Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PUP.Optional.Babylon und co.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 10.10.2014, 13:38   #1
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Hallo,
ich habe seit etwa 2 Monaten einen ungewöhnlich hohen Datenverkehr (den ich zuerst nicht wirklich beachtet habe). Dazu kommt jedoch in letzter Zeit eine hohe CPU Auslastung und ein langsamer Systemstart.

Daraufhin habe ich mit Avast mein System gescannt, jedoch wurde nichts gemeldet.
Da diese Probleme jedoch anhielten habe ich mir Malwarebytes runtergelden und das spuckte mir folgende 13 Bedrohungen aus:


Da Avast scheinbar vollkommen versagt hat und Malwarebyte doch ein paar Anläufe brauchte um etwas zu finden, bin ich mir jedoch nun nicht sicher, ob da möglicherweise nicht noch was steckt bzw. ob diese Malware überhaupt wirklich bereinigt wurde.

Da ich leider in der Hinsicht ein Laie bin, würde ich mich über eine Anleitung "für Dummies" freuen

mfg Daniel

PS: Im Anhang sind die letzten 4 Logs von Malwarebytes

Alt 10.10.2014, 13:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.10.2014, 13:44   #3
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Code:
ATTFilter
 Malwarebytes Anti-Malware 
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 10.10.2014
Scan Time: 13:05:11
Logfile: Scan1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Non1can

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 249464
Time Elapsed: 9 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [1a2f2ed14d2d6fc70af9373d2cd66a96], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [1a2f2ed14d2d6fc70af9373d2cd66a96], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3461773620-3276519411-1504451298-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [46038f70c6b480b69a0d525826dd956b], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-3461773620-3276519411-1504451298-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, Quarantined, [9dac10ef651553e31b9701aab64d4bb5], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.OpenCandy, C:\Users\Non1can\AppData\Roaming\OpenCandy, Quarantined, [410808f75e1c999dd7b4671fc0423ac6], 
PUP.Optional.OpenCandy, C:\Users\Non1can\AppData\Roaming\OpenCandy\4AB44A63665F4E199576C0012A035765, Quarantined, [410808f75e1c999dd7b4671fc0423ac6], 
PUP.Optional.OpenCandy, C:\Users\Non1can\AppData\Roaming\OpenCandy\7BDCAB72E20A46C893541913E9E294F6, Quarantined, [410808f75e1c999dd7b4671fc0423ac6], 
PUP.Optional.OpenCandy, C:\Users\Non1can\AppData\Roaming\OpenCandy\OpenCandy_7BDCAB72E20A46C893541913E9E294F6, Quarantined, [410808f75e1c999dd7b4671fc0423ac6], 

Files: 2
PUP.Optional.Babylon.A, C:\Users\Non1can\AppData\Roaming\OpenCandy\4AB44A63665F4E199576C0012A035765\DeltaTB.exe, Quarantined, [59f03dc2aad0e056b528cb7cb15032ce], 
PUP.Optional.OpenCandy, C:\Users\Non1can\AppData\Roaming\OpenCandy\7BDCAB72E20A46C893541913E9E294F6\TuneUpUtilities2013_2200218_de-DE.exe, Quarantined, [410808f75e1c999dd7b4671fc0423ac6], 

Physical Sectors: 0
(No malicious items detected)


(end)
         

Code:
ATTFilter
 Malwarebytes Anti-Malware 
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 10.10.2014
Scan Time: 13:21:35
Logfile: Scan2.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.10.04
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Non1can

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 328102
Time Elapsed: 12 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.Babylon.A, HKU\S-1-5-21-3461773620-3276519411-1504451298-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [e824799aaece3afc151a9cfd53afa15f], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [ea22799a5c205adc28b5e4488e753bc5], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3461773620-3276519411-1504451298-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [4cc0858efe7e43f3bc0add5ba0637e82], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 10.10.2014
Scan Time: 13:34:45
Logfile: Scan3.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.10.04
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Non1can

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 0
(No malicious items detected)
Time Elapsed: 0 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 10.10.2014
Scan Time: 13:36:07
Logfile: Scan4.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.10.04
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Non1can

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 328892
Time Elapsed: 13 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         


So nun die Frst.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Non1can (administrator) on DANIEL on 10-10-2014 15:25:36
Running from C:\Users\Non1can\Desktop
Loaded Profile: Non1can (Available profiles: Non1can)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-08] (AVAST Software)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {4ad0adfb-a121-11e1-9aa3-c860005e71f3} - J:\Setup.exe
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {b2074da7-361b-11e2-80da-c860005e71f3} - E:\setup_ftl_1.0.0.6.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://empire.goodgamestudios.com/?country=DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - No Name - {8ADF36AB-7485-4EA9-8C6C-381EF3923A43} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\abs@avira.com [2014-10-07]
FF Extension: NoScript - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-16]
FF Extension: Adblock Plus - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-08]

Chrome: 
=======
CHR HomePage: Default -> 823DD223DCC4DFD0C732AE8DD7DA7380F7E31003D0BFAEAA938D81706B5EEEF2
CHR Profile: C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-02]
CHR Extension: (Google Docs) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Adblock Plus) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2014-10-07]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-10-07]
CHR Extension: (Speed Dial) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfoohegdndjidhanbamkijmamcldindl [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-08] (AVAST Software)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-08] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 15:25 - 2014-10-10 15:26 - 00013774 _____ () C:\Users\Non1can\Desktop\FRST.txt
2014-10-10 15:25 - 2014-10-10 15:25 - 00000000 ___DC () C:\FRST
2014-10-10 15:24 - 2014-10-10 15:24 - 02109952 _____ (Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe
2014-10-10 14:26 - 2014-10-10 14:26 - 00001084 _____ () C:\Users\Non1can\Desktop\Scan3.txt
2014-10-10 14:26 - 2014-10-10 14:26 - 00001058 _____ () C:\Users\Non1can\Desktop\Scan4.txt
2014-10-10 14:25 - 2014-10-10 14:25 - 00002582 _____ () C:\Users\Non1can\Desktop\Scan1.txt
2014-10-10 14:25 - 2014-10-10 14:25 - 00001606 _____ () C:\Users\Non1can\Desktop\Scan2.txt
2014-10-10 13:16 - 2014-10-10 13:53 - 00002284 _____ () C:\Windows\PFRO.log
2014-10-10 13:16 - 2014-10-10 13:53 - 00000112 _____ () C:\Windows\setupact.log
2014-10-10 13:16 - 2014-10-10 13:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 13:04 - 2014-10-10 14:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-10 13:04 - 2014-10-10 13:04 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-10 13:04 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-10 13:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-10 13:02 - 2014-10-10 13:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Non1can\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-09 23:24 - 2014-10-09 23:24 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-10-09 23:24 - 2014-10-09 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-10-09 23:15 - 2014-10-09 23:15 - 00000000 ___DC () C:\Riot Games
2014-10-09 23:10 - 2014-10-09 23:25 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Riot Games
2014-10-09 23:04 - 2014-10-09 23:06 - 30668968 _____ (Riot Games) C:\Users\Non1can\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\Program Files\Java
2014-10-09 15:19 - 2014-10-09 15:19 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-10-09 15:19 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\temp
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\projects
2014-10-08 14:58 - 2014-10-08 14:58 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\AVAST Software
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 14:56 - 2014-10-09 08:04 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-08 14:56 - 2014-10-08 14:57 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-08 14:56 - 2014-10-08 14:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-08 14:44 - 2014-10-08 14:50 - 91906368 _____ (AVAST Software) C:\Users\Non1can\Desktop\avast_free_antivirus_setup_9.0.2021.exe
2014-10-07 16:02 - 2014-10-07 16:04 - 00000000 ___RD () C:\Users\Non1can\Desktop\Business
2014-10-07 15:19 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-07 15:19 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-07 15:18 - 2014-10-07 15:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-07 15:18 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-07 15:17 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-07 15:14 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-07 15:14 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-10-07 15:14 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-10-03 15:17 - 2014-10-03 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-03 11:07 - 2014-10-03 11:08 - 00000000 ____D () C:\Users\Non1can\Desktop\Fest
2014-09-30 22:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 22:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 10:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 00:53 - 2014-09-29 18:03 - 00000000 ___DC () C:\Procurement
2014-09-24 00:53 - 2014-09-24 00:53 - 00000642 _____ () C:\Users\Public\Desktop\Procurement.lnk
2014-09-24 00:53 - 2014-09-24 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Procurement
2014-09-19 17:09 - 2014-09-19 17:10 - 03833817 _____ () C:\Users\Non1can\Downloads\Procurement.1.8.4.zip
2014-09-16 00:15 - 2014-09-16 00:15 - 00015355 _____ () C:\Users\Non1can\Downloads\RF calculator.xlsx
2014-09-11 01:51 - 2014-09-11 01:51 - 02523919 _____ () C:\Users\Non1can\Documents\Logs-2014-09-11T01-50-25.gz

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-08-14 04:57 - 2012-05-14 18:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-08-14 04:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-10 15:25 - 2013-05-01 13:05 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\NetSpeedMonitor
2014-10-10 15:13 - 2014-03-15 10:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 14:01 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 14:01 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 13:57 - 2013-08-17 02:34 - 01733322 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 13:54 - 2014-03-15 10:42 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 13:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-10 13:52 - 2012-03-25 18:07 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Skype
2014-10-10 13:20 - 2012-03-24 19:30 - 00000000 ____D () C:\Windows\pss
2014-10-10 13:19 - 2012-03-25 01:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-10 13:16 - 2012-03-25 13:14 - 00000000 ____D () C:\Windows\de
2014-10-10 12:06 - 2012-04-02 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-10 12:05 - 2013-01-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-10 12:05 - 2012-03-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-10-10 11:45 - 2013-07-18 22:37 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 23:07 - 2012-03-24 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-09 15:19 - 2014-02-22 16:44 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Thunderbird
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-09 15:19 - 2013-06-06 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-09 15:15 - 2012-04-02 18:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-09 15:15 - 2012-04-02 18:05 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-10-09 15:15 - 2012-03-24 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-09 15:13 - 2014-07-21 14:39 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Adobe
2014-10-09 15:12 - 2013-01-14 17:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-08 14:55 - 2012-03-27 04:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-08 14:48 - 2012-06-20 00:25 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Deployment
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Notepad++
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-10-08 14:37 - 2013-02-03 13:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-08 11:03 - 2013-02-04 23:57 - 00000000 ____D () C:\Users\Non1can\Documents\Paradox Interactive
2014-10-08 08:26 - 2012-03-25 03:30 - 00000000 ____D () C:\Users\Non1can\Documents\My Games
2014-10-07 18:20 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-10-07 18:20 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-10-07 18:20 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 15:57 - 2012-03-24 21:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-07 15:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 15:28 - 2013-11-19 22:10 - 00000000 ____D () C:\Users\Non1can\AppData\Local\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-07 15:18 - 2013-07-18 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-07 15:17 - 2012-03-24 21:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-07 14:53 - 2012-03-25 03:43 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\TS3Client
2014-10-07 11:45 - 2013-02-16 15:34 - 00000000 ___RD () C:\Users\Non1can\WDokumente
2014-10-03 15:17 - 2012-10-28 20:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 15:17 - 2012-03-25 18:07 - 00000000 ____D () C:\ProgramData\Skype
2014-10-03 14:23 - 2014-04-12 21:22 - 00000000 ____D () C:\ProgramData\Origin
2014-09-28 12:07 - 2013-01-11 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-27 09:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 07:04 - 2014-07-02 12:24 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Winamp
2014-09-22 08:42 - 2012-03-24 20:08 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\tSH05K6U.dat


Some content of TEMP:
====================
C:\Users\Non1can\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Non1can\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 00:33

==================== End Of Log ============================
         
--- --- ---


Und Additions.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Non1can at 2014-10-10 15:26:31
Running from C:\Users\Non1can\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte / related Design)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
ENSLAVED™: Odyssey to the West™ Premium Edition (HKLM-x32\...\Steam App 245280) (Version:  - Ninja Theory)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Tale Worlds)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Procurement version 1.8.5 (HKLM-x32\...\{882BE018-B5AB-4A70-9B8D-2A2A14162F61}_is1) (Version: 1.8.5 - Stickymaddness)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1003 - Firefly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.3 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3461773620-3276519411-1504451298-1000_Classes\CLSID\{13eaa141-4226-42be-aa5e-b1adec517e84}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3461773620-3276519411-1504451298-1000_Classes\CLSID\{fab06736-894a-43f8-b39e-eb267e4ecc17}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

08-10-2014 12:38:32 Removed Overwolf
08-10-2014 12:46:55 Removed 7-Zip 9.20 (x64 edition)
08-10-2014 12:55:20 avast! antivirus system restore point
09-10-2014 13:20:04 Windows Update
09-10-2014 13:23:01 Windows Update
09-10-2014 21:06:49 Entfernt League of Legends
09-10-2014 21:11:52 Installed League of Legends
09-10-2014 21:12:49 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
09-10-2014 21:15:08 Installed League of Legends
09-10-2014 21:15:44 DirectX wurde installiert
09-10-2014 21:22:13 Removed League of Legends
09-10-2014 21:24:07 Installed League of Legends
09-10-2014 21:24:35 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D10678-F78A-4625-88FB-9E1EE57909C7} - System32\Tasks\{46A01BFB-D04B-4B49-BF0E-9E5DC42B0145} => C:\Program Files (x86)\Opera\Opera.exe
Task: {07695DF5-8DF5-44C5-9AE5-B6FFCF8F323B} - System32\Tasks\{0C161626-6131-4050-87FA-0DB9EFD9354C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {08DE40E7-51AC-49A1-8D08-9AE410A33717} - System32\Tasks\{A6A759A2-AAB8-4D9A-94D3-1C78D935E860} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0B0DDD79-AFEC-45E4-B58A-10178FE30350} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {0FE1E3A4-24FA-4010-83C9-549F82EAAA03} - System32\Tasks\{A28EC4C8-A5BB-4875-8BAA-EACE5107F706} => C:\Program Files (x86)\Opera\Opera.exe
Task: {12BAEDF3-FDF9-49B3-89E2-FE71CF16F040} - System32\Tasks\{C46AB271-36EC-494C-A664-58F2FFD760F5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {12F12A78-559B-4FEC-B855-54C96846A565} - System32\Tasks\{F7F05B55-3AC1-48B7-B320-E955793349EA} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1C44E002-5193-45E7-BD16-1C9D14B12F7A} - System32\Tasks\{2E929731-BC61-4DCD-AA1D-78C06AA7B357} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1E3C40EA-A6CA-49CA-811E-F0614720CDB7} - System32\Tasks\{E8BE56B2-D990-4A26-880A-6C0CD3B8320D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2746DFCB-C6B1-4BFB-94A7-F1E9C87A7423} - System32\Tasks\{290266A5-AAC6-4344-B400-43988D8EF240} => C:\Program Files (x86)\Opera\Opera.exe
Task: {280D7C75-D06B-4B3D-A303-11E64B426C8F} - System32\Tasks\{E32CC954-002E-4A50-9625-8B33F8D96C5F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {29281705-F676-4C0A-92D1-96451586D061} - System32\Tasks\{D2305CCA-A7CD-49D5-9A86-109B6CF91FF3} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2BFBDDEA-AAEE-4EF6-869F-70AE579A00D6} - System32\Tasks\{C053B3DD-1D00-47C2-8B09-AFB063D6490C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {312F018A-A62F-4795-B382-4076F5F5E55D} - System32\Tasks\{7E18D34F-F2CA-4562-9D7A-8B9D7B4BF252} => C:\Program Files (x86)\Opera\Opera.exe
Task: {335170F8-65AE-4E8A-B478-ADCF86265058} - System32\Tasks\{408D3A4F-0461-44B1-ACF0-4C0EFFC5DF0F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {37441F94-9A38-4566-8719-A3B2732C2F23} - System32\Tasks\{7FC77AF4-0938-4F5C-ACA6-EF4CB30B1A54} => C:\Program Files (x86)\Opera\Opera.exe
Task: {42EBB50F-5059-4F13-AA1B-F80183E9BB6A} - System32\Tasks\{BBCAD2C1-0851-43C0-ACD0-8BB275647359} => C:\Program Files (x86)\Opera\Opera.exe
Task: {45DFB420-DE68-469F-A6F9-F2700D7C8E98} - System32\Tasks\{3A185D05-1AB6-47A5-A3EC-557F5A7B7389} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4688F4DE-E24B-4FC6-B122-D5183BD6B15E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-08] (AVAST Software)
Task: {46C96100-D760-42E4-9F0B-555ED99706D3} - System32\Tasks\{E40C084C-C848-4203-BCAC-D51FE075F438} => C:\Program Files (x86)\Opera\Opera.exe
Task: {489BA7E2-CC9D-4DDB-91F2-25F63B70CD40} - System32\Tasks\{235EF654-4F7A-4EE9-9430-020487F041DA} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4E11D8E7-E702-4FEC-B9FC-E9BF1406590A} - System32\Tasks\{ACE48844-64B1-47CA-BF13-20086BEC1D78} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5755A8C3-83A7-49A0-9F0C-81BF2B59CE35} - System32\Tasks\{FB5A2420-3A4D-4DA7-8B09-0C0EBB6A8A46} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BC97DE6-194C-419E-B272-10DEDC01384F} - System32\Tasks\{07F33162-1968-4FF4-910C-EE504F5E5238} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C238B04-9D48-43ED-8A00-03AB6D3989EF} - System32\Tasks\{45F4FDB5-4934-4A5A-A5AB-1E8016555C51} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C690C75-8807-46CD-A5AD-78E43EBF27DD} - System32\Tasks\{8F9E23C3-A0D0-493E-AE3F-6A3D852B415B} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5E69A16C-51D4-4680-AFA3-FF3C54AE1BA5} - System32\Tasks\{303AA2C6-C5AD-4FFC-94FA-100C37DBA59F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5EBFF66D-3DAD-4749-A45D-1C7F05D5634D} - System32\Tasks\{D04B1168-E0EF-476B-9462-8A924E52535F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5FE28A15-1C5B-47C6-9DAF-56782036F624} - System32\Tasks\{335E7F44-5EE3-4A89-A3B3-2BE6D93279E2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {61AF0D2C-9F86-40CD-895C-293992646258} - System32\Tasks\{DDF33E60-31AD-4865-9A52-4DF5FC793A5B} => C:\Program Files (x86)\Opera\Opera.exe
Task: {66D94CF7-F5E1-42C9-8084-22FDA072B4DF} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2013-04-30] ()
Task: {67359624-5EB4-4B6B-880A-29B7F05C70A8} - System32\Tasks\{E40D75C4-6FE2-40BA-8EF4-E832DFBCE572} => C:\Program Files (x86)\Opera\Opera.exe
Task: {68E54D78-7EB6-4631-914D-2D75549E4437} - System32\Tasks\{81B51CEC-B930-415F-8262-CF5C2167BA57} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6AA25002-0F81-4BFB-9973-6B733F21C06A} - System32\Tasks\{878A78E8-6752-4827-838F-259D06B7FB14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D4F5429-F4CA-417E-9DC3-76D99760D527} - System32\Tasks\{B0650676-20BC-432D-8876-5EF1F10E8C73} => C:\Program Files (x86)\Opera\Opera.exe
Task: {73E45171-39A1-4352-B0EE-9746675D9A76} - System32\Tasks\{6F39AD75-70DF-4838-BBF3-0C40AC77CBA0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7884AC50-4381-4B86-B4B9-8D63D0CEFAD3} - System32\Tasks\{EDC4703D-72D6-43E9-B389-12B6FA25B77C} => c:\program files (x86)\opera\opera.exe
Task: {89ED7427-6979-4883-B967-B557B05DBF3B} - System32\Tasks\{B8B4F82D-D134-4369-B4EE-8FF232E94E04} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A5F004E-25D9-4A70-AB74-28B5CC039BF4} - System32\Tasks\{EDDAAFD7-D834-4357-A0A8-52287373AB05} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8BFA44B9-D4BC-4167-A932-EDF246F7E3B3} - System32\Tasks\{E33C29D5-B6B6-4711-B95D-A48719D6960E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5A1A43-0D79-4DFA-ABF1-F38845820C0C} - System32\Tasks\{1E4D0863-4438-4479-AC51-0F506CBEC122} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8FA5FD70-A6AB-4445-A2EA-C010E3F52A38} - System32\Tasks\{19A6B943-F9D5-4D85-80CD-F232127899D9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {93C9CA9B-6D3F-4BE7-997B-B200D60D2C24} - System32\Tasks\{898A099F-0DC7-4F3F-BB65-6B9CC92D9FE0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {980681E7-948E-41DC-9D72-01D8A7BD2F01} - System32\Tasks\{77E608B3-A44C-4FDC-A0F0-850FF5717304} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9B6AAC45-C2BC-480A-848B-615CF1423156} - System32\Tasks\{F064BBD8-F7A2-4DEE-A78F-E63809097038} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9BC4FC8E-8FEA-4A94-967A-637E30CDDAEB} - System32\Tasks\{11A81752-E588-45E3-A15C-AD5C022D0447} => c:\program files (x86)\opera\opera.exe
Task: {9E1AFD8D-5A58-4985-8C87-B4FB537F8444} - System32\Tasks\{399E8F44-B9C5-4F18-85C8-E90E445F11D8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5814533-521E-4EB0-BE30-8893CD3B223D} - System32\Tasks\{F1F4A76F-AA32-4CAD-9EE4-674453938BA1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A94BF6D3-7CD7-4C31-B209-4C1023A051A4} - System32\Tasks\{26D7FF63-320F-4270-AEF7-32C2911411E8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A9D5A27C-D20E-4222-B18E-1CD437D0A742} - System32\Tasks\{DCCECE59-3882-4289-AC6B-5E5CA0D2C75A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {AADA4375-FA55-4BB7-B4B3-1C59996CE84C} - System32\Tasks\{64A1616D-94F2-4156-BF09-56944D21B524} => C:\Program Files (x86)\Opera\Opera.exe
Task: {AE527A6E-39D0-48BC-A5D3-06B61CA40623} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-09] (Adobe Systems Incorporated)
Task: {AF75CCD1-07D1-44DD-B5E3-80503D92249C} - System32\Tasks\{A83B26F1-C9BD-4CF2-8B73-54C87A113556} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B001C091-91EA-4489-92C3-8A2492A9A7FC} - System32\Tasks\{95EA003A-9106-4338-824A-E94AE123EB2D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B00EE2E1-9B28-43F2-91D4-E9CB752AB935} - System32\Tasks\{F4035AAA-3DD9-44BC-BBF9-0C059227FC74} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BD34CD79-893F-4021-AC8F-8A7A89823C89} - System32\Tasks\{EE8B4716-0311-4A60-A78F-8FC651BC796F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BDA6CC70-5CA9-41CD-B7DF-9C358790C83A} - System32\Tasks\{743374C6-5497-4B99-8320-782DC9C4BC20} => C:\Program Files (x86)\Opera\Opera.exe
Task: {C080C204-5DD4-4C6B-B09D-4903A6FAC79B} - System32\Tasks\{AD3ED666-74F6-4186-9E66-913881E86110} => C:\Program Files (x86)\Opera\Opera.exe
Task: {C0C8827F-5E48-49B3-AA6D-CB9F2F116680} - System32\Tasks\{49C90EDC-924F-40B7-B19B-582E00DF9ABE} => c:\program files (x86)\opera\opera.exe
Task: {C648D30F-304D-4923-BCDE-D706AFA93A0E} - System32\Tasks\{E4A94060-24E2-4BDB-A546-68F232C87935} => c:\program files (x86)\opera\opera.exe
Task: {C7453D0C-F69F-4891-8A7A-E30B88CAFAAB} - System32\Tasks\{14EB019F-190A-4F49-9315-1310669DA76A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CB12AAD0-6E70-444E-B010-A2DF80627A17} - System32\Tasks\{19DBA06B-D485-4107-8B6C-8D0A9C2CD8AF} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D32F6E70-516A-4122-8B12-6D0765784F97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {D52FE97D-6B2D-431E-8E45-6847C21F3BCB} - System32\Tasks\{EF20C62C-9621-4F73-8B88-396AC031A7A6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DD32226C-123E-457A-99B1-F1CB8383DD03} - System32\Tasks\{A9B10031-A5A9-4913-99E5-26A5A4A9BD91} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DDAA9FDC-8607-42AA-BF5B-A1ED8B4DA372} - System32\Tasks\{8BFF4C05-4270-462B-B289-8C19DE6732D7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DE9FC147-7B15-4FA3-BC33-1CC8A4BC6A87} - System32\Tasks\{CC9055F0-7B63-44E3-B348-B57ABA62E58C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E3DAF1C9-49E4-448C-8CE9-2F2CE706C42B} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {E669B9D4-5D64-47D9-9EBF-A7B6F611CAAE} - System32\Tasks\{1386B072-D243-45C3-9FA0-636B3C79BBDF} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EEC56B8A-B348-46EC-96B3-E3A010FDD43B} - System32\Tasks\{19799715-7282-4AAD-BB57-AE67B66E478C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EFC22016-8ECC-476E-9F5B-A15831C2610F} - System32\Tasks\{99F025DB-CCBA-4336-A83A-DB694C3C99F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F2193DFD-B976-4E23-A559-C2DD256F9257} - System32\Tasks\{6E52FD5D-F020-48BD-A11D-3AB7DB94FCD9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {F390EF24-F341-415C-AF5D-EAB5EDB29E15} - System32\Tasks\{A2A2929B-BFC4-44AC-92AB-9263047EC52C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {F8288C14-58DC-4981-B32B-AC21541F3118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {FD912F92-C42A-40B7-A8DE-98084EFF49DA} - System32\Tasks\{DE5DEBEE-C8A0-4097-8849-7ABC86CF33E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-12 16:39 - 2012-08-05 21:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-09 21:21 - 2014-10-09 21:21 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100901\algo.dll
2012-03-24 19:18 - 2009-03-19 23:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2012-03-24 19:18 - 2009-03-19 23:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2012-03-24 19:18 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2012-03-24 19:18 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-10-08 14:56 - 2014-10-08 14:56 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
AlternateDataStreams: C:\Users\Non1can\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Non1can\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: BCUService => 2
MSCONFIG\Services: becldr3Service => 3
MSCONFIG\Services: BotkindSyncService => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: Radio.fx => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BCU => "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MKLOL => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NCUpdateHelper => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

========================= Accounts: ==========================

Administrator (S-1-5-21-3461773620-3276519411-1504451298-500 - Administrator - Disabled)
Gast (S-1-5-21-3461773620-3276519411-1504451298-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3461773620-3276519411-1504451298-1004 - Limited - Enabled)
Non1can (S-1-5-21-3461773620-3276519411-1504451298-1000 - Administrator - Enabled) => C:\Users\Non1can

==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 00:08:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0xb7c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 00:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0xe90
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 09:55:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLPatcher.exe, Version: 0.2.0.133, Zeitstempel: 0x543448ef
Name des fehlerhaften Moduls: LoLPatcher.exe, Version: 0.2.0.133, Zeitstempel: 0x543448ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0011ea53
ID des fehlerhaften Prozesses: 0xf0c
Startzeit der fehlerhaften Anwendung: 0xLoLPatcher.exe0
Pfad der fehlerhaften Anwendung: LoLPatcher.exe1
Pfad des fehlerhaften Moduls: LoLPatcher.exe2
Berichtskennung: LoLPatcher.exe3

Error: (10/09/2014 11:26:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000223e0
ID des fehlerhaften Prozesses: 0xab4
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3

Error: (10/09/2014 11:23:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195, Zeitstempel: 0x4dcddbf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x143c
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3

Error: (10/09/2014 11:21:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1598

Startzeit: 01cfe407013b609f

Endzeit: 0

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 44e54893-4ffa-11e4-886a-c860005e71f3

Error: (10/09/2014 10:18:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c9c

Startzeit: 01cfe3fe1db88ca0

Endzeit: 16

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 7b872188-4ff1-11e4-886a-c860005e71f3

Error: (10/09/2014 10:17:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 978

Startzeit: 01cfe3fe079f800e

Endzeit: 16

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 4ddcc3c3-4ff1-11e4-886a-c860005e71f3

Error: (10/08/2014 02:55:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary xxqqdowc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/08/2014 02:17:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: eu4.exe, Version: 1.0.0.0, Zeitstempel: 0x53da0714
Name des fehlerhaften Moduls: eu4.exe, Version: 1.0.0.0, Zeitstempel: 0x53da0714
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008ac707
ID des fehlerhaften Prozesses: 0xc18
Startzeit der fehlerhaften Anwendung: 0xeu4.exe0
Pfad der fehlerhaften Anwendung: eu4.exe1
Pfad des fehlerhaften Moduls: eu4.exe2
Berichtskennung: eu4.exe3


System errors:
=============
Error: (10/10/2014 01:53:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 01:16:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:40:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:39:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎10.‎2014 um 12:38:04 unerwartet heruntergefahren.

Error: (10/10/2014 00:36:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:13:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:06:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:05:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎10.‎2014 um 11:57:32 unerwartet heruntergefahren.

Error: (10/10/2014 08:57:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/10/2014 08:57:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-04-02 22:31:54.440
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.291
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.169
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.886
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.806
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.674
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:24.841
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:24.761
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 960T Processor
Percentage of memory in use: 22%
Total physical RAM: 8190.12 MB
Available physical RAM: 6322.11 MB
Total Pagefile: 16378.41 MB
Available Pagefile: 14487.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:509.47 GB) (Free:209.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:422.04 GB) (Free:104.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 19A9D3B7)
Partition 1: (Active) - (Size=509.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=422 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Geändert von Tenseiken (10.10.2014 um 14:29 Uhr)

Alt 11.10.2014, 10:56   #4
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



So hab mal Frst.txt und Addtions aktualisiert, weil ich zwischendurch Programme aufgeräumt habe

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Non1can (administrator) on DANIEL on 11-10-2014 11:51:19
Running from C:\Users\Non1can\Desktop
Loaded Profile: Non1can (Available profiles: Non1can)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-08] (AVAST Software)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {4ad0adfb-a121-11e1-9aa3-c860005e71f3} - J:\Setup.exe
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {b2074da7-361b-11e2-80da-c860005e71f3} - E:\setup_ftl_1.0.0.6.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://empire.goodgamestudios.com/?country=DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - No Name - {8ADF36AB-7485-4EA9-8C6C-381EF3923A43} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\abs@avira.com [2014-10-07]
FF Extension: NoScript - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-16]
FF Extension: Adblock Plus - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-08]

Chrome: 
=======
CHR HomePage: Default -> 823DD223DCC4DFD0C732AE8DD7DA7380F7E31003D0BFAEAA938D81706B5EEEF2
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR Profile: C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Adblock Plus) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchmpbaclbiioedakpcldenooikekokm [2014-10-10]
CHR Extension: (Google Wallet) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-08] (AVAST Software)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-08] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 11:51 - 2014-10-11 11:51 - 00013590 _____ () C:\Users\Non1can\Desktop\FRST.txt
2014-10-10 21:18 - 2014-10-10 21:18 - 00000020 _____ () C:\Windows\Ðúx
2014-10-10 18:59 - 2014-10-10 19:05 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-10-10 15:25 - 2014-10-11 11:51 - 00000000 ___DC () C:\FRST
2014-10-10 15:24 - 2014-10-10 15:24 - 02109952 _____ (Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe
2014-10-10 13:04 - 2014-10-11 09:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-10 13:04 - 2014-10-10 13:04 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-10 13:04 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-10 13:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-10 13:02 - 2014-10-10 13:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Non1can\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-09 23:10 - 2014-10-09 23:25 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Riot Games
2014-10-09 23:04 - 2014-10-09 23:06 - 30668968 _____ (Riot Games) C:\Users\Non1can\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\Program Files\Java
2014-10-09 15:19 - 2014-10-09 15:19 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-10-09 15:19 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\temp
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\projects
2014-10-08 14:58 - 2014-10-08 14:58 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\AVAST Software
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 14:56 - 2014-10-10 18:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-08 14:56 - 2014-10-08 14:57 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-08 14:56 - 2014-10-08 14:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-08 14:44 - 2014-10-08 14:50 - 91906368 _____ (AVAST Software) C:\Users\Non1can\Desktop\avast_free_antivirus_setup_9.0.2021.exe
2014-10-07 16:02 - 2014-10-07 16:04 - 00000000 ___RD () C:\Users\Non1can\Desktop\Business
2014-10-07 15:19 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-07 15:19 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-07 15:18 - 2014-10-07 15:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-07 15:18 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-07 15:17 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-07 15:14 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-07 15:14 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-10-07 15:14 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-10-03 15:17 - 2014-10-03 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-03 11:07 - 2014-10-03 11:08 - 00000000 ____D () C:\Users\Non1can\Desktop\Fest
2014-09-30 22:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 22:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 10:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 00:53 - 2014-09-29 18:03 - 00000000 ___DC () C:\Procurement
2014-09-24 00:53 - 2014-09-24 00:53 - 00000642 _____ () C:\Users\Public\Desktop\Procurement.lnk
2014-09-24 00:53 - 2014-09-24 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Procurement
2014-09-19 17:09 - 2014-09-19 17:10 - 03833817 _____ () C:\Users\Non1can\Downloads\Procurement.1.8.4.zip
2014-09-16 00:15 - 2014-09-16 00:15 - 00015355 _____ () C:\Users\Non1can\Downloads\RF calculator.xlsx
2014-09-11 01:51 - 2014-09-11 01:51 - 02523919 _____ () C:\Users\Non1can\Documents\Logs-2014-09-11T01-50-25.gz

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-08-14 04:57 - 2012-05-14 18:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-08-14 04:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-11 11:52 - 2013-05-01 13:05 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\NetSpeedMonitor
2014-10-11 11:13 - 2014-03-15 10:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 09:27 - 2013-08-17 02:34 - 01814310 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 09:15 - 2012-03-25 01:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-11 08:35 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 08:35 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 08:26 - 2014-03-15 10:42 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 08:24 - 2012-04-02 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 08:24 - 2012-03-24 21:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-11 08:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-10 21:24 - 2012-03-25 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-10-10 21:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-10 19:16 - 2014-07-21 14:39 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Adobe
2014-10-10 19:09 - 2012-04-02 18:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-10 19:09 - 2012-04-02 18:05 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-10 19:09 - 2012-03-24 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-10 17:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-10-10 13:52 - 2012-03-25 18:07 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Skype
2014-10-10 13:20 - 2012-03-24 19:30 - 00000000 ____D () C:\Windows\pss
2014-10-10 12:05 - 2013-01-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-10 12:05 - 2012-03-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-10-10 11:45 - 2013-07-18 22:37 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 23:07 - 2012-03-24 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-09 15:19 - 2014-02-22 16:44 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Thunderbird
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-09 15:19 - 2013-06-06 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-10-09 15:12 - 2013-01-14 17:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-08 14:55 - 2012-03-27 04:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-08 14:48 - 2012-06-20 00:25 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Deployment
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Notepad++
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-10-08 14:37 - 2013-02-03 13:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-08 11:03 - 2013-02-04 23:57 - 00000000 ____D () C:\Users\Non1can\Documents\Paradox Interactive
2014-10-08 08:26 - 2012-03-25 03:30 - 00000000 ____D () C:\Users\Non1can\Documents\My Games
2014-10-07 18:20 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-10-07 18:20 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-10-07 18:20 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 15:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 15:28 - 2013-11-19 22:10 - 00000000 ____D () C:\Users\Non1can\AppData\Local\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-07 15:18 - 2013-07-18 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-07 15:17 - 2012-03-24 21:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-07 14:53 - 2012-03-25 03:43 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\TS3Client
2014-10-07 11:45 - 2013-02-16 15:34 - 00000000 ___RD () C:\Users\Non1can\WDokumente
2014-10-03 15:17 - 2012-10-28 20:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 15:17 - 2012-03-25 18:07 - 00000000 ____D () C:\ProgramData\Skype
2014-10-03 14:23 - 2014-04-12 21:22 - 00000000 ____D () C:\ProgramData\Origin
2014-09-28 12:07 - 2013-01-11 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-27 09:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 07:04 - 2014-07-02 12:24 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Winamp
2014-09-22 08:42 - 2012-03-24 20:08 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\tSH05K6U.dat


Some content of TEMP:
====================
C:\Users\Non1can\AppData\Local\Temp\NGM.exe
C:\Users\Non1can\AppData\Local\Temp\NGMDll.dll
C:\Users\Non1can\AppData\Local\Temp\NGMResource.dll
C:\Users\Non1can\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Non1can\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 00:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Non1can at 2014-10-11 11:52:13
Running from C:\Users\Non1can\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte / related Design)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
ENSLAVED™: Odyssey to the West™ Premium Edition (HKLM-x32\...\Steam App 245280) (Version:  - Ninja Theory)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Tale Worlds)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Procurement version 1.8.5 (HKLM-x32\...\{882BE018-B5AB-4A70-9B8D-2A2A14162F61}_is1) (Version: 1.8.5 - Stickymaddness)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1003 - Firefly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.3 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3461773620-3276519411-1504451298-1000_Classes\CLSID\{13eaa141-4226-42be-aa5e-b1adec517e84}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3461773620-3276519411-1504451298-1000_Classes\CLSID\{fab06736-894a-43f8-b39e-eb267e4ecc17}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

09-10-2014 13:20:04 Windows Update
09-10-2014 13:23:01 Windows Update
09-10-2014 21:06:49 Entfernt League of Legends
09-10-2014 21:11:52 Installed League of Legends
09-10-2014 21:12:49 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
09-10-2014 21:15:08 Installed League of Legends
09-10-2014 21:15:44 DirectX wurde installiert
09-10-2014 21:22:13 Removed League of Legends
09-10-2014 21:24:07 Installed League of Legends
09-10-2014 21:24:35 DirectX wurde installiert
10-10-2014 15:11:16 Removed Microsoft Games for Windows Marketplace
10-10-2014 19:15:57 Windows Live Essentials
10-10-2014 19:16:37 WLSetup
11-10-2014 06:30:55 Removed League of Legends
11-10-2014 06:49:41 Removed Microsoft XNA Framework Redistributable 3.1

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D10678-F78A-4625-88FB-9E1EE57909C7} - System32\Tasks\{46A01BFB-D04B-4B49-BF0E-9E5DC42B0145} => C:\Program Files (x86)\Opera\Opera.exe
Task: {07695DF5-8DF5-44C5-9AE5-B6FFCF8F323B} - System32\Tasks\{0C161626-6131-4050-87FA-0DB9EFD9354C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {08DE40E7-51AC-49A1-8D08-9AE410A33717} - System32\Tasks\{A6A759A2-AAB8-4D9A-94D3-1C78D935E860} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0B0DDD79-AFEC-45E4-B58A-10178FE30350} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {0FE1E3A4-24FA-4010-83C9-549F82EAAA03} - System32\Tasks\{A28EC4C8-A5BB-4875-8BAA-EACE5107F706} => C:\Program Files (x86)\Opera\Opera.exe
Task: {12BAEDF3-FDF9-49B3-89E2-FE71CF16F040} - System32\Tasks\{C46AB271-36EC-494C-A664-58F2FFD760F5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {12F12A78-559B-4FEC-B855-54C96846A565} - System32\Tasks\{F7F05B55-3AC1-48B7-B320-E955793349EA} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1C44E002-5193-45E7-BD16-1C9D14B12F7A} - System32\Tasks\{2E929731-BC61-4DCD-AA1D-78C06AA7B357} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1E3C40EA-A6CA-49CA-811E-F0614720CDB7} - System32\Tasks\{E8BE56B2-D990-4A26-880A-6C0CD3B8320D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2746DFCB-C6B1-4BFB-94A7-F1E9C87A7423} - System32\Tasks\{290266A5-AAC6-4344-B400-43988D8EF240} => C:\Program Files (x86)\Opera\Opera.exe
Task: {280D7C75-D06B-4B3D-A303-11E64B426C8F} - System32\Tasks\{E32CC954-002E-4A50-9625-8B33F8D96C5F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {29281705-F676-4C0A-92D1-96451586D061} - System32\Tasks\{D2305CCA-A7CD-49D5-9A86-109B6CF91FF3} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2BFBDDEA-AAEE-4EF6-869F-70AE579A00D6} - System32\Tasks\{C053B3DD-1D00-47C2-8B09-AFB063D6490C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {312F018A-A62F-4795-B382-4076F5F5E55D} - System32\Tasks\{7E18D34F-F2CA-4562-9D7A-8B9D7B4BF252} => C:\Program Files (x86)\Opera\Opera.exe
Task: {335170F8-65AE-4E8A-B478-ADCF86265058} - System32\Tasks\{408D3A4F-0461-44B1-ACF0-4C0EFFC5DF0F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {37441F94-9A38-4566-8719-A3B2732C2F23} - System32\Tasks\{7FC77AF4-0938-4F5C-ACA6-EF4CB30B1A54} => C:\Program Files (x86)\Opera\Opera.exe
Task: {42EBB50F-5059-4F13-AA1B-F80183E9BB6A} - System32\Tasks\{BBCAD2C1-0851-43C0-ACD0-8BB275647359} => C:\Program Files (x86)\Opera\Opera.exe
Task: {45DFB420-DE68-469F-A6F9-F2700D7C8E98} - System32\Tasks\{3A185D05-1AB6-47A5-A3EC-557F5A7B7389} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4688F4DE-E24B-4FC6-B122-D5183BD6B15E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-08] (AVAST Software)
Task: {46C96100-D760-42E4-9F0B-555ED99706D3} - System32\Tasks\{E40C084C-C848-4203-BCAC-D51FE075F438} => C:\Program Files (x86)\Opera\Opera.exe
Task: {489BA7E2-CC9D-4DDB-91F2-25F63B70CD40} - System32\Tasks\{235EF654-4F7A-4EE9-9430-020487F041DA} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4E11D8E7-E702-4FEC-B9FC-E9BF1406590A} - System32\Tasks\{ACE48844-64B1-47CA-BF13-20086BEC1D78} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5755A8C3-83A7-49A0-9F0C-81BF2B59CE35} - System32\Tasks\{FB5A2420-3A4D-4DA7-8B09-0C0EBB6A8A46} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BC97DE6-194C-419E-B272-10DEDC01384F} - System32\Tasks\{07F33162-1968-4FF4-910C-EE504F5E5238} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C238B04-9D48-43ED-8A00-03AB6D3989EF} - System32\Tasks\{45F4FDB5-4934-4A5A-A5AB-1E8016555C51} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C690C75-8807-46CD-A5AD-78E43EBF27DD} - System32\Tasks\{8F9E23C3-A0D0-493E-AE3F-6A3D852B415B} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5E69A16C-51D4-4680-AFA3-FF3C54AE1BA5} - System32\Tasks\{303AA2C6-C5AD-4FFC-94FA-100C37DBA59F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5EBFF66D-3DAD-4749-A45D-1C7F05D5634D} - System32\Tasks\{D04B1168-E0EF-476B-9462-8A924E52535F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5FE28A15-1C5B-47C6-9DAF-56782036F624} - System32\Tasks\{335E7F44-5EE3-4A89-A3B3-2BE6D93279E2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {61AF0D2C-9F86-40CD-895C-293992646258} - System32\Tasks\{DDF33E60-31AD-4865-9A52-4DF5FC793A5B} => C:\Program Files (x86)\Opera\Opera.exe
Task: {66D94CF7-F5E1-42C9-8084-22FDA072B4DF} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2013-04-30] ()
Task: {67359624-5EB4-4B6B-880A-29B7F05C70A8} - System32\Tasks\{E40D75C4-6FE2-40BA-8EF4-E832DFBCE572} => C:\Program Files (x86)\Opera\Opera.exe
Task: {68E54D78-7EB6-4631-914D-2D75549E4437} - System32\Tasks\{81B51CEC-B930-415F-8262-CF5C2167BA57} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6AA25002-0F81-4BFB-9973-6B733F21C06A} - System32\Tasks\{878A78E8-6752-4827-838F-259D06B7FB14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D4F5429-F4CA-417E-9DC3-76D99760D527} - System32\Tasks\{B0650676-20BC-432D-8876-5EF1F10E8C73} => C:\Program Files (x86)\Opera\Opera.exe
Task: {73E45171-39A1-4352-B0EE-9746675D9A76} - System32\Tasks\{6F39AD75-70DF-4838-BBF3-0C40AC77CBA0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7884AC50-4381-4B86-B4B9-8D63D0CEFAD3} - System32\Tasks\{EDC4703D-72D6-43E9-B389-12B6FA25B77C} => c:\program files (x86)\opera\opera.exe
Task: {89ED7427-6979-4883-B967-B557B05DBF3B} - System32\Tasks\{B8B4F82D-D134-4369-B4EE-8FF232E94E04} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A5F004E-25D9-4A70-AB74-28B5CC039BF4} - System32\Tasks\{EDDAAFD7-D834-4357-A0A8-52287373AB05} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8BFA44B9-D4BC-4167-A932-EDF246F7E3B3} - System32\Tasks\{E33C29D5-B6B6-4711-B95D-A48719D6960E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5A1A43-0D79-4DFA-ABF1-F38845820C0C} - System32\Tasks\{1E4D0863-4438-4479-AC51-0F506CBEC122} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8FA5FD70-A6AB-4445-A2EA-C010E3F52A38} - System32\Tasks\{19A6B943-F9D5-4D85-80CD-F232127899D9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {93C9CA9B-6D3F-4BE7-997B-B200D60D2C24} - System32\Tasks\{898A099F-0DC7-4F3F-BB65-6B9CC92D9FE0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {980681E7-948E-41DC-9D72-01D8A7BD2F01} - System32\Tasks\{77E608B3-A44C-4FDC-A0F0-850FF5717304} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9B6AAC45-C2BC-480A-848B-615CF1423156} - System32\Tasks\{F064BBD8-F7A2-4DEE-A78F-E63809097038} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9BC4FC8E-8FEA-4A94-967A-637E30CDDAEB} - System32\Tasks\{11A81752-E588-45E3-A15C-AD5C022D0447} => c:\program files (x86)\opera\opera.exe
Task: {9E1AFD8D-5A58-4985-8C87-B4FB537F8444} - System32\Tasks\{399E8F44-B9C5-4F18-85C8-E90E445F11D8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5814533-521E-4EB0-BE30-8893CD3B223D} - System32\Tasks\{F1F4A76F-AA32-4CAD-9EE4-674453938BA1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A94BF6D3-7CD7-4C31-B209-4C1023A051A4} - System32\Tasks\{26D7FF63-320F-4270-AEF7-32C2911411E8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A9D5A27C-D20E-4222-B18E-1CD437D0A742} - System32\Tasks\{DCCECE59-3882-4289-AC6B-5E5CA0D2C75A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {AADA4375-FA55-4BB7-B4B3-1C59996CE84C} - System32\Tasks\{64A1616D-94F2-4156-BF09-56944D21B524} => C:\Program Files (x86)\Opera\Opera.exe
Task: {AE527A6E-39D0-48BC-A5D3-06B61CA40623} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-10] (Adobe Systems Incorporated)
Task: {AF75CCD1-07D1-44DD-B5E3-80503D92249C} - System32\Tasks\{A83B26F1-C9BD-4CF2-8B73-54C87A113556} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B001C091-91EA-4489-92C3-8A2492A9A7FC} - System32\Tasks\{95EA003A-9106-4338-824A-E94AE123EB2D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B00EE2E1-9B28-43F2-91D4-E9CB752AB935} - System32\Tasks\{F4035AAA-3DD9-44BC-BBF9-0C059227FC74} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BD34CD79-893F-4021-AC8F-8A7A89823C89} - System32\Tasks\{EE8B4716-0311-4A60-A78F-8FC651BC796F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BDA6CC70-5CA9-41CD-B7DF-9C358790C83A} - System32\Tasks\{743374C6-5497-4B99-8320-782DC9C4BC20} => C:\Program Files (x86)\Opera\Opera.exe
Task: {C080C204-5DD4-4C6B-B09D-4903A6FAC79B} - System32\Tasks\{AD3ED666-74F6-4186-9E66-913881E86110} => C:\Program Files (x86)\Opera\Opera.exe
Task: {C0C8827F-5E48-49B3-AA6D-CB9F2F116680} - System32\Tasks\{49C90EDC-924F-40B7-B19B-582E00DF9ABE} => c:\program files (x86)\opera\opera.exe
Task: {C648D30F-304D-4923-BCDE-D706AFA93A0E} - System32\Tasks\{E4A94060-24E2-4BDB-A546-68F232C87935} => c:\program files (x86)\opera\opera.exe
Task: {C7453D0C-F69F-4891-8A7A-E30B88CAFAAB} - System32\Tasks\{14EB019F-190A-4F49-9315-1310669DA76A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CB12AAD0-6E70-444E-B010-A2DF80627A17} - System32\Tasks\{19DBA06B-D485-4107-8B6C-8D0A9C2CD8AF} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D32F6E70-516A-4122-8B12-6D0765784F97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {D52FE97D-6B2D-431E-8E45-6847C21F3BCB} - System32\Tasks\{EF20C62C-9621-4F73-8B88-396AC031A7A6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DD32226C-123E-457A-99B1-F1CB8383DD03} - System32\Tasks\{A9B10031-A5A9-4913-99E5-26A5A4A9BD91} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DDAA9FDC-8607-42AA-BF5B-A1ED8B4DA372} - System32\Tasks\{8BFF4C05-4270-462B-B289-8C19DE6732D7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {DE9FC147-7B15-4FA3-BC33-1CC8A4BC6A87} - System32\Tasks\{CC9055F0-7B63-44E3-B348-B57ABA62E58C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E3DAF1C9-49E4-448C-8CE9-2F2CE706C42B} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {E669B9D4-5D64-47D9-9EBF-A7B6F611CAAE} - System32\Tasks\{1386B072-D243-45C3-9FA0-636B3C79BBDF} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EEC56B8A-B348-46EC-96B3-E3A010FDD43B} - System32\Tasks\{19799715-7282-4AAD-BB57-AE67B66E478C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EFC22016-8ECC-476E-9F5B-A15831C2610F} - System32\Tasks\{99F025DB-CCBA-4336-A83A-DB694C3C99F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F2193DFD-B976-4E23-A559-C2DD256F9257} - System32\Tasks\{6E52FD5D-F020-48BD-A11D-3AB7DB94FCD9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {F390EF24-F341-415C-AF5D-EAB5EDB29E15} - System32\Tasks\{A2A2929B-BFC4-44AC-92AB-9263047EC52C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {F8288C14-58DC-4981-B32B-AC21541F3118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {FD912F92-C42A-40B7-A8DE-98084EFF49DA} - System32\Tasks\{DE5DEBEE-C8A0-4097-8849-7ABC86CF33E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-27 00:19 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-05-12 16:39 - 2012-08-05 21:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-10 23:10 - 2014-10-10 23:10 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101001\algo.dll
2014-10-08 14:56 - 2014-10-08 14:56 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-24 19:18 - 2009-03-19 23:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2012-03-24 19:18 - 2009-03-19 23:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2012-03-24 19:18 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2012-03-24 19:18 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-08-22 16:43 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 16:43 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 16:43 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 18:10 - 2014-10-02 01:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-01 18:53 - 2014-10-09 19:54 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 16:43 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 16:43 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-03-25 01:14 - 2014-10-09 19:53 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-03-25 01:14 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-23 21:37 - 2014-09-05 01:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
AlternateDataStreams: C:\Users\Non1can\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Non1can\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: BCUService => 2
MSCONFIG\Services: becldr3Service => 3
MSCONFIG\Services: BotkindSyncService => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: Radio.fx => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Non1can^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BCU => "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MKLOL => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NCUpdateHelper => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

========================= Accounts: ==========================

Administrator (S-1-5-21-3461773620-3276519411-1504451298-500 - Administrator - Disabled)
Gast (S-1-5-21-3461773620-3276519411-1504451298-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3461773620-3276519411-1504451298-1004 - Limited - Enabled)
Non1can (S-1-5-21-3461773620-3276519411-1504451298-1000 - Administrator - Enabled) => C:\Users\Non1can

==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (10/11/2014 08:30:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cd4

Startzeit: 01cfe51cceeaa400

Endzeit: 0

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 11289040-5110-11e4-8a46-c860005e71f3

Error: (10/10/2014 09:29:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1638

Startzeit: 01cfe4c07e454af3

Endzeit: 2

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: c1f375c0-50b3-11e4-9807-c860005e71f3

Error: (10/10/2014 06:02:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0xce0
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 06:02:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0x300
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 06:02:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0x1100
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 00:08:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0xb7c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 00:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.8.760.0, Zeitstempel: 0x53b4501b
Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.4052, Zeitstempel: 0x53b44850
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005e337
ID des fehlerhaften Prozesses: 0xe90
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3

Error: (10/10/2014 09:55:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLPatcher.exe, Version: 0.2.0.133, Zeitstempel: 0x543448ef
Name des fehlerhaften Moduls: LoLPatcher.exe, Version: 0.2.0.133, Zeitstempel: 0x543448ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0011ea53
ID des fehlerhaften Prozesses: 0xf0c
Startzeit der fehlerhaften Anwendung: 0xLoLPatcher.exe0
Pfad der fehlerhaften Anwendung: LoLPatcher.exe1
Pfad des fehlerhaften Moduls: LoLPatcher.exe2
Berichtskennung: LoLPatcher.exe3

Error: (10/09/2014 11:26:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000223e0
ID des fehlerhaften Prozesses: 0xab4
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3

Error: (10/09/2014 11:23:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195, Zeitstempel: 0x4dcddbf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x143c
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3


System errors:
=============
Error: (10/11/2014 08:25:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/11/2014 08:24:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎10.‎2014 um 00:06:57 unerwartet heruntergefahren.

Error: (10/10/2014 06:13:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/10/2014 06:08:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 05:50:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 01:53:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 01:16:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:40:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/10/2014 00:39:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎10.‎2014 um 12:38:04 unerwartet heruntergefahren.

Error: (10/10/2014 00:36:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-04-02 22:31:54.440
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.291
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 22:31:54.169
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.886
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.806
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:25.674
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:24.841
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-02 21:44:24.761
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Mülleimer\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 960T Processor
Percentage of memory in use: 24%
Total physical RAM: 8190.12 MB
Available physical RAM: 6186.36 MB
Total Pagefile: 20188.3 MB
Available Pagefile: 18192.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:509.47 GB) (Free:213.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:422.04 GB) (Free:104.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 19A9D3B7)
Partition 1: (Active) - (Size=509.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=422 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 12.10.2014, 10:00   #5
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.10.2014, 11:37   #6
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Erstmal AdwCleaner ausgeführt, jedoch spuckt Chrome beim Start und Öffnen von Tabs jetzt folgende Fehlermeldung aus (ursprünglich sollte das FoxTab Addon für Chrome geladen werden).

Code:
ATTFilter
# AdwCleaner v3.311 - Bericht erstellt am 12/10/2014 um 12:14:56
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Non1can - DANIEL
# Gestartet von : C:\Users\Non1can\Desktop\AdwCleaner_3.311.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\SecTaskMan
Ordner Gelöscht : C:\Program Files (x86)\BetterDesktopTool
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tobit
Ordner Gelöscht : C:\Users\Non1can\AppData\Local\BetterDesktopTool
Ordner Gelöscht : C:\Users\Non1can\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Non1can\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\Non1can\AppData\Roaming\Tobit
Ordner Gelöscht : C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchmpbaclbiioedakpcldenooikekokm

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\5d55ddd0b76ebd44
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 de)

[ Datei : C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ Datei : C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C39C860005E71F3&affID=121564&tt=040813_10&tsp=4965

*************************

AdwCleaner[R0].txt - [2460 octets] - [12/10/2014 12:13:30]
AdwCleaner[S0].txt - [2185 octets] - [12/10/2014 12:14:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2245 octets] ##########
         
Junkware spuckte folgendes aus:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Non1can on 12.10.2014 at 12:28:29,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\SPEEDFAN.EXE-B8689DB0.pf



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{002EE845-9E92-4632-AD7C-CA9BD9A03998}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{005AED86-4043-4904-A7CF-5EEDA7145330}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{018005AE-3D69-4F70-AC03-C41349B840EA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{025C098F-67CC-407E-A195-C94A620C74D1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{03AC59E8-4EB8-450A-A4C6-794AEED85E3E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{03DC1FE0-1C38-4F5F-A037-04DBE70497ED}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0400C678-B20B-4556-B678-7CD24B8A54AA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0428F960-DD09-475F-8D23-C60D6334821D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{048BEE5E-E77E-46E0-B70E-9CDB7D57670D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{064E69ED-CA28-4EF7-9C80-72DCEED7D7FE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0683C442-DBC2-497F-8369-60E8A41EDE7E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{06F7776C-BA86-4EB9-A89E-0E59AA51B8A0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0789D790-EB79-451D-8A7C-615D58FA35C5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{08BD89A8-4578-4168-BF70-0820B3B4B8D5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{09099683-442E-499D-834A-6F60F45764E4}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{093EDF0E-7ADE-43F2-919B-090C3419AA8F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0A5BB331-5283-421D-A956-D02669A2E5A0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0C36CF0B-AA34-49F5-8C37-21240DA99675}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0DB10761-E264-4741-BBAA-908864D0B7BC}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0E748CE2-4193-4487-ABE1-AFCEE2006870}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0EB40BBE-7EAA-42DD-914B-963FCAA4EE61}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0ED23C12-F9D2-45C0-80BD-7C5BE90C9A42}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0EDDB380-5966-462B-B0A2-83B0A645D935}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0F2BBDE7-B96B-408C-86F6-32832A11A07B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0F7BA923-BBEB-4657-81A9-3DC64ADCA2CB}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0F9B2B50-0DA2-40B8-8478-89EFEA00A695}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{0FC88C1E-8BAA-49C9-9971-904416154715}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{10C46943-DB4B-49D6-BD4A-16567EF24A49}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1136485D-5DD4-4225-AA91-2B2B28FFA05B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{138DB38B-C924-41EC-86A5-3A566A1B7D5A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1483F731-080C-40BB-A276-25E44A78EB43}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{17CEC34F-3337-44B4-9847-9A61A511D749}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1867B1FB-BB14-4C00-A9EA-2F313BD09622}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{188F96B1-8280-4BA0-A397-CE90ACB0FB3E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{191E3AE9-EFB8-4A98-9A56-D7796E61CE09}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1946F026-1B5D-41D7-A95D-A1A36BB2F286}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1B1ACA0A-3336-4782-A887-412D76A39AE7}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1B877F86-6379-422D-958B-BCE68A33DD98}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1CF1941C-E9A4-4109-A7C8-7D2A1EA177EB}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1DD98234-3154-4E75-A05E-57E29268A91B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1DDA327B-B7ED-45D1-BB35-0BBD80C920A5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1EA94029-6218-4C66-8D60-15BF463D8E4C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1ED16710-C8BF-436C-890C-9AF8D0A8EA07}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1F44956D-7C5C-471A-AEAB-5E1FCEE04B73}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{1FC4D34F-7463-4029-BE2D-D112F49726D5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{221B7D35-AE4E-4AD0-97A8-506B3C2E0E42}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{22399A2B-A57C-4271-B918-65BD7892B75F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{22908B05-BE3F-48D4-AA5E-90FF8903F44B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{22C5553C-B569-4859-A788-9AFFC1608B06}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{22D6D972-25FC-433B-A9DC-CE4563046493}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{230B68DD-374F-4148-A9A9-6FDD0E39110D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{247256A1-72B1-403A-9B2A-295E58D09CD8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{259FEC7D-7C26-45EB-8DAF-6B0E267755F8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{25D5B86D-1D1C-427D-AE22-623E0F644856}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{264071E1-7DB0-4A1F-80EF-37C5900E77EC}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{27E6F084-300F-4831-9BEE-BBCE36ED82E0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{27F9FD32-DE61-40B1-9C72-FED62895495F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2830A44C-F9A1-4E09-A6E7-17B9EAEA167F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{28717464-E988-45B7-A70E-58FE554EA1B5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{28DE735B-F67A-476B-94B0-222D68C01A75}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{29020B84-24D9-4D18-AE19-0063058FF201}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{291779A5-84B6-4102-ABBF-20963B8B3A12}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{29D0D2FD-2146-4250-B2AF-900437B9596B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{29E0EE85-2517-437F-AEE2-0C91CAF0DB84}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2A1B56B0-ACA9-4CA7-A66C-A6CAA9773D5A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2A882945-8104-4BF2-81DD-892980EAB46B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2CC8D8AB-A64D-41FF-87BD-2AA05305733C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2DF7BD03-1448-4346-8169-F9A97B73E496}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2E09195A-B110-419E-9EAF-3859FD030A5D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2EB1CC70-49F8-4916-A408-7A504D9CBA57}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{2FEDB924-9671-4AA6-8493-2D2752A50C1D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{30DE8B13-6095-4E55-9CE9-3E5F6A5147EF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{31165E48-B5C8-4EE3-B6A0-42E733A692D0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{32C8D867-B53E-4CBC-8593-813576E69FE1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{335757E2-1A69-401A-A87C-32A8D1643095}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{33FB5071-2792-474F-BA1D-96C0E6BAF37F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{349129A8-57B9-4C5B-A518-E5B7AD20475C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3495BB1D-3990-4C88-AACB-DBFA4D44D5FF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{34A76A3B-8A30-41DD-AD74-36A47D68469A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3532E926-CEB4-44A3-8723-FE6A4584D551}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{358CA638-29CB-4040-8B73-A3EA10012725}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{384BCA2B-FDBC-468E-B74C-C261BD533A53}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3AF6C360-58FF-4558-A76A-E240AB2C2CB9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3B10D3EE-1C00-424A-8F00-CBF5BB98E983}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3C0D3D72-2456-477D-87E1-F363A8B1F00E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3E2DDBDE-00DF-4E9A-A2EC-67295680BD89}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3E4FAFDE-C6B6-44AF-9335-F0E8A04C9106}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3E72AC41-19C3-4EA5-84D2-E54DCF1BCA27}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3F202E33-F74F-4A75-98C2-791786F768CA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{3F2AEFD7-7052-4C8A-9AE9-09CCEAAE1B8F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{41FEDC3C-0E81-4943-B430-36671FCAB650}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{421C9495-8667-4992-BA38-99BC42764604}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{42EE2747-0ABA-4894-A614-0D6E0671C38F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{45BC4529-9265-4ADF-9F05-20AF917997A7}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4720E34A-9A03-4953-BEFB-DA7E1D26E88E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4799239B-6326-4E17-A58F-9123C369AB87}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4826ED3B-C70D-4028-AE6D-B2A436BF1A59}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{48F4DE08-E09B-4B91-8A94-D5E9594C1989}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{48FFDB35-42F1-4916-9808-BB05D9FBEEC4}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4C44EEFB-3D03-4288-B640-B7D1CF1DA63D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4EE60133-E950-4EA7-A333-4650FAE50BFF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4EFC6628-631E-4DC9-BA4A-FD1B5E5CB673}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{4F941CFA-3893-48F1-96FC-05C42A63FE38}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5087D25A-A0AB-4920-A675-4EF985C3D740}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{51846C34-6818-4FA8-A118-94202E56C661}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{51BFE4AA-82E2-48F0-BD24-221F43E83C23}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{51E7432D-22CA-4455-8583-92C1B3E37B10}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{534B272F-8537-4014-86AD-3D00EE07A599}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{53F338A3-0AE7-4A8A-A4AE-91FB9F63D329}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{54AB598D-7A90-47F9-848D-2D02A19FDE88}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{55A2B7F2-A0FA-4AE8-8C1B-27E122E46FF9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{562F755C-681E-4ED0-AE47-8C4CD7F95F23}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{56C023E4-3104-42A1-A13E-2E39C980E6F6}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{56CB5945-8625-4878-8333-D3436185625E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{59B3AD07-70B5-4AF2-A476-586235055660}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{59EE0766-F7B0-4011-8D32-6A1F83209020}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5B565FB7-8AA1-44EC-B2BB-C1DD3E9CD46D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5C16E176-C9D7-48A9-B868-6BC9B54EECF4}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5C299202-E874-4F5A-B8BA-60474F2973AC}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5C4393F4-EC6C-4AF5-88C7-6B36DCC43ABD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5C600C5C-6235-447F-B84F-356C68FDE76C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5E813B91-0947-4005-A657-EB5A963C4B0E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5F31100D-009D-4204-B767-92B9396E95A7}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{5FFE1E4A-B898-4400-9DBD-5D38118C19BB}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{608C8C8A-B017-4888-BD8F-EE998F2200F3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{60F093C2-FA24-42D0-AEEC-8E73AFB196DC}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{61D34E05-5236-4F25-BAFA-98E23C71B535}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{62EF318E-5747-4B8C-B0E3-2F4A325A471F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{62F7414A-4534-4BBD-BCE5-B83F4F6B2A78}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6349FB78-A806-4BC3-BE99-05EA122249F0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{643BDFE2-6982-4A30-AE8D-BCA3ABB8B10E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{65114D3D-5DCC-48C3-9869-99C78BBD7B74}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{669C7B6C-779E-4830-B294-CC36C0384EFE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{67C8CA4D-ED2F-44AB-B536-45D2C62B9327}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{68F6B227-5750-4F53-9ECC-01DACB529BD7}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{690977EF-FA00-4BC4-B7E4-A7CB379AB4D0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{699FF349-2277-40F6-9B91-E4F652D306FD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6A136117-766C-4B40-A3EE-CCBF989875E3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6A657CD6-D278-42C0-9DC7-750B482E7E33}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6B1A1745-6B35-4856-969D-9E0F816D71AD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6B5E0BB2-66EB-4AF5-9A9A-639BD054246A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6B601E0F-5258-4BC9-8043-F3763A78631E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6C620B8E-FB9C-4BA9-B836-8A1CD9AF5F8E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6C7FB597-AF2E-4955-8C7A-A1179A90D9FC}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6D22F92A-9EBE-4D32-B3A6-3C8CEB97E0FF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6DAA38F1-63D5-4682-84B4-D5F71D20409B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6F3B7D3B-9D21-478B-A0A2-F076F15640F8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{6FC66DB8-6085-41B9-A27D-DDDA932C2D8E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{700F29AE-EE44-4CC6-AE46-7F8FE91AB281}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{703EB0B7-537D-48D6-8D55-9EDBF1453064}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{710E0577-6AF5-4A8B-B0BB-8C5510971025}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{71D65075-B12A-4E2A-8183-E2398D793295}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{730CABCE-A8B7-4C9B-84D1-626A16DB215D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{73FAE81B-9116-47B3-B905-D8ADBBBB476C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{74045B83-1FA6-4515-BAA7-55203086705E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{76DF9458-DC24-4CC4-B487-780BEF9FFD36}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{7A0994C6-01F9-4D58-991E-36ABA03838EE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{7A794037-F6E4-4319-96C1-CD320200AF8F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{7B25848C-2A93-4477-ABEE-B2DE391BDA49}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{7C378E95-EE7B-4E21-8CC4-41F61FAEB90A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{7EF26BEA-8EE3-4128-9A56-995C3035DEDB}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{80D3A757-A544-4466-8CF3-358E3D1284D6}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{823B525A-4686-4CE7-ACE3-A910C15EA3C3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{838BAD40-D497-49D1-881E-C5C3F0505AE3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{845BD58E-4C98-41BF-8537-6AF710004D8F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8523D406-2CBD-4587-A90D-D50E338B3B3E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{87AEBD66-D187-4055-8A61-64A2C0D3CCDF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8969D481-2DAF-4333-A717-9AFDAFB6015E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8A2FBC60-5F2E-4201-A5A1-B79F1A533DD9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8AFFDB13-E8E7-4EBA-9285-43770B4A85E8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8BAA5E96-98AD-4CC3-A85C-F78F0461396F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8BCA314A-8F95-4583-B9A6-F7462BF455B9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8DD5A031-DE45-4626-ADF9-D5404FF8D49C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8E418EAD-35F1-4850-B470-87293252A86E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8E8D0DBE-7943-44E8-97AD-4BBA3E91794B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8F48A12C-EE47-4440-893A-E4CA58725AC4}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{8FB74955-1F4C-4D50-B1CA-39BE81BD67EA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{90FC8460-6FD3-48F1-A25E-6EB119A0A7A5}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{919D236F-D474-4F6B-A488-16BA9EEE3479}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{92C538E3-C93D-4EAC-AC20-046B4818ED2F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{92EAA7C1-F415-455A-AC0A-1F19CC69D112}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{943CC9CA-5AC0-4DCD-9DFC-666FFC7E9330}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{94ACF2B6-CE1E-43D5-A415-C3AA239F1FF9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{94F4AC9D-C990-42CF-8485-28F21E2C3021}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9531AA29-F5CC-4700-8ECB-FEE2366E02C1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{99842A4D-B791-4978-AD70-E47402DDD7D9}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9A285083-29D2-4DC5-BFB6-CDD63EE5F0DA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9AF6EB8E-66CA-4D48-B465-F4C92CEFC992}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9BEF4FF3-4E3C-4DA5-9C56-EBB7783A997F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9CA8376B-3F93-4CCD-AE87-EF759E8D0437}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{9D98D101-D74E-46D8-B7A4-E4DFFCD99F83}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A01ACA0D-5638-4CB7-96FC-41D6E8E30FDD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A159D5CF-7979-4E2B-B4D7-42C78FFC0321}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A1F1A9A7-1179-4005-A464-2F2D8CC89100}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A288055F-60D4-4514-B855-7FCCED22FA3E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A28A2292-ABC2-4830-96B9-FFAEDE4D91D3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A32A50AB-F9E9-4424-964B-29FB9BB441BF}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A3303227-7371-468B-9954-B79BB69EB0DE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A40A8007-3B04-49C7-AE3A-937B077143A0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A454E5C6-2CD9-4A02-8EDE-BB3E3BD7311D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A5029B63-0106-4512-AE62-53E91EA1B629}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A53AC05C-D844-44FE-9465-FC71663AB06A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A6897BB3-0064-4A64-8ADB-5AFD1118CC44}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A813CCE6-E876-433B-A5FB-18DAA2E49C4A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A8CE7502-9BEB-4F6D-BEFB-0DFA82CD2BB8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A8FEE146-E2E8-4E47-A194-CFDED7DC8952}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A94C52BC-0D4E-42DE-9252-D2E11480FEE8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{A9FEB820-3AA4-48EB-BF8F-BE879A7F9304}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{AB185154-B4A7-48C0-9492-F9B40B5DBA6C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{AB329E31-F051-4FDA-94D1-47B669D7D59A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{ABF8FED6-DC34-4E9D-94D4-09667AF169DA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{ADA77564-7977-4B2A-82C1-C89BCF8569F1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{AE3949F2-58E5-4CAC-A957-8B4F9393552B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{AF81195E-2AC4-4DAA-B5AF-3675E843EAE2}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B00C9615-2EA9-45B8-A465-B3A7E2BF155B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B0AFE450-452D-4CF1-B9BF-9AB031D6CDB2}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B2407407-5707-4BED-896A-D3181BD9BB9E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B2451B69-6624-4C59-8D74-5157894B9921}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B2773F98-208C-4197-A6F4-52D3FAD8A6A2}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B3AB33A2-E733-4625-9C27-D5043B3B528A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B531614E-DD31-4AA4-BFBD-F80FC8C70168}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B7D7832C-4552-4812-B3EB-90F3392B6AC8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B8540DAF-16C3-47E7-BC66-CD5DF542188F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B87B780C-167B-49F8-ACF6-A42BDF78D58E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B886AA05-6D7A-4E3C-B522-804E4D9D688C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B93E14F2-F1DC-4576-8210-23F91D6EA51A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{B9D51974-AB9E-48AE-9351-794E655FFCBD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BA4FDEE8-DB21-4873-8B39-7B184DFF18BE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BCAB24DD-5A56-4DA2-BF7B-433FA7D0BD43}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BD483EA9-449E-4D89-B592-7E299F1AE35C}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BD6919DB-58FB-4AFD-953C-AAE4C46CA0D0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BDCA5962-A4A2-46E8-82CD-BD631F3A5543}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{BEA444F9-B133-4CE5-9CD1-C553E1B80BF1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C139663B-C18C-4426-AAB9-C6D746C8CD3E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C22CB78D-8F3B-454D-A24E-E56A5E845746}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C28EC24F-96E7-42BF-BDB3-52101677BC26}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C52BEDFF-1A1E-49F2-81E0-8C924426F335}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C6415830-A04C-40A7-92B8-0A4A2AB30ED3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C663BC14-EB7E-4678-850A-3777736D8B41}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C6D2F6C3-4FCE-40E0-A763-07B010D0E919}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C7E484CA-65F8-4696-AF47-ED73BA54573A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C7F55EE8-9995-420D-A97A-89808392EE42}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{C8F66D36-53BB-422A-992D-9839DF9D7B76}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CA9FF871-6D9F-43AC-844C-45A326C79253}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CBFD32A6-636A-4C8E-92E8-33AE4F9BDCEE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CC087973-C51C-46D8-9B2E-0C6AA628414D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CC2F5990-07A4-45C1-990C-6442B3BB0295}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CD56E0C9-927A-4E94-B741-D202C1501C71}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CE252970-B72A-4A0F-B19D-F842CD7A4D9F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CE79A867-2B37-45F6-9528-E289D6ADA67A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{CFAAD54A-0997-4465-9849-1FA5607BDAF3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D0E48D1D-AC8F-4322-A688-8AC29A28D13A}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D1503989-74F2-42C1-A884-70F36AB90293}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D31D189D-E467-4528-AA00-4CB47276F554}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D367E534-3B1B-4C8B-ACCA-66FFC7950594}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D3E914DB-F2AE-4F00-AA0F-1AE3C2DA1843}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D58A2F39-371C-40D2-9B93-AE58EA519333}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D60C6DFD-DC3A-42E7-8F1E-6B13D553E2F1}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D66D22A4-FE48-4B6B-B59E-711D59256754}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D6F440C2-2E79-4C00-A0C0-E285EC3C2642}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D8894673-54BA-45ED-B70C-575C405BED35}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D948C8D0-9FEE-4BFB-8357-98588D7D0DB0}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D99B683E-14B3-4523-BDBD-598BB847FC02}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D9A46CEC-812F-4661-8D54-1FC93C83AA0E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{D9C8E543-3EEF-4809-BFF1-71ED3B2E8747}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DA3B4309-81E8-40C5-AA23-BEB93924A8FD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DA7C6131-AC0D-4BFF-BC44-D27C0831EE73}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DD087001-89E0-454F-B09E-7136585DAC71}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DDA6E995-E663-4413-B762-CB5B45AF3ABE}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DDE80617-066D-4D88-A22A-33D4037B9624}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{DE6D7284-A605-4AD6-ADD9-49F6DFF965D8}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E1FCCB17-A912-47AA-BD13-40C7387A4E1D}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E39BB476-90B6-4172-BDA5-E38FA47FEE59}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E3D8515E-4DF7-4A3E-8FF9-0DD9312B9BF4}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E5B9006A-28A0-49B3-BBD2-32F0D101A0ED}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E840D962-5214-4F46-968E-C04B755D3262}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E965CAB9-06F7-4D36-AE52-CF67D0BE7848}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{E99568D6-539B-40D6-A690-38667CEC3C94}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EAAE89CA-BDE8-49C5-80D7-F131C04A019F}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EAE2ABE4-C15E-4F35-A523-C24F445A3A88}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EC06974D-CBEF-4453-94EC-71271EE27D63}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EEAC4CBB-AF10-4C0C-8AC5-6EF7DE06E96E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EF024060-9E7D-420A-84F4-A85252210629}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{EFAB6D2D-304E-4FC7-ADE5-BCA190290535}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F1B1E543-8FC5-47AD-824D-FB78B70A3BBA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F4168936-4693-4649-BAB9-6F4436E6FF69}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F46331EC-1F8E-4A70-AF49-D2632D503420}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F4AF67B3-898C-4BF5-ADCA-5074B9A01ADD}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F5262CA8-2FD4-4A77-9047-4036B9052571}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F625F961-F3F5-41B3-8569-F4F6FA98A33B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F6566E9C-A474-4C85-BD86-2105333CD890}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F67D1753-7896-409E-9172-F94E816107CA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F6E73233-E2ED-48A8-9C38-60588A0678DA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F7239671-E186-4525-8830-5FF8421E509E}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F7A75807-66D1-4204-BD4B-1FFF9362197B}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F89604EB-C8FD-4B0C-99AF-581E73D436CA}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{F9CB3B61-D845-46EF-93C9-A7EB109ACA56}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FA840242-011A-46C7-9146-3D667D892761}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FAC52CB4-B2A9-4AF1-BD1A-D2343AF4DBF6}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FAD5457F-548B-4FB4-9FA5-E68C70C8EEF3}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FB852A1F-06D0-4138-B8E4-500FACD99A72}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FBDCB5EB-C285-4FEA-B992-F75F585E4E91}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FCD27778-1EA2-43DC-BD93-9820D89C8A61}
Successfully deleted: [Empty Folder] C:\Users\Non1can\appdata\local\{FDD51448-D9ED-46AD-94F2-42172D969D0E}



~~~ FireFox

Emptied folder: C:\Users\Non1can\AppData\Roaming\mozilla\firefox\profiles\rlt97697.default\minidumps [15 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Non1can\appdata\local\Google\Chrome\User Data\Default\Extensions\dchmpbaclbiioedakpcldenooikekokm



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.10.2014 at 12:31:57,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und die Frst.txt ist:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Non1can (administrator) on DANIEL on 12-10-2014 12:35:11
Running from C:\Users\Non1can\Desktop
Loaded Profile: Non1can (Available profiles: Non1can)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-08] (AVAST Software)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {4ad0adfb-a121-11e1-9aa3-c860005e71f3} - J:\Setup.exe
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {b2074da7-361b-11e2-80da-c860005e71f3} - E:\setup_ftl_1.0.0.6.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://empire.goodgamestudios.com/?country=DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {8ADF36AB-7485-4EA9-8C6C-381EF3923A43} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\abs@avira.com [2014-10-07]
FF Extension: NoScript - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-16]
FF Extension: Adblock Plus - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-08]

Chrome: 
=======
CHR HomePage: Default -> 823DD223DCC4DFD0C732AE8DD7DA7380F7E31003D0BFAEAA938D81706B5EEEF2
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR Profile: C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Adblock Plus) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-08] (AVAST Software)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-08] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 12:31 - 2014-10-12 12:31 - 00035013 _____ () C:\Users\Non1can\Desktop\JRT.txt
2014-10-12 12:28 - 2014-10-12 12:28 - 00000000 ____D () C:\Windows\ERUNT
2014-10-12 12:27 - 2014-10-12 12:27 - 01705755 _____ (Thisisu) C:\Users\Non1can\Desktop\JRT.exe
2014-10-12 12:16 - 2014-10-12 12:16 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-12 12:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-12 12:13 - 2014-10-12 12:15 - 00000000 ___DC () C:\AdwCleaner
2014-10-12 12:12 - 2014-10-12 12:13 - 01375089 _____ () C:\Users\Non1can\Desktop\AdwCleaner_3.311.exe
2014-10-12 09:03 - 2014-10-12 12:16 - 00000392 _____ () C:\Windows\setupact.log
2014-10-12 09:03 - 2014-10-12 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-11 11:52 - 2014-10-11 11:52 - 00053190 _____ () C:\Users\Non1can\Desktop\Addition.txt
2014-10-11 11:51 - 2014-10-12 12:35 - 00012746 _____ () C:\Users\Non1can\Desktop\FRST.txt
2014-10-10 21:18 - 2014-10-10 21:18 - 00000020 _____ () C:\Windows\Ðúx
2014-10-10 15:25 - 2014-10-12 12:35 - 00000000 ___DC () C:\FRST
2014-10-10 15:24 - 2014-10-10 15:24 - 02109952 _____ (Farbar) C:\Users\Non1can\Desktop\FRST64 (1).exe
2014-10-10 13:04 - 2014-10-11 09:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-10 13:04 - 2014-10-10 13:04 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-10 13:04 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-10 13:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-10 13:02 - 2014-10-10 13:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Non1can\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-09 23:10 - 2014-10-09 23:25 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Riot Games
2014-10-09 23:04 - 2014-10-09 23:06 - 30668968 _____ (Riot Games) C:\Users\Non1can\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\Program Files\Java
2014-10-09 15:19 - 2014-10-09 15:19 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-10-09 15:19 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\temp
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\projects
2014-10-08 14:58 - 2014-10-08 14:58 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\AVAST Software
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 14:56 - 2014-10-12 12:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-08 14:56 - 2014-10-08 14:57 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-08 14:56 - 2014-10-08 14:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-08 14:44 - 2014-10-08 14:50 - 91906368 _____ (AVAST Software) C:\Users\Non1can\Desktop\avast_free_antivirus_setup_9.0.2021.exe
2014-10-07 16:02 - 2014-10-07 16:04 - 00000000 ___RD () C:\Users\Non1can\Desktop\Business
2014-10-07 15:19 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-07 15:19 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-07 15:18 - 2014-10-07 15:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-07 15:18 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-07 15:17 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-07 15:14 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-07 15:14 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-10-07 15:14 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-10-03 15:17 - 2014-10-03 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-03 11:07 - 2014-10-03 11:08 - 00000000 ____D () C:\Users\Non1can\Desktop\Fest
2014-09-30 22:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 22:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 10:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 00:53 - 2014-09-29 18:03 - 00000000 ___DC () C:\Procurement
2014-09-24 00:53 - 2014-09-24 00:53 - 00000642 _____ () C:\Users\Public\Desktop\Procurement.lnk
2014-09-24 00:53 - 2014-09-24 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Procurement
2014-09-19 17:09 - 2014-09-19 17:10 - 03833817 _____ () C:\Users\Non1can\Downloads\Procurement.1.8.4.zip
2014-09-16 00:15 - 2014-09-16 00:15 - 00015355 _____ () C:\Users\Non1can\Downloads\RF calculator.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-08-14 04:57 - 2012-05-14 18:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-08-14 04:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-12 12:35 - 2013-05-01 13:05 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\NetSpeedMonitor
2014-10-12 12:23 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 12:23 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 12:20 - 2013-08-17 02:34 - 01877683 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 12:16 - 2014-03-15 10:42 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 12:16 - 2012-03-24 21:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-12 12:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 12:13 - 2014-03-15 10:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 11:40 - 2014-04-12 21:22 - 00000000 ____D () C:\ProgramData\Origin
2014-10-12 10:47 - 2012-03-25 01:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-12 00:07 - 2012-03-25 18:07 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Skype
2014-10-11 08:24 - 2012-04-02 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-10 21:24 - 2012-03-25 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-10-10 21:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-10 19:16 - 2014-07-21 14:39 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Adobe
2014-10-10 19:09 - 2012-04-02 18:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-10 19:09 - 2012-04-02 18:05 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-10 19:09 - 2012-03-24 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-10 17:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-10-10 13:20 - 2012-03-24 19:30 - 00000000 ____D () C:\Windows\pss
2014-10-10 12:05 - 2013-01-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-10 12:05 - 2012-03-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-10-10 11:45 - 2013-07-18 22:37 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 23:07 - 2012-03-24 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-09 15:19 - 2014-02-22 16:44 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Thunderbird
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-09 15:19 - 2013-06-06 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-10-09 15:12 - 2013-01-14 17:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-08 14:55 - 2012-03-27 04:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-08 14:48 - 2012-06-20 00:25 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Deployment
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Notepad++
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-10-08 14:37 - 2013-02-03 13:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-08 11:03 - 2013-02-04 23:57 - 00000000 ____D () C:\Users\Non1can\Documents\Paradox Interactive
2014-10-08 08:26 - 2012-03-25 03:30 - 00000000 ____D () C:\Users\Non1can\Documents\My Games
2014-10-07 18:20 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-10-07 18:20 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-10-07 18:20 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 15:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 15:28 - 2013-11-19 22:10 - 00000000 ____D () C:\Users\Non1can\AppData\Local\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-07 15:18 - 2013-07-18 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-07 15:17 - 2012-03-24 21:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-07 14:53 - 2012-03-25 03:43 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\TS3Client
2014-10-07 11:45 - 2013-02-16 15:34 - 00000000 ___RD () C:\Users\Non1can\WDokumente
2014-10-03 15:17 - 2012-10-28 20:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 15:17 - 2012-03-25 18:07 - 00000000 ____D () C:\ProgramData\Skype
2014-09-28 12:07 - 2013-01-11 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-27 09:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 07:04 - 2014-07-02 12:24 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Winamp
2014-09-22 08:42 - 2012-03-24 20:08 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\tSH05K6U.dat


Some content of TEMP:
====================
C:\Users\Non1can\AppData\Local\Temp\NGM.exe
C:\Users\Non1can\AppData\Local\Temp\NGMDll.dll
C:\Users\Non1can\AppData\Local\Temp\NGMResource.dll
C:\Users\Non1can\AppData\Local\Temp\Quarantine.exe
C:\Users\Non1can\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Non1can\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 00:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Geändert von Tenseiken (12.10.2014 um 12:11 Uhr)

Alt 13.10.2014, 09:15   #7
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.10.2014, 15:57   #8
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Wollte mich auf jeden Fall bei dir für die super Hilfe bedanken. Der Systemstart zieht sich endlich nicht mehr so stark und der Soundtreiber braucht keine 10 Minuten zum laden.
Kam die Malware vom Chrome-Addon Fox-Tab oder wieso wurde die beim bereinigen entfernt? Weil ich würde mir gerne wieder ein Speed-Dial installieren, weiß jetzt aber nicht, ob Foxtab clean war.

So, erstmal Eset:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8f782cd0f6702e4091d003941cb3605e
# engine=20571
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-13 02:55:13
# local_time=2014-10-13 04:55:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 377617 439207 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2926042 54525429 0 0
# scanned=576301
# found=0
# cleaned=0
# scan_time=11521
         
Nun Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
avast! Antivirus                
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (32.0.3) 
 Mozilla Thunderbird (31.1.2) 
 Google Chrome 37.0.2062.124  
 Google Chrome 38.0.2125.101  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Und als letztes Frst:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Non1can (administrator) on DANIEL on 13-10-2014 17:05:08
Running from C:\Users\Non1can\Desktop
Loaded Profile: Non1can (Available profiles: Non1can)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-08] (AVAST Software)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {4ad0adfb-a121-11e1-9aa3-c860005e71f3} - J:\Setup.exe
HKU\S-1-5-21-3461773620-3276519411-1504451298-1000\...\MountPoints2: {b2074da7-361b-11e2-80da-c860005e71f3} - E:\setup_ftl_1.0.0.6.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://empire.goodgamestudios.com/?country=DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {8ADF36AB-7485-4EA9-8C6C-381EF3923A43} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\abs@avira.com [2014-10-07]
FF Extension: NoScript - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-16]
FF Extension: Adblock Plus - C:\Users\Non1can\AppData\Roaming\Mozilla\Firefox\Profiles\rlt97697.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-08]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Adblock Plus) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Non1can\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-08] (AVAST Software)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-08] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 17:05 - 2014-10-13 17:05 - 00000000 ____D () C:\Users\Non1can\Desktop\FRST-OlderVersion
2014-10-13 17:04 - 2014-10-13 17:05 - 02110464 ____C (Farbar) C:\Users\Non1can\Desktop\FRST64.exe
2014-10-13 16:57 - 2014-10-13 16:57 - 00854417 _____ () C:\Users\Non1can\Desktop\SecurityCheck.exe
2014-10-13 13:38 - 2014-10-13 13:38 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-13 13:37 - 2014-10-13 13:37 - 02347384 _____ (ESET) C:\Users\Non1can\Desktop\esetsmartinstaller_deu.exe
2014-10-12 12:31 - 2014-10-12 12:31 - 00035013 _____ () C:\Users\Non1can\Desktop\JRT.txt
2014-10-12 12:28 - 2014-10-12 12:28 - 00000000 ____D () C:\Windows\ERUNT
2014-10-12 12:27 - 2014-10-12 12:27 - 01705755 _____ (Thisisu) C:\Users\Non1can\Desktop\JRT.exe
2014-10-12 12:16 - 2014-10-12 12:16 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-12 12:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-12 12:13 - 2014-10-12 12:15 - 00000000 ___DC () C:\AdwCleaner
2014-10-12 12:12 - 2014-10-12 12:13 - 01375089 _____ () C:\Users\Non1can\Desktop\AdwCleaner_3.311.exe
2014-10-12 09:03 - 2014-10-13 13:32 - 00000504 _____ () C:\Windows\setupact.log
2014-10-12 09:03 - 2014-10-12 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-11 11:52 - 2014-10-11 11:52 - 00053190 _____ () C:\Users\Non1can\Desktop\Addition.txt
2014-10-11 11:51 - 2014-10-13 17:05 - 00012244 _____ () C:\Users\Non1can\Desktop\FRST.txt
2014-10-10 21:18 - 2014-10-10 21:18 - 00000020 _____ () C:\Windows\Ðúx
2014-10-10 15:25 - 2014-10-13 17:05 - 00000000 ___DC () C:\FRST
2014-10-10 13:04 - 2014-10-11 09:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-10 13:04 - 2014-10-10 13:04 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-10 13:04 - 2014-10-10 13:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-10 13:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-10 13:04 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-10 13:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-10 13:02 - 2014-10-10 13:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Non1can\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-09 23:10 - 2014-10-09 23:25 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Riot Games
2014-10-09 23:04 - 2014-10-09 23:06 - 30668968 _____ (Riot Games) C:\Users\Non1can\Desktop\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-09 15:21 - 2014-10-09 15:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-09 15:21 - 2014-10-09 15:21 - 00000000 ____D () C:\Program Files\Java
2014-10-09 15:19 - 2014-10-09 15:19 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-10-09 15:19 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\temp
2014-10-09 14:01 - 2014-10-09 14:01 - 00000000 ____D () C:\Users\Non1can\Desktop\projects
2014-10-08 14:58 - 2014-10-08 14:58 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\AVAST Software
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 14:56 - 2014-10-13 13:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-08 14:56 - 2014-10-08 14:57 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-08 14:56 - 2014-10-08 14:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-08 14:56 - 2014-10-08 14:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-08 14:56 - 2014-10-08 14:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-08 14:44 - 2014-10-08 14:50 - 91906368 _____ (AVAST Software) C:\Users\Non1can\Desktop\avast_free_antivirus_setup_9.0.2021.exe
2014-10-07 16:02 - 2014-10-07 16:04 - 00000000 ___RD () C:\Users\Non1can\Desktop\Business
2014-10-07 15:19 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-07 15:19 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-07 15:18 - 2014-10-07 15:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-07 15:18 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-07 15:17 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-07 15:14 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-07 15:14 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-07 15:14 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-10-07 15:14 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-10-07 15:14 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-10-03 15:17 - 2014-10-03 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-03 11:07 - 2014-10-03 11:08 - 00000000 ____D () C:\Users\Non1can\Desktop\Fest
2014-09-30 22:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 22:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 10:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 00:53 - 2014-09-29 18:03 - 00000000 ___DC () C:\Procurement
2014-09-24 00:53 - 2014-09-24 00:53 - 00000642 _____ () C:\Users\Public\Desktop\Procurement.lnk
2014-09-24 00:53 - 2014-09-24 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Procurement
2014-09-19 17:09 - 2014-09-19 17:10 - 03833817 _____ () C:\Users\Non1can\Downloads\Procurement.1.8.4.zip
2014-09-16 00:15 - 2014-09-16 00:15 - 00015355 _____ () C:\Users\Non1can\Downloads\RF calculator.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-08-14 04:57 - 2012-05-14 18:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-08-14 04:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 17:05 - 2013-05-01 13:05 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\NetSpeedMonitor
2014-10-13 17:04 - 2012-03-25 01:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-13 16:54 - 2013-08-17 02:34 - 01956927 _____ () C:\Windows\WindowsUpdate.log
2014-10-13 16:40 - 2014-02-22 16:44 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Thunderbird
2014-10-13 16:13 - 2014-03-15 10:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 13:40 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-13 13:40 - 2009-07-14 06:45 - 00023200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-13 13:32 - 2014-03-15 10:42 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 13:32 - 2012-03-24 21:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-13 13:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 11:40 - 2014-04-12 21:22 - 00000000 ____D () C:\ProgramData\Origin
2014-10-12 00:07 - 2012-03-25 18:07 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Skype
2014-10-11 08:24 - 2012-04-02 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-10 21:24 - 2012-03-25 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-10-10 21:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-10 19:16 - 2014-07-21 14:39 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Adobe
2014-10-10 19:09 - 2012-04-02 18:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-10 19:09 - 2012-04-02 18:05 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-10 19:09 - 2012-03-24 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-10 17:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-10-10 17:10 - 2014-08-13 00:04 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-10-10 13:20 - 2012-03-24 19:30 - 00000000 ____D () C:\Windows\pss
2014-10-10 12:05 - 2013-01-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-10 12:05 - 2012-03-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-10-10 11:45 - 2013-07-18 22:37 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 23:07 - 2012-03-24 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-09 15:19 - 2014-02-22 16:44 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-10-09 15:19 - 2014-02-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-09 15:19 - 2013-06-06 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-09 15:15 - 2012-03-25 01:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-10-09 15:12 - 2013-01-14 17:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-08 14:55 - 2012-03-27 04:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-08 14:48 - 2012-06-20 00:25 - 00000000 ____D () C:\Users\Non1can\AppData\Local\Deployment
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Notepad++
2014-10-08 14:47 - 2013-01-11 17:30 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-10-08 14:37 - 2013-02-03 13:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-08 11:03 - 2013-02-04 23:57 - 00000000 ____D () C:\Users\Non1can\Documents\Paradox Interactive
2014-10-08 08:26 - 2012-03-25 03:30 - 00000000 ____D () C:\Users\Non1can\Documents\My Games
2014-10-07 18:20 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-10-07 18:20 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-10-07 18:20 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 15:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 15:28 - 2013-11-19 22:10 - 00000000 ____D () C:\Users\Non1can\AppData\Local\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-07 15:19 - 2012-03-24 21:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-07 15:18 - 2013-07-18 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-07 15:17 - 2012-03-24 21:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-07 14:53 - 2012-03-25 03:43 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\TS3Client
2014-10-07 11:45 - 2013-02-16 15:34 - 00000000 ___RD () C:\Users\Non1can\WDokumente
2014-10-03 15:17 - 2012-10-28 20:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 15:17 - 2012-03-25 18:07 - 00000000 ____D () C:\ProgramData\Skype
2014-09-28 12:07 - 2013-01-11 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-27 09:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 07:04 - 2014-07-02 12:24 - 00000000 ____D () C:\Users\Non1can\AppData\Roaming\Winamp
2014-09-22 08:42 - 2012-03-24 20:08 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\tSH05K6U.dat


Some content of TEMP:
====================
C:\Users\Non1can\AppData\Local\Temp\NGM.exe
C:\Users\Non1can\AppData\Local\Temp\NGMDll.dll
C:\Users\Non1can\AppData\Local\Temp\NGMResource.dll
C:\Users\Non1can\AppData\Local\Temp\Quarantine.exe
C:\Users\Non1can\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Non1can\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 00:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Geändert von Tenseiken (13.10.2014 um 16:11 Uhr)

Alt 14.10.2014, 10:02   #9
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Kannste wieder installieren.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.10.2014, 19:38   #10
Tenseiken
 
PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



So, hat etwas lange gedauert mit der Antwort aber ja, habe alles durchgeführt und die Programme entfernt. Im Moment scheint alles wieder super zu laufen und da kann der Thread geschlossen werden.

PS. Danke nochmal für deine Hilfe Schrauber

Alt 20.10.2014, 17:30   #11
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.Babylon und co. - Standard

PUP.Optional.Babylon und co.



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu PUP.Optional.Babylon und co.
anleitung, auslastung, babylon, bedrohungen, bereinigt, brauch, cpu auslastung, fehlercode 0xc0000005, fehlercode 31, fehlercode windows, folge, folgende, hohe, hohe cpu, langsamer, malwarebytes, pup.optional.babylon.a, pup.optional.datamangr.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.opencandy, pup.optional.softonic.a, softonic, systems, wirklich, überhaupt



Ähnliche Themen: PUP.Optional.Babylon und co.


  1. Pub.Optional.Babylon.A gefunden
    Plagegeister aller Art und deren Bekämpfung - 30.08.2015 (18)
  2. Seltsame Artefakte & PUP.Optional.Babylon.A
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (17)
  3. Malwarebytes findet PUP.Optional.Babylon.A
    Plagegeister aller Art und deren Bekämpfung - 26.09.2014 (11)
  4. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  5. Malwarebytes 8 infizierte Objekte PUP.Optional.VShare/Babylon / Antivir deaktiviert / Echtzeitscanner aus /
    Log-Analyse und Auswertung - 11.01.2014 (9)
  6. Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.
    Log-Analyse und Auswertung - 08.01.2014 (15)
  7. PUP.Optinonal.Wajam.A, PUP.Optinonal.Babylon.A, PUP.BProtector, PUP.Optional.DataMgr.A, PUP.Optional.Babylon.Toolbar.A
    Log-Analyse und Auswertung - 11.12.2013 (11)
  8. Ist "PUP.Optional.Babylon.A" eine wirkliche Gefahr?
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (7)
  9. Win7 - 'PUP.Optional.Babylon.A' und 'PUP.Optional.DownloadSponsor.A' gefunden
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (7)
  10. Malwarebytes findet u.a PUP.Optional.Babylon.A und mehr
    Log-Analyse und Auswertung - 30.10.2013 (10)
  11. PUP.Optional.Babylon.A - Von Malwarebyte identifiziert und entfernt - reicht das?
    Plagegeister aller Art und deren Bekämpfung - 02.10.2013 (9)
  12. PUP Optional. Browser Defender A und PUP Optional. Babylon A von Malwarebytes gelöscht?
    Log-Analyse und Auswertung - 28.08.2013 (14)
  13. PUP.Optional.BrowserDefender.A, PUP.Optional.Babylon.A, PUP.Optional.Delta
    Log-Analyse und Auswertung - 25.08.2013 (8)
  14. PUP.Optional.Babylon.A 2 x und PUP.Optional.OpenCandy 1 x
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (17)
  15. PUP.Optional.Babylon.a Malewarebytes
    Log-Analyse und Auswertung - 19.08.2013 (3)
  16. Windows Vista: PUP.Optional.Babylon.A
    Log-Analyse und Auswertung - 17.08.2013 (7)
  17. Vista32 - Malwarebytes Check - Babylon (PUP.Optional.Babylon.A)
    Log-Analyse und Auswertung - 16.08.2013 (9)

Zum Thema PUP.Optional.Babylon und co. - Hallo, ich habe seit etwa 2 Monaten einen ungewöhnlich hohen Datenverkehr (den ich zuerst nicht wirklich beachtet habe). Dazu kommt jedoch in letzter Zeit eine hohe CPU Auslastung und ein - PUP.Optional.Babylon und co....
Archiv
Du betrachtest: PUP.Optional.Babylon und co. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.