Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ich kann keine Programme mehr öffnen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.01.2015, 11:07   #16
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Hier die Fix List.

Ja ist installiert und hat mir das nach dem Download angezeigt.


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL = 
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


[CODE][/CO
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL = 
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---
DE]

Habe es noch einmal versucht und die txt am Desktop gespeichert. Aber FRST lässt mir keinen Fix mehr machen. No Fixlist found?

[CODE][
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL = 
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---
/CODE]

Sorry wenn die jetzt doppelt und dreifach sind..

Alt 30.01.2015, 13:28   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Zitat:
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Wo liegt denn bei Dir FRST?

FRST neu laden, auf den Desktop, dann klappt das auch mit der Fixlist .

Was machen die Fehlermeldungen nach Neustart?
__________________

__________________

Alt 31.01.2015, 08:46   #18
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



So jetzt aber...
Habe es auf dem Desktop noch einmal runtergeladen aber die Fehlermeldungen gingen beim Neustart leider wieder auf...

[CODE][Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by ar-sports at 2015-01-30 15:27:33 Run:1
Running from C:\Users\ar-sports\Desktop
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Desktop\FreeVideoDub1810.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT1351351\Softonic_DeutschAutoUpdaterHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngin0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD1.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\ldrtbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof1.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\GLF11.tmp.tbDVDV.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\Softonic_Deutsch.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\ToolbarUpdater_1289802965\autoUpdater.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngin0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngine.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\prxtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVDV.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\ldrtbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSof1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSoft.dll
Emptytemp:

*****************

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Desktop\FreeVideoDub1810.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT1351351\Softonic_DeutschAutoUpdaterHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngin0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\ldrtbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\GLF11.tmp.tbDVDV.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\Softonic_Deutsch.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\ToolbarUpdater_1289802965\autoUpdater.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngin0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\prxtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVDV.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\ldrtbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSof1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSoft.dll => Moved successfully.
EmptyTemp: => Removed 2.5 GB temporary data.


The system needed a reboot.

==== End of Fixlog 15:31:13 ====/CODE]

Hallo Schrauber hier noch eine Info die vielleicht relevant ist.

Immer wenn ich den Computer runter fahre erscheint

Schalten Sie den Computer nicht aus es wird 1 von 1 Update installiert..... Das erscheint immer! Update waren immer so alle 2-4 Wochen und dann aber mehrere.


Wenn der Computer hochgefahren ist erscheint nach ca. 3-4 Minuten die Info Java Auto Updater Möchten Sie zulassen das durch das folgende Programm bla bla bla.....

Habe mit ja oder mit nein etc. bestätigt die Frage kommt aber immer wieder..
__________________

Alt 31.01.2015, 12:36   #19
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Die Net Framework Fehler erscheinen immer noch obwohl das Framework jetzt installiert ist?


  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.01.2015, 18:31   #20
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Leider keine Besserung. Alles wie vorher :-(


Alt 01.02.2015, 09:02   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Windows Scheibe zur Hand?
__________________
--> Ich kann keine Programme mehr öffnen

Alt 01.02.2015, 11:35   #22
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Was meinst Du mit Windows Scheibe??

Alt 01.02.2015, 16:07   #23
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



na die Windows DVD
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 16:43   #24
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Achso eine DVD

Sorry ich habe gerade den der mir den Laptop verkauft und eingerichtet hat angerufen und der meinte Windows war vorinstalliert.

Alt 01.02.2015, 18:43   #25
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Dann müssen wir ne ISO bauen

http://www.trojaner-board.de/100776-...-download.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 18:43   #26
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Dann müssen wir ne ISO bauen

http://www.trojaner-board.de/100776-...-download.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2015, 16:41   #27
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Hallo Schrauber DVD ist fertig. Es geht ja nur um eine Reparatur und nicht um eine komplette Neuinstallierung oder? Sonst muss ich alle Daten sichern..

Alt 02.02.2015, 20:17   #28
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



genau, nur reparieren

"In Place Upgrade"
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2015, 21:23   #29
Unwissender1
 
Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Hm also ich hoffe das ist das richtige was ich da runter geladen habe??

Ich drücke auf Boot und dann kommt folgendes und wo soll ich da drücken sorry für die doofen Fragen..
Miniaturansicht angehängter Grafiken
-20150202_221722_resized.jpg   -20150202_221741_resized.jpg  

Alt 03.02.2015, 08:36   #30
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann keine Programme mehr öffnen - Standard

Ich kann keine Programme mehr öffnen



Sicher dass Du das ISO korrekt auf die DVD gebracht hast?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Ich kann keine Programme mehr öffnen
anderes, anti, antivirus, bilder, erscheine, erscheint, fehler, fenster, free, gestern, hallo zusammen, hochfahren, hoffe, jahre, kleine, laptops, neues, nicht mehr, nichts, programme, programmen, versucht, woche, zusammen, öffnen



Ähnliche Themen: Ich kann keine Programme mehr öffnen


  1. Kann keine Programme mehr öffnen, unterschiedliche Fehlermeldungen! Win 8
    Alles rund um Windows - 20.02.2014 (2)
  2. Keine Programme öffnen sich mehr | XP
    Alles rund um Windows - 08.03.2011 (1)
  3. keine programme mehr zu öffnen--kein inetexplorer-keine Fehlermeldung->virus
    Plagegeister aller Art und deren Bekämpfung - 18.10.2010 (4)
  4. Kann keine Programme mehr öffnen!Virus?
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  5. Hilfe !!! Kann keine Programme mehr öffnen !!!
    Log-Analyse und Auswertung - 25.08.2009 (3)
  6. Kann keine Programme mehr öffnen !!!
    Alles rund um Windows - 24.08.2009 (1)
  7. kann keine datenträger mehr öffnen-->keine win32-anwendung
    Plagegeister aller Art und deren Bekämpfung - 01.01.2009 (2)
  8. Kann keine Programme mehr öffnen
    Mülltonne - 09.07.2008 (1)
  9. Kann keine Dateien/Programme mehr downloaden & keine Videos abspielen
    Alles rund um Windows - 14.06.2008 (12)
  10. Kann keine Programme mehr öffnen!
    Log-Analyse und Auswertung - 27.05.2008 (1)
  11. Hilfe!!! Kann Programme nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 06.05.2008 (5)
  12. kann keine Programme mehr ausführen
    Plagegeister aller Art und deren Bekämpfung - 11.12.2007 (7)
  13. Kann keine Programme mehr öffnen (".INK)
    Plagegeister aller Art und deren Bekämpfung - 16.08.2007 (10)
  14. Kann keine Programme mehr installieren
    Plagegeister aller Art und deren Bekämpfung - 14.08.2007 (10)
  15. Kann keine Programme mehr öffnen
    Alles rund um Windows - 28.12.2006 (1)
  16. Kann keine Programme mehr von CD installieren
    Alles rund um Windows - 25.04.2006 (14)
  17. Kann keine Programme mehr oeffnen!!!
    Alles rund um Windows - 05.11.2004 (1)

Zum Thema Ich kann keine Programme mehr öffnen - Hier die Fix List. Ja ist installiert und hat mir das nach dem Download angezeigt. FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result - Ich kann keine Programme mehr öffnen...
Archiv
Du betrachtest: Ich kann keine Programme mehr öffnen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.