17:52 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-01-11 17:52 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-01-11 17:52 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-11 17:51 - 2014-07-18 12:09 - 00000000 ____D () C:\Users\Yusuf\Documents\My Games
2015-01-10 15:29 - 2014-06-16 13:49 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-01-09 13:27 - 2014-07-17 15:49 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2015-01-09 13:27 - 2014-06-15 19:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-01 21:42 - 2014-12-13 14:39 - 00000000 ____D () C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-31 12:14 - 2014-06-15 19:22 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-27 20:02 - 2014-11-26 14:59 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-12-26 12:07 - 2014-06-16 13:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-26 12:07 - 2014-06-16 13:32 - 00000000 ____D () C:\ProgramData\Skype
2014-12-20 15:17 - 2014-11-20 15:19 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\Unity
2014-12-20 14:22 - 2014-11-09 15:56 - 00000000 ____D () C:\Users\Yusuf\AppData\Local\Battle.net
2014-12-19 11:54 - 2014-06-15 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-19 11:54 - 2014-06-15 19:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-19 11:54 - 2014-06-15 19:44 - 00000000 ____D () C:\ProgramData\Package Cache

==================== Files in the root of some directories =======
2014-12-24 19:20 - 2014-12-16 15:34 - 0467782 _____ () C:\Users\Yusuf\AppData\Roaming\CounterStrickHackv2.sfx.exe
2014-12-24 19:20 - 2014-12-16 15:38 - 0000047 _____ () C:\Users\Yusuf\AppData\Roaming\CounterStrikeHackv2.bat
2015-01-15 15:56 - 2015-01-18 19:03 - 0000112 _____ () C:\ProgramData\yNCBiUHk.dat

Files to move or delete:
====================
C:\ProgramData\yNCBiUHk.dat


Some content of TEMP:
====================
C:\Users\Yusuf\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\SetupUtil.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-08 12:06

==================== End Of Log ============================

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
Ran by Yusuf at 2015-01-18 19:08:37
Running from C:\Users\Yusuf\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-248453525-2652161971-1904461991-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Manic Digger (HKLM-x32\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
osu! (HKLM-x32\...\{0b53f527-4c87-4c98-ac4c-39856f488b44}) (Version: latest - ppy Pty Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5930 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2477.0 - Hi-Rez Studios)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-248453525-2652161971-1904461991-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.1.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.1.0 - TP-LINK)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-01-2015 21:57:58 Windows Update
15-01-2015 13:08:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
15-01-2015 13:16:52 Removed LogMeIn Hamachi
15-01-2015 13:27:12 Wiederherstellungsvorgang
15-01-2015 13:55:20 Windows Update
15-01-2015 14:30:32 Windows Update
15-01-2015 15:48:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
16-01-2015 20:34:23 Installed League of Legends
16-01-2015 20:35:25 DirectX wurde installiert
17-01-2015 10:50:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-01-2015 13:39:06 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-01-2015 14:14:47 Wiederherstellungsvorgang
18-01-2015 14:24:14 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-01-2015 14:34:53 Wiederherstellungsvorgang
18-01-2015 14:49:04 Windows Update
18-01-2015 16:57:24 Wiederherstellungsvorgang
18-01-2015 17:09:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-01-2015 17:09:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-01-2015 17:21:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01AFF247-4FCB-458D-A272-6E122F2B39BD} - System32\Tasks\{FEFFD332-8F3F-4111-B3E5-AF6B7E4F9C6E} => pcalua.exe -a C:\Users\Yusuf\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe -d C:\Windows\SysWOW64 -c /groupsextract:100;102; /out:"C:\Users\Yusuf\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:4132
Task: {0507C46D-4DF9-43D8-923C-3AED1E460F8D} - System32\Tasks\Run_Bobby_Browser => C:\Users\Yusuf\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {0C9859BC-CCBD-40B6-9534-1E7E4DC10D0A} - System32\Tasks\{3F88A812-C922-4CA0-A9D7-DF92C10EF883} => pcalua.exe -a "C:\Users\Yusuf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4FG59J9\LeagueofLegends_EUW_Installer_06_12_13[1].exe" -d C:\Windows\SysWOW64 -c /groupsextract:100;101;102;103; /out:"C:\Users\Yusuf\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:1836
Task: {2A2F666A-C2BA-482C-BCEF-A8F641FAE976} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {4F32F894-E95F-403C-A5D4-067052E3D0F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16] (Google Inc.)
Task: {793C4AB9-7D8D-461F-8CFE-F4BFFDE6F016} - System32\Tasks\{3632B715-09DB-44EB-B558-63A67DBBA383} => pcalua.exe -a C:\Users\Yusuf\AppData\Roaming\sweet-page\UninstallManager.exe -c  -ptid=cor
Task: {900B2577-3126-42C9-8C55-23C6CC3F5D36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {D265EEC2-E58E-4342-B4DC-57C2094B62E2} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {D70354A9-62AE-4189-8195-7D4621830AF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16] (Google Inc.)
Task: {DB125C00-5AD6-4FB7-8F3B-0BE928C9C560} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {FEFDBD96-1691-466E-A6B7-0F2947E1827B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-01-18] (Enigma Software Group USA, LLC.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-15 19:18 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-13 12:43 - 2014-08-13 12:43 - 00709120 _____ () C:\Program Files\004\rqpbhevlkc64.exe
2015-01-18 17:07 - 2015-01-18 17:07 - 01169920 _____ () c:\windows\temp\db23.exe
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-15 13:07 - 2015-01-13 23:12 - 51548328 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
2015-01-15 15:46 - 2015-01-12 13:55 - 00091304 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
2014-02-28 14:33 - 2014-02-28 14:33 - 00148480 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00864768 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 14:45 - 2014-02-27 14:45 - 00677376 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 14:41 - 2014-02-28 14:41 - 00092104 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-02-28 14:41 - 2014-02-28 14:41 - 00105416 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00025600 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00242688 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 14:42 - 2014-02-28 14:42 - 00477128 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 14:42 - 2014-02-28 14:42 - 00483784 _____ () C:\Users\Yusuf\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-01-15 13:07 - 2015-01-07 22:22 - 01360552 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\libglesv2.dll
2015-01-15 13:07 - 2015-01-07 22:22 - 00214184 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\libegl.dll
2015-01-15 13:07 - 2015-01-07 22:22 - 00985768 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll
2015-01-15 13:07 - 2015-01-07 22:22 - 16827048 _____ () C:\Users\Yusuf\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll
2014-12-11 12:08 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 12:08 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 12:08 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 12:08 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 12:08 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Yusuf\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Yusuf\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Yusuf\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Yusuf\AppData\Roaming:NT2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Yusuf\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: MKLOL => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-248453525-2652161971-1904461991-500 - Administrator - Disabled)
Gast (S-1-5-21-248453525-2652161971-1904461991-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-248453525-2652161971-1904461991-1003 - Limited - Enabled) => C:\Users\UpdatusUser
Yusuf (S-1-5-21-248453525-2652161971-1904461991-1000 - Administrator - Enabled) => C:\Users\Yusuf

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 05:34:04 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 05:07:26 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 04:54:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MoonMt2Start.exe, Version 1.0.2029.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b80

Startzeit: 01d0333615fc858b

Endzeit: 96

Anwendungspfad: C:\Users\Yusuf\Desktop\MoonMt2_Dezember\MoonMt2Start.exe

Berichts-ID: 2edab788-9f2a-11e4-a26f-90fba62bffee

Error: (01/18/2015 03:19:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MoonMt2.exe, Version 1.0.2029.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1be0

Startzeit: 01d03328877b6b9d

Endzeit: 1893

Anwendungspfad: C:\Users\Yusuf\Desktop\MoonMt2_Dezember\MoonMt2.exe

Berichts-ID: 03f08b08-9f1d-11e4-a26f-90fba62bffee

Error: (01/18/2015 03:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: qsinstaller.exe, Version: 0.0.0.0, Zeitstempel: 0x5491af1c
Name des fehlerhaften Moduls: qsinstaller.exe, Version: 0.0.0.0, Zeitstempel: 0x5491af1c
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00001ec9
ID des fehlerhaften Prozesses: 0x1a1c
Startzeit der fehlerhaften Anwendung: 0xqsinstaller.exe0
Pfad der fehlerhaften Anwendung: qsinstaller.exe1
Pfad des fehlerhaften Moduls: qsinstaller.exe2
Berichtskennung: qsinstaller.exe3

Error: (01/18/2015 02:54:17 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 02:54:01 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 02:53:33 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 02:53:11 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (01/18/2015 02:44:22 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!


System errors:
=============
Error: (01/18/2015 06:01:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.191.2655.0)

Error: (01/18/2015 05:49:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.6.0305.00

	Quellpfad: 4.6.0305.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (01/18/2015 05:49:17 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 

	Aktualisierungsquelle: %NT-AUTORITÄT15

	Aktualisierungsphase: 4.6.0305.00

	Quellpfad: 4.6.0305.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (01/18/2015 05:49:16 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 

	Aktualisierungsquelle: %NT-AUTORITÄT15

	Aktualisierungsphase: 4.6.0305.00

	Quellpfad: 4.6.0305.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (01/18/2015 05:22:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.191.2503.0)

Error: (01/18/2015 04:03:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/18/2015 04:03:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (01/18/2015 02:54:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (01/18/2015 02:54:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/18/2015 02:53:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (01/18/2015 05:34:04 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 05:07:26 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 04:54:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: MoonMt2Start.exe1.0.2029.01b8001d0333615fc858b96C:\Users\Yusuf\Desktop\MoonMt2_Dezember\MoonMt2Start.exe2edab788-9f2a-11e4-a26f-90fba62bffee

Error: (01/18/2015 03:19:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: MoonMt2.exe1.0.2029.01be001d03328877b6b9d1893C:\Users\Yusuf\Desktop\MoonMt2_Dezember\MoonMt2.exe03f08b08-9f1d-11e4-a26f-90fba62bffee

Error: (01/18/2015 03:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: qsinstaller.exe0.0.0.05491af1cqsinstaller.exe0.0.0.05491af1cc000041700001ec91a1c01d033279c5398b5C:\Users\Yusuf\Downloads\qsinstaller.exeC:\Users\Yusuf\Downloads\qsinstaller.exede3ba2dc-9f1a-11e4-a26f-90fba62bffee

Error: (01/18/2015 02:54:17 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 02:54:01 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 02:53:33 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 02:53:11 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (01/18/2015 02:44:22 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0


CodeIntegrity Errors:
===================================
  Date: 2015-01-10 18:18:10.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Yusuf\Desktop\32Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-10 18:18:10.831
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Yusuf\Desktop\32Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 62%
Total physical RAM: 3959.09 MB
Available physical RAM: 1474.39 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 3800.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:443.13 GB) (Free:335.45 GB) NTFS
Drive d: (Daten) (Fixed) (Total:488.28 GB) (Free:389.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F467897B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 18.01.2015, 21:35

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

was ist Compatibilitycheck.exe und warum öffnet es sich 10 mal?

Plagegeister aller Art und deren Bekämpfung: was ist Compatibilitycheck.exe und warum öffnet es sich 10 mal?