Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Plötzliche Werbeprobleme trotz ABP

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.01.2015, 13:45   #1
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Hallo Liebes Forum,
ich habe seit einigen Tagen wieder Probleme mit Werbung mit Chrome und das obwohl ich AdBlock Plus installiert habe. Das Problem trat auf als ich das HTC HD 2 eines Freundes mit Android ausstatten wollte. Hierbei hab ich meiner Meinung nach irgend eine Malware mit heruntergeladen.

Nun werden mir wieder Werbeanzeigen geschalten von Unisales.

Zudem sehe ich in meinen Browser Plug-Ins ein neues Plug-In Namens uNisaales, welches sich zwar löschen lässt jedoch bei einem erneuten Öffnen des Browsers erneut erscheint.

Zusätzlich öffnet sich immer wieder bei einem Links bzw. Rechtsklick im Browser ein neues Fenster mit Werbung-

Ich habe zunächst diesen Thread mal angeschaut: http://www.trojaner-board.de/162196-...n-browser.html

Daraufhin habe ich mir Revo Uninstall runtergeladen und ausgeführt. Dort war eine Datei mit dem Namen Unisales zu sehen welche ich deinstallieren wollte was aber nicht funktionierte. Jedoch wurde mir eine Registry Datei im neunten Unterordner angezeigt welche ich gelöscht habe.

Hier habe ich mal den FRST.txt und Addition.txt für euch vorbereitet.
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Otto (administrator) on OTTO-PC on 05-01-2015 14:28:53
Running from C:\Users\Otto\Downloads
Loaded Profile: Otto (Available profiles: Otto)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2014-10-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2014-10-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-01-06] (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-29] ( (Atheros Communications))
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [4505704 2014-10-15] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2047488 2014-12-02] (RemoteMouse.net)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\MountPoints2: {4c399df6-4fa5-11e4-811f-28d24489aaf8} - E:\SETUP.EXE
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
SearchScopes: HKU\S-1-5-21-127802281-1583697644-2177072777-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: uniSAleos -> {c90cb465-3071-4133-9fe6-8138d31b9965} -> C:\Program Files (x86)\uniSAleos\dBmycSjM1JXa5r.x64.dll ()
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: youtubeadblocker -> {ee460b77-839e-4a72-9b5b-cf0e8dc519e7} -> C:\Program Files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.x64.dll ()
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: uniSAleos -> {c90cb465-3071-4133-9fe6-8138d31b9965} -> C:\Program Files (x86)\uniSAleos\dBmycSjM1JXa5r.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: youtubeadblocker -> {ee460b77-839e-4a72-9b5b-cf0e8dc519e7} -> C:\Program Files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.dll ()
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 16 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9-x64 01 C:\Windows\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 C:\Windows\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 03 C:\Windows\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 04 C:\Windows\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 16 C:\Windows\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-127802281-1583697644-2177072777-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-04]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-18]
CHR Extension: (Google Docs) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-18]
CHR Extension: (Google Drive) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-18]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-18]
CHR Extension: (Adblock Plus) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-18]
CHR Extension: (Adblock for Youtube™) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-09-18]
CHR Extension: (Google-Suche) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-18]
CHR Extension: (Kaspersky Protection) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-04]
CHR Extension: (Google Tabellen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-18]
CHR Extension: (Google Wallet) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-18]
CHR Extension: (Google Mail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-18]
CHR Extension: (uNisaales) - C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp\ [2014-09-18]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 fc67e7a0; c:\Program Files (x86)\DeltaFix\DeltaFix.dll [4116480 2015-01-02] () [File not signed] <==== ATTENTION
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-09] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-01-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-01-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 14:28 - 2015-01-05 14:29 - 00021623 _____ () C:\Users\Otto\Downloads\FRST.txt
2015-01-05 14:28 - 2015-01-05 14:28 - 00000000 ____D () C:\FRST
2015-01-05 14:27 - 2015-01-05 14:28 - 02123776 _____ (Farbar) C:\Users\Otto\Downloads\FRST64.exe
2015-01-05 14:22 - 2015-01-05 14:22 - 00001264 _____ () C:\Users\Otto\Desktop\Revo Uninstaller.lnk
2015-01-05 14:22 - 2015-01-05 14:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-05 14:20 - 2015-01-05 14:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Otto\Downloads\revosetup95.exe
2015-01-05 14:03 - 2015-01-05 14:03 - 00262144 _____ () C:\Windows\system32\config\elam
2015-01-05 12:42 - 2015-01-05 12:42 - 08682859 _____ () C:\Users\Otto\Downloads\latest_usb_driver_windows.zip
2015-01-05 12:19 - 2015-01-05 12:19 - 05537864 _____ () C:\Users\Otto\Downloads\npp.5.9.3.Installer.exe
2015-01-05 12:18 - 2015-01-05 12:19 - 05224791 _____ () C:\Users\Otto\Downloads\Layout.rar
2015-01-04 16:47 - 2010-10-06 18:51 - 25087895 _____ () C:\Users\Otto\Downloads\RUU_signed.nbh
2015-01-04 16:47 - 2009-10-16 19:08 - 00943616 _____ (udK@MyPPC.it) C:\Users\Otto\Downloads\CustomRUU.exe
2015-01-04 15:18 - 2015-01-05 14:15 - 00002330 _____ () C:\Users\Otto\Desktop\Safe Money.lnk
2015-01-04 15:18 - 2015-01-04 15:19 - 00001441 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-01-04 15:18 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-04 15:17 - 2015-01-05 14:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-04 15:17 - 2015-01-04 18:45 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-04 15:17 - 2015-01-04 18:45 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-04 15:17 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-01-04 15:06 - 2015-01-04 15:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-01-03 15:12 - 2015-01-03 15:12 - 475563608 _____ () C:\Windows\MEMORY.DMP
2015-01-03 15:12 - 2015-01-03 15:12 - 00962312 _____ () C:\Windows\Minidump\010315-16161-01.dmp
2015-01-03 15:12 - 2015-01-03 15:12 - 00000000 ____D () C:\Windows\Minidump
2015-01-02 18:06 - 2012-04-06 01:40 - 00000000 ____D () C:\Users\Otto\Downloads\Radio 2.08.50.05
2015-01-02 17:51 - 2015-01-02 17:51 - 00001038 _____ () C:\Users\Public\Desktop\HD2 Toolkit.lnk
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD2 Toolkit
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\Program Files (x86)\HD2 Toolkit
2015-01-02 17:49 - 2015-01-02 17:49 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\EZDownloader
2015-01-02 16:51 - 2015-01-02 16:51 - 00000000 ____D () C:\Program Files (x86)\DeltaFix
2015-01-02 16:49 - 2015-01-05 14:03 - 00000000 ____D () C:\Program Files (x86)\PanicButton
2015-01-02 16:48 - 2015-01-05 14:14 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-01-02 16:47 - 2015-01-05 14:03 - 00000000 ____D () C:\Program Files (x86)\uniSAleos
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____D () C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____D () C:\ProgramData\5398578360898013408
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____D () C:\Program Files (x86)\uNisaales
2015-01-02 16:44 - 2015-01-02 16:45 - 00002419 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-01-02 16:44 - 2015-01-02 16:45 - 00000000 ____D () C:\Windows\WindowsMobile
2014-12-31 03:05 - 2015-01-05 01:22 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\vlc
2014-12-31 01:24 - 2014-12-31 01:24 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\Program Files\VideoLAN
2014-12-31 01:19 - 2014-12-31 01:19 - 00001050 _____ () C:\Users\Public\Desktop\Remote Mouse.lnk
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse
2014-12-31 01:18 - 2014-12-31 01:18 - 00711781 _____ (Remote Mouse ) C:\Users\Otto\Downloads\RemoteMouse.exe
2014-12-30 11:36 - 2014-12-30 11:36 - 00000000 ____D () C:\Program Files\Elantech
2014-12-30 11:35 - 2013-10-17 12:06 - 00377608 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2014-12-29 11:31 - 2014-12-29 11:32 - 00000000 ____D () C:\Users\Otto\AppData\Local\Ubisoft Game Launcher
2014-12-29 11:24 - 2014-12-29 11:24 - 00000000 ____D () C:\ProgramData\Solidshield
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Ubisoft
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-29 11:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-27 13:56 - 2014-12-27 13:57 - 00000000 ____D () C:\Users\Otto\Desktop\MacBook
2014-12-25 21:06 - 2014-12-25 21:06 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\java
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\.minecraft
2014-12-24 03:36 - 2014-12-24 03:36 - 00000000 ____D () C:\Users\Otto\Downloads\runtime
2014-12-24 03:33 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\Downloads\game
2014-12-23 13:00 - 2014-12-23 13:01 - 27728861 _____ () C:\Users\Otto\Downloads\ROCCAT_Savu_DRV1.20_FW1.24.zip
2014-12-22 14:48 - 2014-12-29 16:57 - 00012789 _____ () C:\Users\Otto\Desktop\Swot-Analyse.xlsx
2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\Otto\AppData\Local\My Games
2014-12-20 20:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-20 20:47 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-20 20:47 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-20 20:46 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-20 20:46 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-20 20:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-20 20:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-20 20:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-20 20:46 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-20 20:46 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-20 20:46 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-20 20:46 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-12-18 12:58 - 2014-12-18 12:58 - 00042416 _____ () C:\Users\Otto\Downloads\Justiefied01.dlc
2014-12-18 12:58 - 2014-12-18 12:58 - 00040624 _____ () C:\Users\Otto\Downloads\Justiefied02.dlc
2014-12-17 13:17 - 2014-12-27 16:42 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Tropico 5
2014-12-17 13:17 - 2014-12-17 13:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Kalypso Media
2014-12-16 16:43 - 2014-12-16 16:43 - 00000220 _____ () C:\Users\Otto\Desktop\Sid Meier's Civilization V.url
2014-12-15 19:22 - 2014-12-15 19:22 - 00000222 _____ () C:\Users\Otto\Desktop\Tropico 5.url
2014-12-15 11:17 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-15 11:16 - 2014-12-15 11:16 - 00000000 ____D () C:\Program Files (x86)\SimGolf
2014-12-13 23:03 - 2014-12-13 23:03 - 00067726 _____ () C:\Users\Otto\Downloads\1212-pbe-update.html

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 14:25 - 2010-11-21 07:50 - 00699466 _____ () C:\Windows\system32\perfh007.dat
2015-01-05 14:25 - 2010-11-21 07:50 - 00149574 _____ () C:\Windows\system32\perfc007.dat
2015-01-05 14:25 - 2009-07-14 06:13 - 01619800 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 14:22 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 14:22 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 14:20 - 2014-09-18 18:57 - 01710216 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 14:15 - 2014-09-18 19:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 14:14 - 2014-09-18 19:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 14:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 14:14 - 2009-07-14 05:51 - 00061217 _____ () C:\Windows\setupact.log
2015-01-05 11:18 - 2014-09-19 12:46 - 00000000 ____D () C:\Users\Otto\AppData\Local\CrashDumps
2015-01-04 15:46 - 2014-09-19 20:33 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Skype
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-03 17:33 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-03 17:32 - 2014-09-19 12:51 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\TS3Client
2015-01-03 17:18 - 2014-09-18 19:09 - 00000000 ____D () C:\Users\Otto\Documents\Bluetooth Folder
2014-12-30 11:37 - 2014-10-04 20:57 - 00008834 _____ () C:\Windows\DPINST.LOG
2014-12-29 11:23 - 2014-09-18 19:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-29 11:22 - 2014-09-20 13:43 - 00079241 _____ () C:\Windows\DirectX.log
2014-12-29 06:54 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-22 20:14 - 2014-10-14 12:19 - 00000000 ____D () C:\Users\Otto\AppData\Local\Battle.net
2014-12-20 21:05 - 2014-09-20 13:43 - 00000000 ____D () C:\Users\Otto\Documents\My Games
2014-12-18 12:58 - 2011-03-07 12:10 - 00000000 ____D () C:\Users\Otto\Downloads\JDownloader
2014-12-16 16:43 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-15 16:18 - 2014-10-14 12:19 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-13 23:56 - 2014-10-14 12:21 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-12 02:17 - 2014-09-18 19:32 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 00:16 - 2014-09-19 20:33 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Skype
2014-12-11 10:27 - 2014-10-09 23:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Some content of TEMP:
====================
C:\Users\Otto\AppData\Local\Temp\13057070748624440308.exe
C:\Users\Otto\AppData\Local\Temp\8C8A7.exe
C:\Users\Otto\AppData\Local\Temp\A5D0E821A2.exe
C:\Users\Otto\AppData\Local\Temp\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Otto\AppData\Local\Temp\ICReinstall_13057070748624440308.exe
C:\Users\Otto\AppData\Local\Temp\JDSetup130570707476323836.exe
C:\Users\Otto\AppData\Local\Temp\ose00000.exe
C:\Users\Otto\AppData\Local\Temp\ose00001.exe
C:\Users\Otto\AppData\Local\Temp\sdan.exe
C:\Users\Otto\AppData\Local\Temp\sdapk.exe
C:\Users\Otto\AppData\Local\Temp\sdaspwn.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 17:46

==================== End Of Log ============================
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Otto at 2015-01-05 14:29:52
Running from C:\Users\Otto\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BoosterSys (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}) (Version:  - BorderlineMaker) <==== ATTENTION
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD2 Toolkit Version 4.2 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.2 - Kaushal Subedi (KSubedi))
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PanicButton (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Remote Mouse version 2.57 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.57 - Remote Mouse)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnternehmensCONTROLLER Standard 18  (HKLM-x32\...\UnternehmensCONTROLLER Standard 18 ) (Version: 18.01 - ecomplan GmbH + Planium Software Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WTFast 3.2 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.2.15.341 - Initex & AAA Internet Publishing)
youtubeadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-127802281-1583697644-2177072777-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

02-01-2015 00:32:56 Geplanter Prüfpunkt
02-01-2015 16:45:09 Installed Windows Mobile-Gerätecenter
04-01-2015 15:34:11 Wiederherstellungsvorgang
05-01-2015 13:42:52 Windows Update
05-01-2015 14:23:02 Revo Uninstaller's restore point - uniSAleos

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23FF4E5A-A583-4852-9D10-676EE19EB3FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {39059DCA-AC4C-431B-AD52-63F0F1FF9745} - System32\Tasks\{6D284BA5-F483-4CD6-8135-19872E88F5FD} => pcalua.exe -a C:\Users\Otto\Downloads\Setup.exe -d C:\Users\Otto\Downloads
Task: {43958109-765C-45E0-8C9A-1171CA3C0CCA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {51683C56-E7A8-47F4-B03E-E422A0DA6EC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5367CBF0-0941-4F0C-9534-FDEC273F252D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {C996CC88-559D-4165-A977-3B3A73809B30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {CBD98DFE-CE76-4F2B-9881-80B3CB64F8B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E5ADDADF-6415-451D-B814-1462E0AE1080} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EE6F1237-6CED-496D-B790-637B8F8AACED} - System32\Tasks\{DA955059-A23F-4A93-BAC6-199FDAF6F6CC} => pcalua.exe -a "C:\Users\Otto\Downloads\setup (4).exe" -d C:\Users\Otto\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-19 13:39 - 2014-07-02 21:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-19 13:46 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-29 21:19 - 2013-10-29 21:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-09-05 12:03 - 2014-09-05 12:03 - 00455784 _____ () C:\Windows\system32\igfxTray.exe
2008-12-20 02:20 - 2014-10-04 20:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-28 13:34 - 2014-10-04 20:56 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 15:31 - 2014-10-04 20:56 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 02:20 - 2014-10-04 20:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-01-02 16:51 - 2015-01-02 16:51 - 04116480 _____ () c:\Program Files (x86)\DeltaFix\DeltaFix.dll
2014-09-19 13:39 - 2014-07-02 21:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-31 01:19 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-09-18 19:39 - 2005-06-24 18:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
2014-12-12 02:17 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 02:17 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 02:17 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 02:17 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 02:17 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-127802281-1583697644-2177072777-500 - Administrator - Disabled)
Gast (S-1-5-21-127802281-1583697644-2177072777-501 - Limited - Disabled)
Otto (S-1-5-21-127802281-1583697644-2177072777-1000 - Administrator - Enabled) => C:\Users\Otto

==================== Faulty Device Manager Devices =============

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2015 02:15:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2015 11:28:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/05/2015 11:20:29 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).

Error: (01/05/2015 01:22:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1b9c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/04/2015 08:54:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0xe58
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/04/2015 06:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0xc60
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/04/2015 06:43:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x16d8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/04/2015 05:12:09 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).

Error: (01/04/2015 05:05:44 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).

Error: (01/04/2015 04:50:07 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).


System errors:
=============
Error: (01/05/2015 02:21:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/05/2015 02:21:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/05/2015 02:21:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/05/2015 02:21:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/05/2015 02:15:05 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (01/05/2015 00:04:47 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber USB hat eine ungültige ID für das untergeordnete Gerät (574343344531333834373638) zurückgegeben.

Error: (01/05/2015 11:18:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR11 gefunden.

Error: (01/04/2015 03:42:55 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (01/04/2015 03:42:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/04/2015 03:42:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.


Microsoft Office Sessions:
=========================
Error: (01/05/2015 02:15:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2015 11:28:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/05/2015 11:20:29 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)

Error: (01/05/2015 01:22:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1b9c01d02858bc6d513dC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllee04cfc1-9470-11e4-bf9c-28d24489aaf8

Error: (01/04/2015 08:54:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5de5801d028478bd9571eC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll871e00a0-944b-11e4-bf9c-28d24489aaf8

Error: (01/04/2015 06:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5dc6001d02846617c1f3aC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlld17dfb24-9439-11e4-bf9c-28d24489aaf8

Error: (01/04/2015 06:43:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d16d801d02844123c522cC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll3a751ceb-9439-11e4-bf9c-28d24489aaf8

Error: (01/04/2015 05:12:09 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)

Error: (01/04/2015 05:05:44 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)

Error: (01/04/2015 04:50:07 PM) (Source: WcesComm) (EventID: 7) (User: )
Description: Start USB Connection (0x80004005)


CodeIntegrity Errors:
===================================
  Date: 2015-01-05 13:45:22.519
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.517
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.515
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.085
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 3992.36 MB
Available physical RAM: 1646.79 MB
Total Pagefile: 7982.9 MB
Available Pagefile: 5166.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.78 GB) (Free:342.89 GB) NTFS
Drive e: (Office.13.SP1.x64.1609-FKY) (CDROM) (Total:2.69 GB) (Free:0 GB) UDF
Drive f: (DUNE_B) (Fixed) (Total:3725.99 GB) (Free:581.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         
Ich hoffe ihr könnt mir weiterhelfen!

Mit freundlichen Grüßen, Necurok

Alt 05.01.2015, 13:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    BoosterSys

    youtubeadblocker


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 







Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 05.01.2015, 14:17   #3
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Hallo schrauber,

danke für deine schnelle antwort!

Bei der Deinstallation mit Revo gab es ein Problem mit der youtubeadblocker Datei. Es kam eine Warnung : Uninstall ist fehlgeschlagen! Vermutlich ungültiger deinstall befehl. Das ist der gleiche Fehler wie vorhin bei der unisaales Datei.

Habe Combofix ausgeführt. Hätte dabei eigentlich Chrome geschlossen sein müssen? Den ich hatte Chrome offen hab aber die Maus kein Stück bewegt.

Scan ist durch hat irgendwann mal 5 mal gepiepst oder so jedoch kam keine Fehlermeldung

Hier ist der Log:
Code:
ATTFilter
ComboFix 15-01-05.01 - Otto 05.01.2015  15:04:54.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3992.1712 [GMT 1:00]
ausgeführt von:: c:\users\Otto\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\uniSAleos
c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.dat
c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.dll
c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.tlb
c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.x64.dll
c:\program files (x86)\youtubeadblocker
c:\program files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.dat
c:\program files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.dll
c:\program files (x86)\YoutubeAdblocker\P9dc4hfTrTbfqc.tlb
c:\program files (x86)\YoutubeAdblocker\P9dc4hfTrTbfqc.x64.dll
c:\programdata\3872871776
c:\programdata\3872871776\BIT3E09.tmp
c:\programdata\5398578360898013408
c:\programdata\5398578360898013408\cd5b15e575e1c3d01dbfa03f733a63a1.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-05 bis 2015-01-05  ))))))))))))))))))))))))))))))
.
.
2015-01-05 14:10 . 2015-01-05 14:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-01-05 13:28 . 2015-01-05 13:30	--------	d-----w-	C:\FRST
2015-01-05 13:28 . 2015-01-05 13:28	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{42E2EE6F-3418-49AE-A411-71B008AF29D3}\offreg.dll
2015-01-05 13:22 . 2015-01-05 13:22	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-01-05 12:43 . 2014-12-02 10:26	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{42E2EE6F-3418-49AE-A411-71B008AF29D3}\mpengine.dll
2015-01-04 14:18 . 2013-05-06 08:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2015-01-04 14:17 . 2015-01-04 14:17	--------	d-----w-	c:\windows\ELAMBKUP
2015-01-04 14:17 . 2015-01-05 13:15	--------	d-----w-	c:\programdata\Kaspersky Lab
2015-01-04 14:17 . 2015-01-04 14:17	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2015-01-04 14:17 . 2015-01-04 17:45	793800	----a-w-	c:\windows\system32\drivers\klif.sys
2015-01-04 14:17 . 2015-01-04 17:45	141320	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-01-04 14:17 . 2014-04-10 16:25	243808	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-01-02 16:51 . 2015-01-02 16:51	--------	d-----w-	c:\program files (x86)\HD2 Toolkit
2015-01-02 16:49 . 2015-01-02 16:49	--------	d-----w-	c:\users\Otto\AppData\Roaming\EZDownloader
2015-01-02 15:49 . 2015-01-05 13:03	--------	d-----w-	c:\program files (x86)\PanicButton
2015-01-02 15:46 . 2015-01-02 15:46	--------	d-----w-	c:\program files (x86)\uNisaales
2015-01-02 15:46 . 2015-01-02 15:46	--------	d-----w-	c:\programdata\fbbapeneehjbpdpcelkkfnpjpgkdkcfp
2015-01-02 15:44 . 2015-01-02 15:45	--------	d-----w-	c:\windows\WindowsMobile
2014-12-31 02:05 . 2015-01-05 00:22	--------	d-----w-	c:\users\Otto\AppData\Roaming\vlc
2014-12-31 00:24 . 2014-12-31 00:24	--------	d-----w-	c:\program files\VideoLAN
2014-12-31 00:19 . 2014-12-31 00:19	--------	d-----w-	c:\program files (x86)\Remote Mouse
2014-12-30 10:36 . 2014-12-30 10:36	--------	d-----w-	c:\program files\Elantech
2014-12-30 10:35 . 2013-10-17 11:06	377608	----a-w-	c:\windows\system32\drivers\ETD.sys
2014-12-29 10:31 . 2014-12-29 10:32	--------	d-----w-	c:\users\Otto\AppData\Local\Ubisoft Game Launcher
2014-12-29 10:24 . 2014-12-29 10:24	--------	d-----w-	c:\programdata\Solidshield
2014-12-29 10:23 . 2014-12-29 10:23	--------	d-----w-	c:\users\Otto\AppData\Roaming\Ubisoft
2014-12-29 10:23 . 2014-12-29 10:23	--------	d-----w-	c:\program files (x86)\Ubisoft
2014-12-24 02:37 . 2014-12-24 02:37	--------	d-----w-	c:\users\Otto\AppData\Roaming\java
2014-12-24 02:37 . 2014-12-24 02:37	--------	d-----w-	c:\users\Otto\AppData\Roaming\.minecraft
2014-12-20 20:05 . 2014-12-20 20:05	--------	d-----w-	c:\users\Otto\AppData\Local\My Games
2014-12-20 19:46 . 2007-10-12 14:14	5081608	----a-w-	c:\windows\system32\d3dx9_36.dll
2014-12-17 12:17 . 2014-12-27 15:42	--------	d-----w-	c:\users\Otto\AppData\Roaming\Tropico 5
2014-12-17 12:17 . 2014-12-17 12:17	--------	d-----w-	c:\users\Otto\AppData\Roaming\Kalypso Media
2014-12-15 10:16 . 2014-12-15 10:16	--------	d-----w-	c:\program files (x86)\SimGolf
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-24 13:04 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-15 14:18 . 2014-10-30 17:56	79464	----a-w-	c:\windows\system32\WTFastDrv.dll
2014-10-15 14:18 . 2014-10-30 17:56	72296	----a-w-	c:\windows\SysWow64\WTFastDrv.dll
2014-10-15 14:18 . 2014-10-30 17:56	11264	----a-w-	c:\windows\SysWow64\SPORDER.DLL
2014-10-09 12:43 . 2014-10-09 12:43	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45	1730256	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45	1730256	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45	1730256	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"WTFast Tray"="c:\program files (x86)\WTFast\WTFast.exe" [2014-10-15 4505704]
"Remote Mouse"="c:\program files (x86)\Remote Mouse\RemoteMouse.exe" [2014-12-02 2047488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"="c:\program files (x86)\Lenovo\EnergyCut\utilty.exe" [2007-04-27 1581056]
"EnergyCut"="c:\program files (x86)\Lenovo\EnergyCut\EnergyCut.exe" [2007-03-09 1167360]
"ROCCAT Savu Gaming Mouse"="c:\program files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" [2012-09-10 872048]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-01-06 292848]
.
c:\users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 01:15	1087816	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 18:31]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 18:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2014-10-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2014-10-04 6200368]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
mStart Page = hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
LSP: %SystemRoot%\system32\WTFastDrv.dll
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{c90cb465-3071-4133-9fe6-8138d31b9965} - c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.dll
BHO-{ee460b77-839e-4a72-9b5b-cf0e8dc519e7} - c:\program files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.dll
BHO-{c90cb465-3071-4133-9fe6-8138d31b9965} - c:\program files (x86)\uniSAleos\dBmycSjM1JXa5r.x64.dll
BHO-{ee460b77-839e-4a72-9b5b-cf0e8dc519e7} - c:\program files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.x64.dll
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} - c:\program files (x86)\PanicButton\PanicButton.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-05  15:12:07
ComboFix-quarantined-files.txt  2015-01-05 14:12
.
Vor Suchlauf: 14 Verzeichnis(se), 367.547.662.336 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 368.114.266.112 Bytes frei
.
- - End Of File - - 2E16CFB970EA1086701B7C4F1EB25D78
A36C5E4F47E84449FF07ED3517B43A31
         


Mir ist gerade noch aufgefallen, dass wenn ich einen Rechtsklick ausführen möchte es teilweise ein Linksklick wird und sich Werbung von Norton Security Backup öffnet. (Falls das hilft)
__________________

Geändert von Necurok (05.01.2015 um 14:45 Uhr)

Alt 05.01.2015, 15:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Revo nochmal. Wenn die Meldung kommt "ungültiger....:" einfach ok klicken, Revo macht dann weiter und sucht nach den Resten, diese dann entfernen.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.01.2015, 16:42   #5
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Hey,

habe die Scans laufen lassen und es schien alles wieder super zu laufen aber auf einmal als ich Chrome gestartet habe ging es wieder los.
Und gerade kam von Malwarebytes eine Meldung.

Bösartige Webseite blockiert
Domäne: rna.lilychino.com
IP: 5.153.38.134
Port: 49443
Typ: Outbound
Prozess: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Hier sind mal die Logs:

MBAM
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.01.2015
Suchlauf-Zeit: 17:11:20
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.05.06
Rootkit Datenbank: v2014.12.30.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Otto

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 334463
Verstrichene Zeit: 6 Min, 21 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.FastSearchings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, In Quarantäne, [01c9a74c94f5f541c21fc01f58ac29d7], 
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-127802281-1583697644-2177072777-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, In Quarantäne, [eedcc23105844de9f88d9933ef1501ff], 

Registrierungswerte: 1
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, In Quarantäne, [dfeb35beb8d1d6602cf14e945ba9669a]

Registrierungsdaten: 2
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72, Gut: (www.google.com), Schlecht: (hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72),Ersetzt,[29a1b63d02873105154cafd0dd286997]
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-127802281-1583697644-2177072777-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72, Gut: (www.google.com), Schlecht: (hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72),Ersetzt,[34963ab95336c4723b257b04ae57c63a]

Ordner: 2
PUP.Optional.EzDownloader.A, C:\Users\Otto\AppData\Roaming\EZDownloader, In Quarantäne, [c4067c772f5ac27449b8125128db49b7], 
PUP.Optional.EzDownloader.A, C:\Users\Otto\AppData\Roaming\EZDownloader\Errors, In Quarantäne, [c4067c772f5ac27449b8125128db49b7], 

Dateien: 5
Trojan.Agent, C:\Program Files (x86)\uNisaales\uNisaales.exe, In Quarantäne, [1eac619277127abcdc9d718e48b9768a], 
Hacktool.Agent, C:\Users\Otto\Downloads\Windows Loader.exe, In Quarantäne, [7f4b03f026633303ec5f3f2bfe0336ca], 
PUP.Optional.ReMarkable.A, C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Löschen bei Neustart, [b01a6e855b2e69cd491a8261f3110000], 
PUP.Optional.ReMarkable.A, C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Löschen bei Neustart, [0fbb3bb843460333f76c4e954aba48b8], 
PUP.Optional.Searchoholic.A, C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72",), Ersetzt,[e1e943b03455c3733fa9507430d5629e]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
ADWCleaner
Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 05/01/2015 um 17:26:24
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Otto - OTTO-PC
# Gestartet von : C:\Users\Otto\Desktop\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pc90cb465_3071_4133_9fe6_8138d31b9965_.Pc90cb465_3071_4133_9fe6_8138d31b9965_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pc90cb465_3071_4133_9fe6_8138d31b9965_.Pc90cb465_3071_4133_9fe6_8138d31b9965_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pee460b77_839e_4a72_9b5b_cf0e8dc519e7_.Pee460b77_839e_4a72_9b5b_cf0e8dc519e7_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pee460b77_839e_4a72_9b5b_cf0e8dc519e7_.Pee460b77_839e_4a72_9b5b_cf0e8dc519e7_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{c90cb465-3071-4133-9fe6-8138d31b9965}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ee460b77-839e-4a72-9b5b-cf0e8dc519e7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c90cb465-3071-4133-9fe6-8138d31b9965}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee460b77-839e-4a72-9b5b-cf0e8dc519e7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c90cb465-3071-4133-9fe6-8138d31b9965}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ee460b77-839e-4a72-9b5b-cf0e8dc519e7}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Google Chrome v39.0.2171.95

[C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72
[C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Homepage] : hxxp://websearch.searchoholic.info/?pid=20495&r=2015/01/02&hid=7023770218317502325&lg=EN&cc=DE&unqvl=72

*************************

AdwCleaner[R0].txt - [3164 octets] - [05/01/2015 17:25:17]
AdwCleaner[S0].txt - [3039 octets] - [05/01/2015 17:26:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3099 octets] ##########
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Otto on 05.01.2015 at 17:28:37,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.01.2015 at 17:33:57,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Otto (administrator) on OTTO-PC on 05-01-2015 17:35:08
Running from C:\Users\Otto\Desktop
Loaded Profile: Otto (Available profiles: Otto)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2014-10-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2014-10-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-01-06] (Intel Corporation)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [4505704 2014-10-15] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2047488 2014-12-02] (RemoteMouse.net)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-127802281-1583697644-2177072777-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-127802281-1583697644-2177072777-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-04]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-18]
CHR Extension: (Google Docs) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-18]
CHR Extension: (Google Drive) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-18]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-18]
CHR Extension: (Adblock Plus) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-18]
CHR Extension: (Adblock for Youtube™) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-09-18]
CHR Extension: (Google-Suche) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-18]
CHR Extension: (Kaspersky Protection) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-04]
CHR Extension: (Google Tabellen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-18]
CHR Extension: (Google Wallet) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-18]
CHR Extension: (Google Mail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-18]
CHR Extension: (uNisaales) - C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp\ [2014-09-18]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider)
S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-09] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-01-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-01-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 17:35 - 2015-01-05 17:35 - 00019345 _____ () C:\Users\Otto\Desktop\FRST.txt
2015-01-05 17:33 - 2015-01-05 17:33 - 00000624 _____ () C:\Users\Otto\Desktop\JRT.txt
2015-01-05 17:28 - 2015-01-05 17:28 - 00003179 _____ () C:\Users\Otto\Desktop\AdwCleaner[S0].txt
2015-01-05 17:28 - 2015-01-05 17:28 - 00000000 ____D () C:\Windows\ERUNT
2015-01-05 17:24 - 2015-01-05 17:26 - 00000000 ____D () C:\AdwCleaner
2015-01-05 17:23 - 2015-01-05 17:23 - 00003736 _____ () C:\Users\Otto\Desktop\mbam.txt
2015-01-05 17:06 - 2015-01-05 17:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 17:06 - 2015-01-05 17:06 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-05 17:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-05 17:06 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-05 17:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-05 16:59 - 2015-01-05 17:04 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Otto\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-05 16:59 - 2015-01-05 17:03 - 01707939 _____ (Thisisu) C:\Users\Otto\Desktop\JRT.exe
2015-01-05 16:59 - 2015-01-05 17:00 - 02173952 _____ () C:\Users\Otto\Desktop\AdwCleaner_4.106.exe
2015-01-05 15:12 - 2015-01-05 15:12 - 00017475 _____ () C:\ComboFix.txt
2015-01-05 15:04 - 2015-01-05 15:12 - 00000000 ____D () C:\Qoobox
2015-01-05 15:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-05 15:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-05 15:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-05 15:03 - 2015-01-05 15:11 - 00000000 ____D () C:\Windows\erdnt
2015-01-05 15:00 - 2015-01-05 15:03 - 05609498 ____R (Swearware) C:\Users\Otto\Desktop\ComboFix.exe
2015-01-05 14:29 - 2015-01-05 14:30 - 00027514 _____ () C:\Users\Otto\Downloads\Addition.txt
2015-01-05 14:28 - 2015-01-05 17:35 - 00000000 ____D () C:\FRST
2015-01-05 14:28 - 2015-01-05 14:30 - 00054109 _____ () C:\Users\Otto\Downloads\FRST.txt
2015-01-05 14:27 - 2015-01-05 14:28 - 02123776 _____ (Farbar) C:\Users\Otto\Desktop\FRST64.exe
2015-01-05 14:22 - 2015-01-05 14:22 - 00001264 _____ () C:\Users\Otto\Desktop\Revo Uninstaller.lnk
2015-01-05 14:22 - 2015-01-05 14:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-05 14:20 - 2015-01-05 14:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Otto\Downloads\revosetup95.exe
2015-01-05 14:03 - 2015-01-05 14:03 - 00262144 _____ () C:\Windows\system32\config\elam
2015-01-05 12:42 - 2015-01-05 12:42 - 08682859 _____ () C:\Users\Otto\Downloads\latest_usb_driver_windows.zip
2015-01-05 12:19 - 2015-01-05 12:19 - 05537864 _____ () C:\Users\Otto\Downloads\npp.5.9.3.Installer.exe
2015-01-05 12:18 - 2015-01-05 12:19 - 05224791 _____ () C:\Users\Otto\Downloads\Layout.rar
2015-01-04 16:47 - 2010-10-06 18:51 - 25087895 _____ () C:\Users\Otto\Downloads\RUU_signed.nbh
2015-01-04 16:47 - 2009-10-16 19:08 - 00943616 _____ (udK@MyPPC.it) C:\Users\Otto\Downloads\CustomRUU.exe
2015-01-04 15:18 - 2015-01-05 14:15 - 00002330 _____ () C:\Users\Otto\Desktop\Safe Money.lnk
2015-01-04 15:18 - 2015-01-04 15:19 - 00001441 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-01-04 15:18 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-04 15:17 - 2015-01-05 17:27 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-04 15:17 - 2015-01-04 18:45 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-04 15:17 - 2015-01-04 18:45 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-04 15:17 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-01-04 15:06 - 2015-01-04 15:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-01-03 15:12 - 2015-01-03 15:12 - 475563608 _____ () C:\Windows\MEMORY.DMP
2015-01-03 15:12 - 2015-01-03 15:12 - 00962312 _____ () C:\Windows\Minidump\010315-16161-01.dmp
2015-01-03 15:12 - 2015-01-03 15:12 - 00000000 ____D () C:\Windows\Minidump
2015-01-02 18:06 - 2012-04-06 01:40 - 00000000 ____D () C:\Users\Otto\Downloads\Radio 2.08.50.05
2015-01-02 17:51 - 2015-01-02 17:51 - 00001038 _____ () C:\Users\Public\Desktop\HD2 Toolkit.lnk
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD2 Toolkit
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\Program Files (x86)\HD2 Toolkit
2015-01-02 16:49 - 2015-01-05 14:03 - 00000000 ____D () C:\Program Files (x86)\PanicButton
2015-01-02 16:46 - 2015-01-05 17:19 - 00000000 ____D () C:\Program Files (x86)\uNisaales
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____D () C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp
2015-01-02 16:44 - 2015-01-02 16:45 - 00002419 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-01-02 16:44 - 2015-01-02 16:45 - 00000000 ____D () C:\Windows\WindowsMobile
2014-12-31 03:05 - 2015-01-05 17:19 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\vlc
2014-12-31 01:24 - 2014-12-31 01:24 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\Program Files\VideoLAN
2014-12-31 01:19 - 2014-12-31 01:19 - 00001050 _____ () C:\Users\Public\Desktop\Remote Mouse.lnk
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse
2014-12-31 01:18 - 2014-12-31 01:18 - 00711781 _____ (Remote Mouse ) C:\Users\Otto\Downloads\RemoteMouse.exe
2014-12-30 11:36 - 2014-12-30 11:36 - 00000000 ____D () C:\Program Files\Elantech
2014-12-30 11:35 - 2013-10-17 12:06 - 00377608 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2014-12-29 11:31 - 2014-12-29 11:32 - 00000000 ____D () C:\Users\Otto\AppData\Local\Ubisoft Game Launcher
2014-12-29 11:24 - 2014-12-29 11:24 - 00000000 ____D () C:\ProgramData\Solidshield
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Ubisoft
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-29 11:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-27 13:56 - 2014-12-27 13:57 - 00000000 ____D () C:\Users\Otto\Desktop\MacBook
2014-12-25 21:06 - 2014-12-25 21:06 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\java
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\.minecraft
2014-12-24 03:36 - 2014-12-24 03:36 - 00000000 ____D () C:\Users\Otto\Downloads\runtime
2014-12-24 03:33 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\Downloads\game
2014-12-23 13:00 - 2014-12-23 13:01 - 27728861 _____ () C:\Users\Otto\Downloads\ROCCAT_Savu_DRV1.20_FW1.24.zip
2014-12-22 14:48 - 2014-12-29 16:57 - 00012789 _____ () C:\Users\Otto\Desktop\Swot-Analyse.xlsx
2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\Otto\AppData\Local\My Games
2014-12-20 20:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-20 20:47 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-20 20:47 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-20 20:46 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-20 20:46 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-20 20:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-20 20:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-20 20:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-20 20:46 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-20 20:46 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-20 20:46 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-20 20:46 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-12-18 12:58 - 2014-12-18 12:58 - 00042416 _____ () C:\Users\Otto\Downloads\Justiefied01.dlc
2014-12-18 12:58 - 2014-12-18 12:58 - 00040624 _____ () C:\Users\Otto\Downloads\Justiefied02.dlc
2014-12-17 13:17 - 2014-12-27 16:42 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Tropico 5
2014-12-17 13:17 - 2014-12-17 13:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Kalypso Media
2014-12-16 16:43 - 2014-12-16 16:43 - 00000220 _____ () C:\Users\Otto\Desktop\Sid Meier's Civilization V.url
2014-12-15 19:22 - 2014-12-15 19:22 - 00000222 _____ () C:\Users\Otto\Desktop\Tropico 5.url
2014-12-15 11:17 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-15 11:16 - 2014-12-15 11:16 - 00000000 ____D () C:\Program Files (x86)\SimGolf
2014-12-13 23:03 - 2014-12-13 23:03 - 00067726 _____ () C:\Users\Otto\Downloads\1212-pbe-update.html

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 17:34 - 2010-11-21 07:50 - 00699466 _____ () C:\Windows\system32\perfh007.dat
2015-01-05 17:34 - 2010-11-21 07:50 - 00149574 _____ () C:\Windows\system32\perfc007.dat
2015-01-05 17:34 - 2009-07-14 06:13 - 01619800 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 17:34 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 17:34 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 17:30 - 2014-09-18 18:57 - 01718111 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 17:27 - 2014-09-18 19:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 17:27 - 2010-11-21 04:47 - 00166080 _____ () C:\Windows\PFRO.log
2015-01-05 17:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 17:27 - 2009-07-14 05:51 - 00061777 _____ () C:\Windows\setupact.log
2015-01-05 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-05 17:19 - 2014-09-19 12:46 - 00000000 ____D () C:\Users\Otto\AppData\Local\CrashDumps
2015-01-05 17:15 - 2014-09-18 19:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 15:12 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-05 15:10 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-04 15:46 - 2014-09-19 20:33 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Skype
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-03 17:33 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-03 17:32 - 2014-09-19 12:51 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\TS3Client
2015-01-03 17:18 - 2014-09-18 19:09 - 00000000 ____D () C:\Users\Otto\Documents\Bluetooth Folder
2014-12-30 11:37 - 2014-10-04 20:57 - 00008834 _____ () C:\Windows\DPINST.LOG
2014-12-29 11:23 - 2014-09-18 19:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-29 11:22 - 2014-09-20 13:43 - 00079241 _____ () C:\Windows\DirectX.log
2014-12-29 06:54 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-22 20:14 - 2014-10-14 12:19 - 00000000 ____D () C:\Users\Otto\AppData\Local\Battle.net
2014-12-20 21:05 - 2014-09-20 13:43 - 00000000 ____D () C:\Users\Otto\Documents\My Games
2014-12-18 12:58 - 2011-03-07 12:10 - 00000000 ____D () C:\Users\Otto\Downloads\JDownloader
2014-12-16 16:43 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-15 16:18 - 2014-10-14 12:19 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-13 23:56 - 2014-10-14 12:21 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-12 02:17 - 2014-09-18 19:32 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 00:16 - 2014-09-19 20:33 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Skype
2014-12-11 10:27 - 2014-10-09 23:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Some content of TEMP:
====================
C:\Users\Otto\AppData\Local\Temp\Quarantine.exe
C:\Users\Otto\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 17:46

==================== End Of Log ============================
         
--- --- ---


FRST Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Otto at 2015-01-05 17:35:36
Running from C:\Users\Otto\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD2 Toolkit Version 4.2 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.2 - Kaushal Subedi (KSubedi))
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PanicButton (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Remote Mouse version 2.57 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.57 - Remote Mouse)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnternehmensCONTROLLER Standard 18  (HKLM-x32\...\UnternehmensCONTROLLER Standard 18 ) (Version: 18.01 - ecomplan GmbH + Planium Software Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WTFast 3.2 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.2.15.341 - Initex & AAA Internet Publishing)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-127802281-1583697644-2177072777-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

02-01-2015 00:32:56 Geplanter Prüfpunkt
02-01-2015 16:45:09 Installed Windows Mobile-Gerätecenter
04-01-2015 15:34:11 Wiederherstellungsvorgang
05-01-2015 13:42:52 Windows Update
05-01-2015 14:23:02 Revo Uninstaller's restore point - uniSAleos
05-01-2015 14:55:40 Revo Uninstaller's restore point - BoosterSys
05-01-2015 14:56:43 Revo Uninstaller's restore point - youtubeadblocker

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-05 15:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23FF4E5A-A583-4852-9D10-676EE19EB3FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {39059DCA-AC4C-431B-AD52-63F0F1FF9745} - System32\Tasks\{6D284BA5-F483-4CD6-8135-19872E88F5FD} => pcalua.exe -a C:\Users\Otto\Downloads\Setup.exe -d C:\Users\Otto\Downloads
Task: {43958109-765C-45E0-8C9A-1171CA3C0CCA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {51683C56-E7A8-47F4-B03E-E422A0DA6EC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5367CBF0-0941-4F0C-9534-FDEC273F252D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {C996CC88-559D-4165-A977-3B3A73809B30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18] (Google Inc.)
Task: {CBD98DFE-CE76-4F2B-9881-80B3CB64F8B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E5ADDADF-6415-451D-B814-1462E0AE1080} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EE6F1237-6CED-496D-B790-637B8F8AACED} - System32\Tasks\{DA955059-A23F-4A93-BAC6-199FDAF6F6CC} => pcalua.exe -a "C:\Users\Otto\Downloads\setup (4).exe" -d C:\Users\Otto\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-19 13:46 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-05 12:03 - 2014-09-05 12:03 - 00455784 _____ () C:\Windows\system32\igfxTray.exe
2008-12-20 02:20 - 2014-10-04 20:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-28 13:34 - 2014-10-04 20:56 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 15:31 - 2014-10-04 20:56 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2014-09-19 13:39 - 2014-07-02 21:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-31 01:19 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-09-18 19:39 - 2005-06-24 18:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-127802281-1583697644-2177072777-500 - Administrator - Disabled)
Gast (S-1-5-21-127802281-1583697644-2177072777-501 - Limited - Disabled)
Otto (S-1-5-21-127802281-1583697644-2177072777-1000 - Administrator - Enabled) => C:\Users\Otto

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-01-05 15:09:56.092
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-05 15:09:56.061
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-05 13:45:22.519
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.517
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.515
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-05 13:45:22.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.085
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-04 17:48:26.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 35%
Total physical RAM: 3992.36 MB
Available physical RAM: 2579.09 MB
Total Pagefile: 7982.9 MB
Available Pagefile: 6290.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.78 GB) (Free:342.8 GB) NTFS
Drive e: (Office.13.SP1.x64.1609-FKY) (CDROM) (Total:2.69 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 05.01.2015, 18:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Plötzliche Werbeprobleme trotz ABP

Alt 07.01.2015, 16:44   #7
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Hey schrauber,

Sorry hatte die letzten 2 Tage ein wenig Stress.

Werde es morgen gleich mal ausprobieren und mich dann bei dir melden!

Alt 07.01.2015, 17:19   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 15:13   #9
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Hallo schrauber,

hier die Logfiles!

Fixlog.txt
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Otto at 2015-01-08 13:52:21 Run:1
Running from C:\Users\Otto\Desktop
Loaded Profile: Otto (Available profiles: Otto)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-127802281-1583697644-2177072777-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 90.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:52:23 ====
         
ESET Scan:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=40aead49143c6847bdaf85cee74a7e27
# engine=21869
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-08 02:53:11
# local_time=2015-01-08 03:53:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 10769 24801473 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 43105 172358641 0 0
# scanned=248721
# found=8
# cleaned=0
# scan_time=4133
sh=3E65536552466BA427460042883737F3818F5F47 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp\e.js"
sh=DDD4D93DD9253BC0334F19E88B34B22089C229FB ft=1 fh=c71c0011f16a3952 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\uniSAleos\dBmycSjM1JXa5r.dll.vir"
sh=5ED2CEEA5443E5B813A33CEE8E60CC5069F1B2E6 ft=1 fh=87f90cf5cfb62167 vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\uniSAleos\dBmycSjM1JXa5r.x64.dll.vir"
sh=A42FCB75C2123538AFE2289E8C4412376C9A703C ft=1 fh=c71c0011ea99edd2 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.dll.vir"
sh=ED970E7DD4B3F791CC22231F610ECE15E33B830A ft=1 fh=87f90cf5460baf97 vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\youtubeadblocker\P9dc4hfTrTbfqc.x64.dll.vir"
sh=3E65536552466BA427460042883737F3818F5F47 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\All Users\fbbapeneehjbpdpcelkkfnpjpgkdkcfp\e.js"
sh=E1DD25B6F4ACBBA64A7F0DB5A46435416541A1C2 ft=1 fh=a9e5795c81b63289 vn="Variante von Win32/RiskWare.HackAV.OM Anwendung" ac=I fn="C:\Users\Otto\Downloads\Kaspersky Internet Security 2015 15.0.0.463a Final\Medicine\KRT_3.0.0.34\KRT_3.0.0.34.exe"
sh=CC3FABBAF10942B7DD15DC9E2D2C77471793568D ft=0 fh=0000000000000000 vn="BAT/HackAV.E Anwendung" ac=I fn="C:\Users\Otto\Downloads\Kaspersky Internet Security 2015 15.0.0.463a Final\Medicine\Trial Extender Batch\kis361.bat"
         
Security Check Log
Code:
ATTFilter
Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Java version 32-bit out of Date! 
 Adobe Reader XI  
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Otto (administrator) on OTTO-PC on 08-01-2015 16:06:23
Running from C:\Users\Otto\Desktop
Loaded Profile: Otto (Available profiles: Otto)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2014-10-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2014-10-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-01-06] (Intel Corporation)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2047488 2014-12-02] (RemoteMouse.net)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-127802281-1583697644-2177072777-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-127802281-1583697644-2177072777-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-04]

Chrome: 
=======
CHR Profile: C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-08]
CHR Extension: (Google Docs) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-08]
CHR Extension: (Google Drive) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-08]
CHR Extension: (YouTube) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-08]
CHR Extension: (Google-Suche) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-08]
CHR Extension: (Google Tabellen) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-08]
CHR Extension: (Google Wallet) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-08]
CHR Extension: (Google Mail) - C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-08]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider)
S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-09] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-01-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-01-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 16:06 - 2015-01-08 16:06 - 00018970 _____ () C:\Users\Otto\Desktop\FRST.txt
2015-01-08 16:02 - 2015-01-08 16:02 - 00852505 _____ () C:\Users\Otto\Desktop\SecurityCheck.exe
2015-01-08 14:00 - 2015-01-08 14:00 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-08 13:59 - 2015-01-08 13:59 - 02347384 _____ (ESET) C:\Users\Otto\Desktop\esetsmartinstaller_deu.exe
2015-01-08 13:52 - 2015-01-08 13:52 - 00000000 ____D () C:\Users\Otto\Desktop\FRST-OlderVersion
2015-01-08 13:48 - 2015-01-08 13:48 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-08 13:48 - 2015-01-08 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-08 13:29 - 2015-01-08 15:34 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 13:29 - 2015-01-08 13:54 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 13:29 - 2015-01-08 13:29 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-08 13:29 - 2015-01-08 13:29 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-07 12:53 - 2015-01-07 12:53 - 00010965 _____ () C:\Users\Otto\Downloads\Verkaufspreis.xlsx
2015-01-06 14:27 - 2015-01-06 14:27 - 00000000 ____D () C:\Users\Otto\Documents\ANNO 2070
2015-01-06 13:18 - 2015-01-05 14:16 - 00013849 _____ () C:\Users\Otto\Desktop\Bookmarks.bak
2015-01-06 13:18 - 2015-01-05 14:16 - 00013849 _____ () C:\Users\Otto\Desktop\Bookmarks
2015-01-05 19:46 - 2015-01-05 19:47 - 00880784 _____ (Google Inc.) C:\Users\Otto\Downloads\ChromeSetup.exe
2015-01-05 17:28 - 2015-01-05 17:28 - 00000000 ____D () C:\Windows\ERUNT
2015-01-05 17:24 - 2015-01-05 17:26 - 00000000 ____D () C:\AdwCleaner
2015-01-05 17:06 - 2015-01-08 13:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 17:06 - 2015-01-05 17:06 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-05 17:06 - 2015-01-05 17:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-05 17:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-05 17:06 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-05 17:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-05 16:59 - 2015-01-05 17:04 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Otto\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-05 16:59 - 2015-01-05 17:03 - 01707939 _____ (Thisisu) C:\Users\Otto\Desktop\JRT.exe
2015-01-05 16:59 - 2015-01-05 17:00 - 02173952 _____ () C:\Users\Otto\Desktop\AdwCleaner_4.106.exe
2015-01-05 15:12 - 2015-01-05 15:12 - 00017475 _____ () C:\ComboFix.txt
2015-01-05 15:04 - 2015-01-05 15:12 - 00000000 ____D () C:\Qoobox
2015-01-05 15:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-05 15:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-05 15:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-05 15:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-05 15:03 - 2015-01-05 15:11 - 00000000 ____D () C:\Windows\erdnt
2015-01-05 15:00 - 2015-01-05 15:03 - 05609498 ____R (Swearware) C:\Users\Otto\Desktop\ComboFix.exe
2015-01-05 14:29 - 2015-01-05 14:30 - 00027514 _____ () C:\Users\Otto\Downloads\Addition.txt
2015-01-05 14:28 - 2015-01-08 16:06 - 00000000 ____D () C:\FRST
2015-01-05 14:28 - 2015-01-05 14:30 - 00054109 _____ () C:\Users\Otto\Downloads\FRST.txt
2015-01-05 14:27 - 2015-01-08 13:52 - 02124288 _____ (Farbar) C:\Users\Otto\Desktop\FRST64.exe
2015-01-05 14:22 - 2015-01-05 14:22 - 00001264 _____ () C:\Users\Otto\Desktop\Revo Uninstaller.lnk
2015-01-05 14:22 - 2015-01-05 14:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-05 14:20 - 2015-01-05 14:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Otto\Downloads\revosetup95.exe
2015-01-05 14:03 - 2015-01-05 14:03 - 00262144 _____ () C:\Windows\system32\config\elam
2015-01-05 12:42 - 2015-01-05 12:42 - 08682859 _____ () C:\Users\Otto\Downloads\latest_usb_driver_windows.zip
2015-01-05 12:19 - 2015-01-05 12:19 - 05537864 _____ () C:\Users\Otto\Downloads\npp.5.9.3.Installer.exe
2015-01-05 12:18 - 2015-01-05 12:19 - 05224791 _____ () C:\Users\Otto\Downloads\Layout.rar
2015-01-04 16:47 - 2010-10-06 18:51 - 25087895 _____ () C:\Users\Otto\Downloads\RUU_signed.nbh
2015-01-04 16:47 - 2009-10-16 19:08 - 00943616 _____ (udK@MyPPC.it) C:\Users\Otto\Downloads\CustomRUU.exe
2015-01-04 15:18 - 2015-01-05 14:15 - 00002330 _____ () C:\Users\Otto\Desktop\Safe Money.lnk
2015-01-04 15:18 - 2015-01-04 15:19 - 00001441 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-01-04 15:18 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-04 15:17 - 2015-01-08 13:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-04 15:17 - 2015-01-04 18:45 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-04 15:17 - 2015-01-04 18:45 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-01-04 15:17 - 2015-01-04 15:17 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-04 15:17 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-01-04 15:06 - 2015-01-04 15:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-01-03 15:12 - 2015-01-07 11:02 - 00000000 ____D () C:\Windows\Minidump
2015-01-03 15:12 - 2015-01-03 15:12 - 475563608 _____ () C:\Windows\MEMORY.DMP
2015-01-03 15:12 - 2015-01-03 15:12 - 00962312 _____ () C:\Windows\Minidump\010315-16161-01.dmp
2015-01-02 18:06 - 2012-04-06 01:40 - 00000000 ____D () C:\Users\Otto\Downloads\Radio 2.08.50.05
2015-01-02 17:51 - 2015-01-02 17:51 - 00001038 _____ () C:\Users\Public\Desktop\HD2 Toolkit.lnk
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD2 Toolkit
2015-01-02 17:51 - 2015-01-02 17:51 - 00000000 ____D () C:\Program Files (x86)\HD2 Toolkit
2015-01-02 16:49 - 2015-01-05 14:03 - 00000000 ____D () C:\Program Files (x86)\PanicButton
2015-01-02 16:46 - 2015-01-05 17:19 - 00000000 ____D () C:\Program Files (x86)\uNisaales
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2015-01-02 16:46 - 2015-01-02 16:46 - 00000000 ____D () C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp
2015-01-02 16:44 - 2015-01-02 16:45 - 00002419 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-01-02 16:44 - 2015-01-02 16:45 - 00000000 ____D () C:\Windows\WindowsMobile
2014-12-31 03:05 - 2015-01-07 01:02 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\vlc
2014-12-31 01:24 - 2014-12-31 01:24 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-31 01:24 - 2014-12-31 01:24 - 00000000 ____D () C:\Program Files\VideoLAN
2014-12-31 01:19 - 2014-12-31 01:19 - 00001050 _____ () C:\Users\Public\Desktop\Remote Mouse.lnk
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2014-12-31 01:19 - 2014-12-31 01:19 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse
2014-12-31 01:18 - 2014-12-31 01:18 - 00711781 _____ (Remote Mouse ) C:\Users\Otto\Downloads\RemoteMouse.exe
2014-12-30 11:36 - 2014-12-30 11:36 - 00000000 ____D () C:\Program Files\Elantech
2014-12-30 11:35 - 2013-10-17 12:06 - 00377608 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2014-12-29 11:31 - 2015-01-06 14:23 - 00000000 ____D () C:\Users\Otto\AppData\Local\Ubisoft Game Launcher
2014-12-29 11:24 - 2014-12-29 11:24 - 00000000 ____D () C:\ProgramData\Solidshield
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Ubisoft
2014-12-29 11:23 - 2014-12-29 11:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-29 11:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-29 11:22 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-29 11:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-27 13:56 - 2014-12-27 13:57 - 00000000 ____D () C:\Users\Otto\Desktop\MacBook
2014-12-25 21:06 - 2014-12-25 21:06 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\java
2014-12-24 03:37 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\.minecraft
2014-12-24 03:36 - 2014-12-24 03:36 - 00000000 ____D () C:\Users\Otto\Downloads\runtime
2014-12-24 03:33 - 2014-12-24 03:37 - 00000000 ____D () C:\Users\Otto\Downloads\game
2014-12-23 13:00 - 2014-12-23 13:01 - 27728861 _____ () C:\Users\Otto\Downloads\ROCCAT_Savu_DRV1.20_FW1.24.zip
2014-12-22 14:48 - 2014-12-29 16:57 - 00012789 _____ () C:\Users\Otto\Desktop\Swot-Analyse.xlsx
2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\Otto\AppData\Local\My Games
2014-12-20 20:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-20 20:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-20 20:47 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-20 20:47 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-20 20:47 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-20 20:47 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-20 20:47 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-20 20:47 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-20 20:47 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-20 20:47 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-20 20:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-20 20:46 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-20 20:46 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-20 20:46 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-20 20:46 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-20 20:46 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-20 20:46 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-20 20:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-20 20:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-20 20:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-20 20:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-20 20:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-20 20:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-20 20:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-20 20:46 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-20 20:46 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-20 20:46 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-20 20:46 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-20 20:46 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-20 20:46 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-20 20:46 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-20 20:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-20 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-20 20:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-20 20:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-20 20:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-20 20:46 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-12-18 12:58 - 2014-12-18 12:58 - 00042416 _____ () C:\Users\Otto\Downloads\Justiefied01.dlc
2014-12-18 12:58 - 2014-12-18 12:58 - 00040624 _____ () C:\Users\Otto\Downloads\Justiefied02.dlc
2014-12-17 13:17 - 2014-12-27 16:42 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Tropico 5
2014-12-17 13:17 - 2014-12-17 13:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Kalypso Media
2014-12-16 16:43 - 2014-12-16 16:43 - 00000220 _____ () C:\Users\Otto\Desktop\Sid Meier's Civilization V.url
2014-12-15 19:22 - 2014-12-15 19:22 - 00000222 _____ () C:\Users\Otto\Desktop\Tropico 5.url
2014-12-15 11:17 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-15 11:16 - 2014-12-15 11:16 - 00000000 ____D () C:\Program Files (x86)\SimGolf
2014-12-13 23:03 - 2014-12-13 23:03 - 00067726 _____ () C:\Users\Otto\Downloads\1212-pbe-update.html

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 14:00 - 2010-11-21 07:50 - 00699466 _____ () C:\Windows\system32\perfh007.dat
2015-01-08 14:00 - 2010-11-21 07:50 - 00149574 _____ () C:\Windows\system32\perfc007.dat
2015-01-08 14:00 - 2009-07-14 06:13 - 01619800 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 14:00 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 14:00 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 13:56 - 2014-09-18 18:57 - 01758834 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 13:53 - 2010-11-21 04:47 - 00169494 _____ () C:\Windows\PFRO.log
2015-01-08 13:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 13:53 - 2009-07-14 05:51 - 00063177 _____ () C:\Windows\setupact.log
2015-01-08 13:48 - 2014-09-18 19:31 - 00000000 ____D () C:\Users\Otto\AppData\Local\Google
2015-01-08 13:29 - 2014-09-18 19:31 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-08 03:22 - 2014-09-19 12:51 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\TS3Client
2015-01-08 01:12 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 11:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2015-01-07 01:03 - 2014-09-19 12:46 - 00000000 ____D () C:\Users\Otto\AppData\Local\CrashDumps
2015-01-06 13:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-05 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-05 15:12 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-05 15:10 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-04 15:46 - 2014-09-19 20:33 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Skype
2015-01-04 15:46 - 2014-09-19 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-03 17:18 - 2014-09-18 19:09 - 00000000 ____D () C:\Users\Otto\Documents\Bluetooth Folder
2014-12-30 11:37 - 2014-10-04 20:57 - 00008834 _____ () C:\Windows\DPINST.LOG
2014-12-29 11:23 - 2014-09-18 19:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-29 11:22 - 2014-09-20 13:43 - 00079241 _____ () C:\Windows\DirectX.log
2014-12-29 06:54 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-22 20:14 - 2014-10-14 12:19 - 00000000 ____D () C:\Users\Otto\AppData\Local\Battle.net
2014-12-20 21:05 - 2014-09-20 13:43 - 00000000 ____D () C:\Users\Otto\Documents\My Games
2014-12-18 12:58 - 2011-03-07 12:10 - 00000000 ____D () C:\Users\Otto\Downloads\JDownloader
2014-12-16 16:43 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-15 16:18 - 2014-10-14 12:19 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-13 23:56 - 2014-10-14 12:21 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-12 00:16 - 2014-09-19 20:33 - 00000000 ____D () C:\Users\Otto\AppData\Roaming\Skype
2014-12-11 10:27 - 2014-10-09 23:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 17:46

==================== End Of Log ============================
         
--- --- ---


Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Otto at 2015-01-08 16:07:00
Running from C:\Users\Otto\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD2 Toolkit Version 4.2 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.2 - Kaushal Subedi (KSubedi))
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PanicButton (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Remote Mouse version 2.57 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.57 - Remote Mouse)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnternehmensCONTROLLER Standard 18  (HKLM-x32\...\UnternehmensCONTROLLER Standard 18 ) (Version: 18.01 - ecomplan GmbH + Planium Software Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-127802281-1583697644-2177072777-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

02-01-2015 00:32:56 Geplanter Prüfpunkt
02-01-2015 16:45:09 Installed Windows Mobile-Gerätecenter
04-01-2015 15:34:11 Wiederherstellungsvorgang
05-01-2015 13:42:52 Windows Update
05-01-2015 14:23:02 Revo Uninstaller's restore point - uniSAleos
05-01-2015 14:55:40 Revo Uninstaller's restore point - BoosterSys
05-01-2015 14:56:43 Revo Uninstaller's restore point - youtubeadblocker
08-01-2015 13:21:14 Revo Uninstaller's restore point - Google Chrome
08-01-2015 13:24:35 Revo Uninstaller's restore point - WTFast 3.2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-05 15:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23FF4E5A-A583-4852-9D10-676EE19EB3FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2F4205AD-DAC4-4850-B07A-E6A1F08A8617} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-08] (Google Inc.)
Task: {39059DCA-AC4C-431B-AD52-63F0F1FF9745} - System32\Tasks\{6D284BA5-F483-4CD6-8135-19872E88F5FD} => pcalua.exe -a C:\Users\Otto\Downloads\Setup.exe -d C:\Users\Otto\Downloads
Task: {43958109-765C-45E0-8C9A-1171CA3C0CCA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {51683C56-E7A8-47F4-B03E-E422A0DA6EC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {AA643035-7A6F-429E-920A-27ECEC7304D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-08] (Google Inc.)
Task: {CBD98DFE-CE76-4F2B-9881-80B3CB64F8B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E5ADDADF-6415-451D-B814-1462E0AE1080} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EE6F1237-6CED-496D-B790-637B8F8AACED} - System32\Tasks\{DA955059-A23F-4A93-BAC6-199FDAF6F6CC} => pcalua.exe -a "C:\Users\Otto\Downloads\setup (4).exe" -d C:\Users\Otto\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-19 13:46 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-05 12:03 - 2014-09-05 12:03 - 00455784 _____ () C:\Windows\system32\igfxTray.exe
2008-12-20 02:20 - 2014-10-04 20:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-28 13:34 - 2014-10-04 20:56 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 15:31 - 2014-10-04 20:56 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 02:20 - 2014-10-04 20:56 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-09-19 13:39 - 2014-07-02 21:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-31 01:19 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-09-18 19:39 - 2005-06-24 18:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
2015-01-08 13:48 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-08 13:48 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-08 13:48 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-08 13:48 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-127802281-1583697644-2177072777-500 - Administrator - Disabled)
Gast (S-1-5-21-127802281-1583697644-2177072777-501 - Limited - Disabled)
Otto (S-1-5-21-127802281-1583697644-2177072777-1000 - Administrator - Enabled) => C:\Users\Otto

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 04:01:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 02:00:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 02:00:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 02:00:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 02:00:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 02:00:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2015 01:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2015 01:16:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2015 07:12:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/08/2015 01:11:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CivilizationV_DX11.exe, Version 1.0.3.279 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1eb8

Startzeit: 01d02aa0d0264e5b

Endzeit: 40

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe

Berichts-ID:


System errors:
=============
Error: (01/08/2015 01:53:37 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (01/08/2015 01:53:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:53:32 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{940975B0-A7B9-43E8-83D6-7777650818CB} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/08/2015 01:53:29 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:50:55 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:50:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:50:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:48:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:48:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2015 01:48:22 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "OTTO-PC        :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.34
registriert werden. Der Computer mit IP-Adresse 192.168.178.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


Microsoft Office Sessions:
=========================
Error: (01/08/2015 04:01:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/08/2015 02:00:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Otto\Desktop\esetsmartinstaller_deu.exe

Error: (01/08/2015 02:00:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Otto\Desktop\esetsmartinstaller_deu.exe

Error: (01/08/2015 02:00:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Otto\Desktop\esetsmartinstaller_deu.exe

Error: (01/08/2015 02:00:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Otto\Desktop\esetsmartinstaller_deu.exe

Error: (01/08/2015 02:00:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Otto\Downloads\esetsmartinstaller_deu.exe

Error: (01/08/2015 01:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2015 01:16:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2015 07:12:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/08/2015 01:11:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CivilizationV_DX11.exe1.0.3.2791eb801d02aa0d0264e5b40C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe


CodeIntegrity Errors:
===================================
  Date: 2015-01-08 04:59:56.520
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.519
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.502
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.500
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.480
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.433
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.382
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-08 04:59:56.380
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-06 15:40:00.001
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 57%
Total physical RAM: 3992.36 MB
Available physical RAM: 1688.34 MB
Total Pagefile: 7982.9 MB
Available Pagefile: 5541.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.78 GB) (Free:338.85 GB) NTFS
Drive e: (Office.13.SP1.x64.1609-FKY) (CDROM) (Total:2.69 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:7.47 GB) (Free:6.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00167168)
Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


So hoffentlih wars das jetzt

MfG
Necurok

Alt 08.01.2015, 17:51   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Zitat:
sh=E1DD25B6F4ACBBA64A7F0DB5A46435416541A1C2 ft=1 fh=a9e5795c81b63289 vn="Variante von Win32/RiskWare.HackAV.OM Anwendung" ac=I fn="C:\Users\Otto\Downloads\Kaspersky Internet Security 2015 15.0.0.463a Final\Medicine\KRT_3.0.0.34\KRT_3.0.0.34.exe"
sh=CC3FABBAF10942B7DD15DC9E2D2C77471793568D ft=0 fh=0000000000000000 vn="BAT/HackAV.E Anwendung" ac=I fn="C:\Users\Otto\Downloads\Kaspersky Internet Security 2015 15.0.0.463a Final\Medicine\Trial Extender Batch\kis361.bat"
Wasn das für ein Müll?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 18:11   #11
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Alter Müll den ich gerade gelöscht habe?

Alt 08.01.2015, 19:05   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Und das Kaspersky welches bei dir läuft ist gekauft?


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\ProgramData\fbbapeneehjbpdpcelkkfnpjpgkdkcfp
C:\Users\Otto\Downloads\Kaspersky Internet Security 2015 15.0.0.463a Final
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Java updaten.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.01.2015, 13:40   #13
Necurok
 
Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



Danke schrauber!

Jetzt wollte ich dir den Logfile posten aber Delfix hat ihn mir weggelöscht

Eine Frage noch ich habe diesen Ordner gerade entdeckt:

C:\8c16e4d75a53443fc30f6b1c7e

Ist dieser harmlos? Er hat so einen komischen Namen

Geändert von Necurok (10.01.2015 um 13:46 Uhr)

Alt 10.01.2015, 14:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliche Werbeprobleme trotz ABP - Standard

Plötzliche Werbeprobleme trotz ABP



kommt von Windows Update
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Plötzliche Werbeprobleme trotz ABP
adobe, adware, browser, cpu, defender, desktop, ebanking, failed, google, installation, kaspersky, malware, popup, registry, rundll, scan, security, services.exe, software, svchost.exe, system, temp, usb, werbung, windows, wlan



Ähnliche Themen: Plötzliche Werbeprobleme trotz ABP


  1. Plötzliche Systemabschaltung bei Windows 7 und Bluescreen
    Log-Analyse und Auswertung - 21.10.2015 (10)
  2. Mbam Funde auf Win 7, plötzliche Neustarts
    Log-Analyse und Auswertung - 22.11.2014 (7)
  3. Malewareverdacht/ Mac / Plötzliche Weiterleitung auf Videoplayer Aktualisierung
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (1)
  4. Plötzliche Werbung in Firefox und Internet Explorer
    Log-Analyse und Auswertung - 11.09.2014 (9)
  5. Wiederholte plötzliche Radioeinspielung (Windows 7)
    Log-Analyse und Auswertung - 24.08.2014 (9)
  6. ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser
    Log-Analyse und Auswertung - 14.08.2014 (5)
  7. Plötzliche Musikabspielung
    Mülltonne - 02.07.2012 (1)
  8. Plötzliche Trojaner auf dem PC!
    Plagegeister aller Art und deren Bekämpfung - 13.10.2011 (3)
  9. Plötzliche Computer Abstürze
    Log-Analyse und Auswertung - 28.09.2011 (22)
  10. langsames Hochfahren und plötzliche IE Popups
    Log-Analyse und Auswertung - 13.11.2010 (5)
  11. neuer Computer, plötzliche FPS-Einbrüche bei CoD4
    Log-Analyse und Auswertung - 19.10.2009 (0)
  12. Vista - Plötzliche Änderungen von Systemeinstellungen
    Alles rund um Windows - 08.03.2009 (3)
  13. Plötzliche IE7 Probleme
    Log-Analyse und Auswertung - 02.08.2008 (0)
  14. Verschiedene plötzliche Probleme - Virus?
    Log-Analyse und Auswertung - 09.07.2008 (7)
  15. Laptop sehr langsam & plötzliche Fehler
    Plagegeister aller Art und deren Bekämpfung - 03.03.2008 (26)
  16. Plötzliche Cpu Auslastung stockender PC
    Log-Analyse und Auswertung - 05.09.2006 (3)
  17. plötzliche Fehlermeldung von regedit.exe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2005 (2)

Zum Thema Plötzliche Werbeprobleme trotz ABP - Hallo Liebes Forum, ich habe seit einigen Tagen wieder Probleme mit Werbung mit Chrome und das obwohl ich AdBlock Plus installiert habe. Das Problem trat auf als ich das HTC - Plötzliche Werbeprobleme trotz ABP...
Archiv
Du betrachtest: Plötzliche Werbeprobleme trotz ABP auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.