Kein Internetzugriff, nur durch Browser.

PhesmanLP · 05.04.2015, 18:03

Schönen guten Tag,
ich habe ein Problem mit meinem Windows 8 Computer.
Seit (ich meine) vorgestern kam mein Sohn an, und meinte er könnte sein Spiel nicht spielen. Dies erwies sich auch später. Man hatte nurnoch durch den Standartbrowser Zugriff.
Ich habe versucht meine Malwarebytes Datenbank zu aktualisieren... Komisch.
Verbindung mit dem Aktualisierungsserver fehlgeschlagen..

Kann mir jemand helfen?

Logs:
FRST64:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Robert (administrator) on GAMERPC on 05-04-2015 18:54:23
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert &  (Available profiles: Florian & Robert & Matthis)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1330944 2015-01-29] (Bogdan Sharkov)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Florian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-19] (Spotify Ltd)
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Florian\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-19] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1002 -> DefaultScope {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1002 -> {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-28] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Visual Basic\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
Tcpip\..\Interfaces\{097A13CA-7B61-473E-84C3-3B048D361D21}: [NameServer] 192.168.178.27,192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-01]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-01]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-01]
CHR Extension: (Google Search) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-01]
CHR Extension: (Google Sheets) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-01]
CHR Extension: (Avast Online Security) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-01]
CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-28] (Avast Software s.r.o.)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-28] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-18] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-26] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-28] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-28] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-28] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-28] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-03-20] (Kingsoft Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-26] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-18] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2013-12-11] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 18:54 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-04-05 18:54 - 2015-04-05 18:54 - 00024199 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-04-05 18:54 - 2015-04-05 18:54 - 00000000 ____D () C:\FRST
2015-04-05 18:53 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2015-04-05 13:58 - 2015-04-05 13:58 - 00000000 ____D () C:\Users\Florian\.idlerc
2015-04-05 13:56 - 2015-04-05 13:57 - 00000653 _____ () C:\Users\Florian\Desktop\server.properties
2015-04-05 13:46 - 2015-04-05 13:46 - 00000061 _____ () C:\Users\Florian\Desktop\spam.txt
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Local\pip
2015-04-05 13:45 - 2015-04-05 13:46 - 00000000 ____D () C:\Python34
2015-04-05 13:43 - 2015-04-05 13:45 - 25550848 _____ () C:\Users\Florian\Downloads\python-3.4.3.amd64.msi
2015-04-05 13:41 - 2015-04-05 13:58 - 00005775 _____ () C:\Users\Florian\Desktop\Pwnage.py
2015-04-05 12:46 - 2015-01-23 09:18 - 22290560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-05 12:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 19731312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-05 12:45 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-05 12:45 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-05 12:29 - 2015-04-05 12:29 - 00316976 _____ () C:\Windows\Minidump\040515-25781-01.dmp
2015-04-04 16:36 - 2015-04-04 18:04 - 06420600 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-03-31 23:35 - 2015-04-04 21:38 - 00000020 _____ () C:\Windows\capsys184523.log
2015-03-31 23:35 - 2015-04-04 21:38 - 00000000 ____D () C:\Action!
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\ProgramData\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2015-03-29 22:42 - 2015-03-29 22:42 - 00018318 _____ () C:\Users\Florian\Desktop\GunGame.jar
2015-03-29 00:20 - 2015-04-04 18:14 - 00000000 ____D () C:\Users\Florian\.VirtualBox
2015-03-29 00:19 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-03-29 00:19 - 2015-03-29 00:19 - 00001099 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-03-29 00:19 - 2015-03-29 00:19 - 00000000 ____D () C:\Program Files\Oracle
2015-03-29 00:19 - 2015-03-16 18:36 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-03-29 00:19 - 2015-03-16 18:35 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-03-29 00:14 - 2015-04-04 19:59 - 00000000 ____D () C:\Users\Florian\AppData\Local\Genymobile
2015-03-29 00:14 - 2015-03-29 00:14 - 00048879 _____ () C:\Users\Florian\genymotion-log.zip
2015-03-29 00:13 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-03-29 00:13 - 2015-03-29 00:13 - 00001004 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000999 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000000 ____D () C:\Program Files\Genymobile
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-03-28 23:24 - 2015-03-28 23:24 - 00001843 _____ () C:\Users\Public\Desktop\Apps.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00001826 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-03-28 18:16 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-03-28 15:53 - 2015-03-28 15:53 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-27 23:05 - 2015-03-27 23:05 - 00000433 _____ () C:\Users\Florian\Desktop\ERROR.txt
2015-03-27 13:07 - 2015-01-28 16:45 - 00037704 _____ (RealVNC Ltd) C:\Windows\system32\VNCpm.dll
2015-03-27 09:29 - 2015-03-27 09:29 - 00328928 _____ () C:\Windows\Minidump\032715-20078-01.dmp
2015-03-27 07:29 - 2015-03-27 07:29 - 00321056 _____ () C:\Windows\Minidump\032715-13656-01.dmp
2015-03-26 21:25 - 2015-03-26 21:25 - 00323472 _____ () C:\Windows\Minidump\032615-16156-01.dmp
2015-03-26 19:40 - 2015-03-26 19:40 - 00314112 _____ () C:\Windows\Minidump\032615-15593-01.dmp
2015-03-26 07:32 - 2015-03-26 07:32 - 00324456 _____ () C:\Windows\Minidump\032615-17656-01.dmp
2015-03-25 22:42 - 2015-03-25 22:42 - 00944913 _____ () C:\Users\Florian\Desktop\Swegen.rar
2015-03-25 19:39 - 2015-03-25 19:41 - 01673860 _____ (TeamExtreme) C:\Users\Florian\Desktop\Minecraft Cracked Launcher.jar
2015-03-25 19:32 - 2015-03-25 19:32 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-03-25 19:31 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-25 19:22 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-25 19:01 - 2015-03-25 19:01 - 00356976 _____ () C:\Windows\Minidump\032515-18578-01.dmp
2015-03-25 18:21 - 2015-03-25 18:21 - 00000000 ____D () C:\Dropbox
2015-03-25 17:56 - 2015-03-25 17:56 - 00079360 _____ () C:\Users\Florian\Desktop\XPloit.exe
2015-03-25 16:43 - 2015-03-25 16:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TeamViewer
2015-03-25 16:39 - 2015-03-25 17:33 - 00000000 ____D () C:\Users\Florian\Documents\Visual Studio 2013
2015-03-25 07:17 - 2015-03-25 07:17 - 00325112 _____ () C:\Windows\Minidump\032515-13453-01.dmp
2015-03-24 20:55 - 2015-03-24 20:55 - 00323576 _____ () C:\Windows\Minidump\032415-17734-01.dmp
2015-03-24 17:41 - 2015-04-05 12:15 - 00000000 ____D () C:\Users\Florian\Desktop\scripts
2015-03-24 07:42 - 2015-03-24 07:42 - 00331840 _____ () C:\Windows\Minidump\032415-15718-01.dmp
2015-03-23 19:30 - 2015-03-23 19:30 - 00335184 _____ () C:\Windows\Minidump\032315-16515-01.dmp
2015-03-23 19:03 - 2015-03-23 19:05 - 00000000 ____D () C:\Program Files (x86)\iPadian
2015-03-23 19:03 - 2015-03-23 19:03 - 00000998 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-03-23 16:33 - 2015-03-23 16:33 - 00315864 _____ () C:\Windows\Minidump\032315-21156-01.dmp
2015-03-23 16:15 - 2015-03-23 16:15 - 00329744 _____ () C:\Windows\Minidump\032315-34703-01.dmp
2015-03-23 14:42 - 2015-03-23 14:42 - 00312568 _____ () C:\Windows\Minidump\032315-20531-01.dmp
2015-03-22 20:56 - 2015-03-22 20:59 - 00007852 _____ () C:\Users\Florian\Desktop\ACPSCANNER.PY
2015-03-21 16:55 - 2011-03-13 16:38 - 00000000 ____D () C:\Users\Florian\Desktop\jbe
2015-03-21 14:54 - 2015-03-21 14:54 - 00056620 _____ () C:\Users\Florian\Desktop\ParticleText1.jar
2015-03-21 11:36 - 2015-03-21 11:36 - 00393630 _____ () C:\Users\Florian\Desktop\AnimatedMOTD.rar
2015-03-21 11:36 - 2015-03-20 21:52 - 00278762 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bukkit.jar
2015-03-21 11:36 - 2015-03-20 21:52 - 00172206 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bungee.jar
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2015-03-21 09:47 - 2015-03-21 09:47 - 00224720 _____ () C:\Users\Florian\ts3_recording_15_03_21_8_47_49.wav
2015-03-21 07:02 - 2015-03-31 19:48 - 00017374 _____ () C:\Windows\PFRO.log
2015-03-20 23:34 - 2015-04-04 22:00 - 00002244 ____H () C:\Users\Florian\Documents\Default.rdp
2015-03-20 23:31 - 2015-03-20 23:31 - 00006930 _____ () C:\Users\Florian\Documents\Nicknamer.src.zip
2015-03-20 23:31 - 2015-03-20 23:31 - 00000000 ____D () C:\Users\Florian\Documents\Nicknamer.src
2015-03-20 23:17 - 2015-03-20 23:19 - 00000000 ____D () C:\Program Files (x86)\BitTorrent Sync
2015-03-20 23:17 - 2015-03-20 23:17 - 00000000 ____D () C:\Users\Florian\Desktop\Leak
2015-03-20 23:11 - 2015-03-20 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00866720 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00788896 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00095648 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-20 22:59 - 2015-03-27 22:59 - 00000000 ____D () C:\Users\Florian\Documents\CyberLink
2015-03-20 22:58 - 2015-03-20 22:58 - 00000000 ____D () C:\ProgramData\Sun
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-20 22:23 - 2015-04-04 17:04 - 00000000 ____D () C:\Users\Florian\Desktop\eclipse
2015-03-20 22:15 - 2015-04-05 12:15 - 00000000 ____D () C:\Users\Florian\Desktop\jd-gui-0.3.6.windows
2015-03-20 22:02 - 2015-04-05 18:47 - 00012721 _____ () C:\Windows\setupact.log
2015-03-20 22:02 - 2015-03-20 22:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-20 21:50 - 2015-03-20 21:50 - 00081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\cmcm
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-03-19 20:34 - 2015-03-19 20:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-18 19:34 - 2015-04-05 12:29 - 00000000 ____D () C:\Windows\Minidump
2015-03-18 16:24 - 2015-03-28 15:53 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-03-17 16:40 - 2015-03-17 16:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\CyberLink
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2015-03-16 19:51 - 2015-03-16 19:51 - 00106928 _____ () C:\Users\Florian\Desktop\custom plugins.rar
2015-03-16 18:35 - 2015-03-16 18:35 - 00204264 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2015-03-16 18:35 - 2015-03-16 18:35 - 00156360 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2015-03-16 18:35 - 2015-03-16 18:35 - 00141440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2015-03-16 16:00 - 2015-03-16 16:00 - 00000197 _____ () C:\Windows\system32\2015-03-16-14-00-06.003-AvastVBoxSVC.exe-4076.log
2015-03-15 19:58 - 2015-03-15 19:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\luc4chat
2015-03-15 19:57 - 2015-03-15 19:57 - 00288768 _____ () C:\Users\Florian\Desktop\Luc4Chat v1.3.exe
2015-03-15 19:25 - 2015-03-15 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoonTools
2015-03-15 19:25 - 2015-03-15 19:25 - 00000000 ____D () C:\Program Files (x86)\MoonTools
2015-03-15 11:43 - 2015-03-15 11:44 - 00000197 _____ () C:\Windows\system32\2015-03-15-09-43-36.078-AvastVBoxSVC.exe-3228.log
2015-03-14 15:25 - 2015-03-14 15:25 - 00000197 _____ () C:\Windows\system32\2015-03-14-13-25-52.097-AvastVBoxSVC.exe-2716.log
2015-03-14 09:25 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-25-10.040-aswFe.exe-2604.log
2015-03-14 09:21 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-21-19.072-aswFe.exe-7436.log
2015-03-14 09:21 - 2015-03-14 09:21 - 00000197 _____ () C:\Windows\system32\2015-03-14-07-21-18.027-AvastVBoxSVC.exe-6180.log
2015-03-13 17:55 - 2015-03-13 17:56 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-55-54.001-AvastVBoxSVC.exe-2600.log
2015-03-13 17:12 - 2015-03-13 17:12 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-12-15.058-AvastVBoxSVC.exe-3992.log
2015-03-12 16:37 - 2015-03-12 16:37 - 00000197 _____ () C:\Windows\system32\2015-03-12-14-37-52.020-AvastVBoxSVC.exe-3516.log
2015-03-12 15:50 - 2015-03-12 15:50 - 00000197 _____ () C:\Windows\system32\2015-03-12-13-50-39.060-AvastVBoxSVC.exe-3712.log
2015-03-11 18:48 - 2015-03-11 18:48 - 00000197 _____ () C:\Windows\system32\2015-03-11-16-48-07.026-AvastVBoxSVC.exe-2716.log
2015-03-11 17:59 - 2015-03-11 17:59 - 00000197 _____ () C:\Windows\system32\2015-03-11-15-59-52.069-AvastVBoxSVC.exe-3536.log
2015-03-10 20:09 - 2015-03-10 20:09 - 00000197 _____ () C:\Windows\system32\2015-03-10-18-09-36.034-AvastVBoxSVC.exe-3044.log
2015-03-10 14:17 - 2015-03-10 14:17 - 00000197 _____ () C:\Windows\system32\2015-03-10-12-17-33.065-AvastVBoxSVC.exe-3140.log
2015-03-09 19:54 - 2015-03-09 19:54 - 00000197 _____ () C:\Windows\system32\2015-03-09-17-54-57.026-AvastVBoxSVC.exe-2532.log
2015-03-09 17:11 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\IsolatedStorage
2015-03-09 17:10 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Red Gate
2015-03-09 16:31 - 2015-03-09 16:31 - 00000197 _____ () C:\Windows\system32\2015-03-09-14-31-28.032-AvastVBoxSVC.exe-2676.log
2015-03-09 16:25 - 2015-03-09 16:25 - 00000000 _____ () C:\Windows\SysWOW64\RENEAE.tmp
2015-03-09 15:41 - 2015-03-09 15:42 - 00000197 _____ () C:\Windows\system32\2015-03-09-13-41-55.009-AvastVBoxSVC.exe-2816.log
2015-03-08 19:10 - 2015-03-08 19:10 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\LibreOffice
2015-03-08 08:36 - 2015-03-08 08:41 - 00000000 ____D () C:\Users\Matthis\AppData\Roaming\TS3Client
2015-03-06 16:40 - 2015-04-05 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2015-03-06 16:40 - 2015-03-19 16:05 - 00001816 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-06 16:37 - 2015-04-05 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2015-03-06 16:32 - 2015-03-06 16:32 - 00000000 ____D () C:\Users\Florian\Tracing
2015-03-06 15:56 - 2015-03-06 15:57 - 00000197 _____ () C:\Windows\system32\2015-03-06-13-56-56.022-AvastVBoxSVC.exe-2820.log

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 18:53 - 2015-01-01 11:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{23C4C847-DFE7-4B1C-BC07-57EF41478CF5}
2015-04-05 18:53 - 2014-04-02 14:32 - 01890242 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-05 18:53 - 2013-08-23 01:24 - 00806992 _____ () C:\Windows\system32\perfh007.dat
2015-04-05 18:53 - 2013-08-23 01:24 - 00177002 _____ () C:\Windows\system32\perfc007.dat
2015-04-05 18:52 - 2014-12-27 14:26 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1002
2015-04-05 18:50 - 2014-06-25 13:10 - 01491305 _____ () C:\Windows\WindowsUpdate.log
2015-04-05 18:49 - 2014-12-26 16:08 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-05 18:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-05 18:47 - 2014-12-26 16:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-05 18:47 - 2014-04-02 14:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-05 18:47 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-05 18:47 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-05 18:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-05 18:46 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-05 18:43 - 2014-12-26 18:35 - 00001666 _____ () C:\Windows\Sandboxie.ini
2015-04-05 18:43 - 2014-12-26 16:28 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2015-04-05 18:42 - 2015-03-05 13:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-05 18:42 - 2015-01-02 11:57 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2015-04-05 18:42 - 2014-12-26 19:51 - 00000000 __RDO () C:\Users\Florian\OneDrive
2015-04-05 13:59 - 2014-12-26 18:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2015-04-05 13:59 - 2014-12-26 16:24 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2015-04-05 13:58 - 2014-12-26 15:54 - 00000000 ____D () C:\Users\Florian
2015-04-05 13:56 - 2015-02-09 20:35 - 00000000 ____D () C:\Users\Florian\Desktop\Verison
2015-04-05 13:55 - 2015-01-09 15:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2015-04-05 13:52 - 2015-01-10 11:09 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2015-04-05 12:49 - 2014-12-26 16:07 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{57924B64-A7D9-4559-B436-2719A144580B}
2015-04-05 12:38 - 2015-01-05 15:28 - 00000000 ____D () C:\Users\Matthis\AppData\Roaming\.minecraft
2015-04-05 12:35 - 2014-12-29 11:09 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1003
2015-04-05 12:25 - 2014-12-26 15:59 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1001
2015-04-05 12:20 - 2015-03-05 10:49 - 00000000 ____D () C:\Users\Florian\AppData\Local\Dxtory Software
2015-04-05 12:20 - 2015-02-20 16:38 - 00000000 ____D () C:\Program Files (x86)\IPVanish
2015-04-05 12:20 - 2014-12-26 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-05 12:15 - 2015-01-24 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2015-04-05 12:15 - 2015-01-17 18:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-05 12:15 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Eclipse
2015-04-05 12:15 - 2014-04-02 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-05 12:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-05 12:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-04-05 12:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-05 11:56 - 2015-02-27 18:17 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-04 16:55 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\workspace
2015-04-04 16:36 - 2014-12-26 22:27 - 00000600 _____ () C:\Users\Florian\AppData\Local\PUTTY.RND
2015-04-04 14:53 - 2014-04-02 14:47 - 00001400 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 00:29 - 2015-01-31 17:37 - 00000000 ____D () C:\Users\Florian\.android
2015-03-28 23:24 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-28 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-28 15:53 - 2015-02-27 18:17 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-28 06:45 - 2015-02-21 18:52 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{609F7BC3-5603-4808-8DE8-6BBDD102A38E}
2015-03-28 05:44 - 2015-01-03 12:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-04-02 14:46 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2015-01-03 12:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-04-02 14:46 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 13:51 - 2014-12-26 17:13 - 00000000 ____D () C:\Fraps
2015-03-27 13:07 - 2015-01-24 13:58 - 00000000 ____D () C:\Program Files\RealVNC
2015-03-27 11:11 - 2015-02-07 22:57 - 00001966 _____ () C:\Users\Florian\Desktop\MC.txt
2015-03-27 09:29 - 2014-12-29 11:04 - 00000000 ____D () C:\Users\Matthis
2015-03-26 21:04 - 2015-01-04 21:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-23 18:25 - 2015-01-02 19:26 - 00000000 ____D () C:\Users\Florian\AppData\Local\Windows Live
2015-03-23 16:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-20 23:23 - 2014-12-26 21:16 - 00000000 ____D () C:\Program Files\Java
2015-03-20 23:23 - 2014-12-26 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-20 22:58 - 2014-12-26 16:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-20 21:51 - 2014-12-26 16:28 - 00000000 ____D () C:\ProgramData\Skype
2015-03-20 21:51 - 2014-04-03 00:23 - 00000000 ____D () C:\Windows\Panther
2015-03-20 17:40 - 2014-06-26 09:35 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 15:17 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert
2015-03-20 08:25 - 2013-08-22 16:44 - 05104232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-19 21:35 - 2014-06-26 09:36 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-18 16:26 - 2015-02-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-17 16:40 - 2015-01-12 20:09 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-03-17 16:36 - 2015-01-12 20:14 - 00000000 ____D () C:\Program Files\NewBlue
2015-03-17 16:36 - 2015-01-12 20:09 - 00000000 ____D () C:\Program Files\CyberLink
2015-03-17 16:36 - 2014-04-02 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-17 16:33 - 2014-04-02 14:26 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-03-17 14:06 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert\AppData\Local\Google
2015-03-14 09:17 - 2015-02-12 15:08 - 00000000 ____D () C:\AdwCleaner
2015-03-13 21:41 - 2015-01-03 12:40 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2014-04-02 14:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 15:10 - 2014-04-02 14:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-06 23:19 - 2015-02-19 16:32 - 00028500 _____ () C:\Users\Florian\Desktop\start.sh
2015-03-06 16:31 - 2014-12-26 16:28 - 00000000 ___RD () C:\Program Files (x86)\Skype

==================== Files in the root of some directories =======

2014-04-02 14:47 - 2014-04-02 14:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Florian\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Florian\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Florian\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 20:26

==================== End Of Log ============================

--- --- ---

Und die Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Robert at 2015-04-05 18:54:55
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
.NET Reflector Desktop (HKLM-x32\...\{3450CBDE-2AE7-4FB8-93E3-37995ADE4F13}) (Version: 8.5.0.179 - Red Gate Software Ltd)
.NET Reflector Visual Studio Extension 8.5 (HKLM-x32\...\{EF31CB34-7A2F-47EE-A45A-C3E547FB92A3}) (Version: 8.5.0.179 - Red Gate Software Ltd)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{BFDBC96A-C44F-4BE9-B671-54517F87A097}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
CMake 3.1.0, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.1.0) (Version: 3.1.0 - Kitware)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2104.0 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
Java(TM) 6 Update 41 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216041FF}) (Version: 6.0.410 - Oracle)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 with Update 4 (HKLM-x32\...\{dca572ee-b6f6-4560-9879-fec58cc0022c}) (Version: 12.0.31101 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
MoonTools Version 1.7 (HKLM-x32\...\{61946000-8054-4452-B5F9-719D35D899D8}_is1) (Version: 1.7 - DotExE)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenVPN 2.3.6-I001  (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python 3.4.3 (64-bit) (HKLM\...\{9529565F-E693-3F11-B3BF-8CD545F5F9A0}) (Version: 3.4.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd)
VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-03-2015 15:38:21 Installed Java SE Development Kit 7 Update 75 (64-bit)
18-03-2015 16:20:31 avast! antivirus system restore point
20-03-2015 22:25:40 Installed Java(TM) 6 Update 41
28-03-2015 15:52:51 avast! antivirus system restore point
05-04-2015 12:08:44 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B532CFC-CFDF-41F7-BCC5-721E20B08235} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {10A6F690-FF61-4306-BD83-2C6CB502AEAD} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {20CC6A02-1F66-4620-935B-37F98358FF07} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {41C94DA0-B7FB-4A13-8829-7AE01F013CF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {87DBC435-1E3E-4C52-BBF0-1E303F830702} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {C16DB48F-2B54-45DF-A953-7A232773CA21} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-florian.kemnitz@ewetel.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {CA0EFB09-12D8-4662-9551-FD9F2C61EFF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-28] (Avast Software s.r.o.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-02 14:45 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-26 15:40 - 2014-09-26 15:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-28 15:53 - 2015-03-28 15:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-05 12:44 - 2015-04-05 12:44 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040500\algo.dll
2015-04-04 14:53 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-03-18 16:24 - 2015-03-18 16:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-02 14:42 - 2014-02-26 09:59 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-16 11:15 - 2014-10-16 11:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Florian\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-349037752-829444022-2895315871-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.27 - 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-349037752-829444022-2895315871-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"

==================== Accounts: =============================

Administrator (S-1-5-21-349037752-829444022-2895315871-500 - Administrator - Disabled)
Florian (S-1-5-21-349037752-829444022-2895315871-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-349037752-829444022-2895315871-501 - Limited - Disabled)
Matthis (S-1-5-21-349037752-829444022-2895315871-1003 - Limited - Enabled) => C:\Users\Matthis
Robert (S-1-5-21-349037752-829444022-2895315871-1002 - Administrator - Enabled) => C:\Users\Robert

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2015 06:48:17 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT-AUTORITÄT)
Description: There was an error communicating to the Orion DCS server

Error: (04/05/2015 06:47:02 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 06:44:18 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 01:52:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: python.exe, Version: 0.0.0.0, Zeitstempel: 0x54ecf0ca
Name des fehlerhaften Moduls: tk86t.dll, Version: 8.6.2.0, Zeitstempel: 0x529241fc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000cc77b
ID des fehlerhaften Prozesses: 0x10a4
Startzeit der fehlerhaften Anwendung: 0xpython.exe0
Pfad der fehlerhaften Anwendung: python.exe1
Pfad des fehlerhaften Moduls: python.exe2
Berichtskennung: python.exe3
Vollständiger Name des fehlerhaften Pakets: python.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: python.exe5

Error: (04/05/2015 00:16:46 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (avast! antivirus system restore point). Zusätzliche Informationen: 0x80070005.

Error: (04/05/2015 11:56:13 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 08:50:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/04/2015 07:37:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (04/04/2015 07:23:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/04/2015 07:22:28 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]


System errors:
=============
Error: (04/05/2015 06:48:04 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 06:42:35 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 00:42:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎04.‎2015 um 12:29:38 unerwartet heruntergefahren.

Error: (04/05/2015 00:37:01 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 00:30:29 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 00:29:52 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007f (0x0000000000000008, 0xffffd0017e808130, 0xffffd0018138a000, 0xfffff8004b8abbd8)C:\Windows\MEMORY.DMP040515-25781-01

Error: (04/05/2015 00:29:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎04.‎2015 um 12:16:27 unerwartet heruntergefahren.

Error: (04/05/2015 00:25:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 00:17:07 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/05/2015 00:04:01 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.27 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A2-B1-6D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (04/05/2015 06:48:17 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT-AUTORITÄT)
Description: -2147012889

Error: (04/05/2015 06:47:02 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 06:44:18 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 01:52:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: python.exe0.0.0.054ecf0catk86t.dll8.6.2.0529241fcc000000500000000000cc77b10a401d06f9628c5aefbC:\Python34\python.exeC:\Python34\DLLs\tk86t.dll429678f7-db8a-11e4-82ce-448a5b822d03

Error: (04/05/2015 00:16:46 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: avast! antivirus system restore point0x80070005

Error: (04/05/2015 11:56:13 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/05/2015 08:50:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/04/2015 07:37:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (04/04/2015 07:23:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/04/2015 07:22:28 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]


CodeIntegrity Errors:
===================================
  Date: 2015-03-28 23:02:09.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 23:02:09.696
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:20.056
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.901
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.616
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.498
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.384
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.243
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-28 20:45:19.093
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 25%
Total physical RAM: 8134.25 MB
Available physical RAM: 6036.77 MB
Total Pagefile: 16326.25 MB
Available Pagefile: 13699.07 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:102.02 GB) (Free:11.76 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:911.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 117.4 GB) (Disk ID: E5E8230C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1D911FED)

Partition: GPT Partition Type.

==================== End Of Log ============================

Ich würde mich über eine schnelle Antwort freuen

Liebe Grüße
- Florian

Malwarebytes Scan:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.04.2015
Suchlauf-Zeit: 18:53:35
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.04.05.01
Rootkit Datenbank: v2015.03.31.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Robert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 475103
Verstrichene Zeit: 9 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

schrauber · 05.04.2015, 18:48

hi,

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

PhesmanLP · 05.04.2015, 21:31

AdwCleaner.txt:

Code:

ATTFilter

# AdwCleaner v4.200 - Bericht erstellt 05/04/2015 um 19:51:56
# Aktualisiert 29/03/2015 von Xplode
# Datenbank : 2015-03-29.1 [Lokal]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Robert - GAMERPC
# Gestarted von : C:\Users\Robert\Desktop\AdwCleaner_4.200.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoonTools
Ordner Gelöscht : C:\Program Files (x86)\MoonTools
Datei Gelöscht : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.trovit.de_0.localstorage
Datei Gelöscht : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.trovit.de_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{61946000-8054-4452-B5F9-719D35D899D8}_is1

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [1456 Bytes] - [12/02/2015 15:08:04]
AdwCleaner[R1].txt - [1357 Bytes] - [14/03/2015 09:14:55]
AdwCleaner[R2].txt - [1523 Bytes] - [05/04/2015 19:50:46]
AdwCleaner[S0].txt - [1517 Bytes] - [12/02/2015 15:09:04]
AdwCleaner[S1].txt - [1418 Bytes] - [14/03/2015 09:17:06]
AdwCleaner[S2].txt - [1443 Bytes] - [05/04/2015 19:51:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1502  Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.1 (04.02.2015:1)
OS: Windows 8.1 x64
Ran by Robert on 05.04.2015 at 19:53:23,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.04.2015 at 20:00:15,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST64:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Robert (administrator) on GAMERPC on 05-04-2015 20:00:36
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert (Available profiles: Florian & Robert & Matthis)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Thisisu) C:\Users\Robert\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1002 -> {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-28] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Visual Basic\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
Tcpip\..\Interfaces\{097A13CA-7B61-473E-84C3-3B048D361D21}: [NameServer] 192.168.178.27,192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-01]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-01]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-01]
CHR Extension: (Google Search) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-01]
CHR Extension: (Google Sheets) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-01]
CHR Extension: (Avast Online Security) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-01]
CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-28] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-28] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-18] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-26] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-28] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-28] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-28] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-28] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-03-20] (Kingsoft Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-26] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-18] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2013-12-11] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 20:00 - 2015-04-05 20:00 - 00000615 _____ () C:\Users\Robert\Desktop\JRT.txt
2015-04-05 19:53 - 2015-04-05 19:53 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-GAMERPC-Windows-8.1-(64-bit).dat
2015-04-05 19:53 - 2015-04-05 19:53 - 00000000 ____D () C:\RegBackup
2015-04-05 19:51 - 2015-04-05 19:51 - 02690981 _____ (Thisisu) C:\Users\Robert\Desktop\JRT.exe
2015-04-05 19:50 - 2015-04-05 19:51 - 02690981 _____ (Thisisu) C:\Users\Robert\Downloads\JRT.exe
2015-04-05 19:50 - 2015-04-05 19:50 - 02208768 _____ () C:\Users\Robert\Downloads\AdwCleaner_4.200.exe
2015-04-05 19:50 - 2015-04-05 19:50 - 02208768 _____ () C:\Users\Robert\Desktop\AdwCleaner_4.200.exe
2015-04-05 19:12 - 2015-04-05 19:11 - 05617096 _____ (Swearware) C:\Users\Robert\Desktop\ComboFix.exe
2015-04-05 19:10 - 2015-04-05 19:11 - 05617096 _____ (Swearware) C:\Users\Robert\Downloads\ComboFix.exe
2015-04-05 19:04 - 2015-04-05 19:04 - 00000000 ____D () C:\Users\Robert\AppData\Local\CrashDumps
2015-04-05 18:54 - 2015-04-05 20:00 - 00020738 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-04-05 18:54 - 2015-04-05 20:00 - 00000000 ____D () C:\FRST
2015-04-05 18:54 - 2015-04-05 18:55 - 00036755 _____ () C:\Users\Robert\Desktop\Addition.txt
2015-04-05 18:54 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-04-05 18:53 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2015-04-05 13:58 - 2015-04-05 13:58 - 00000000 ____D () C:\Users\Florian\.idlerc
2015-04-05 13:56 - 2015-04-05 13:57 - 00000653 _____ () C:\Users\Florian\Desktop\server.properties
2015-04-05 13:46 - 2015-04-05 13:46 - 00000061 _____ () C:\Users\Florian\Desktop\spam.txt
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Local\pip
2015-04-05 13:45 - 2015-04-05 13:46 - 00000000 ____D () C:\Python34
2015-04-05 13:43 - 2015-04-05 13:45 - 25550848 _____ () C:\Users\Florian\Downloads\python-3.4.3.amd64.msi
2015-04-05 13:41 - 2015-04-05 13:58 - 00005775 _____ () C:\Users\Florian\Desktop\Pwnage.py
2015-04-05 12:46 - 2015-01-23 09:18 - 22290560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-05 12:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 19731312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-05 12:45 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-05 12:45 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-05 12:29 - 2015-04-05 12:29 - 00316976 _____ () C:\Windows\Minidump\040515-25781-01.dmp
2015-04-04 16:36 - 2015-04-04 18:04 - 06420600 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-03-31 23:35 - 2015-04-04 21:38 - 00000020 _____ () C:\Windows\capsys184523.log
2015-03-31 23:35 - 2015-04-04 21:38 - 00000000 ____D () C:\Action!
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\ProgramData\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2015-03-29 22:42 - 2015-03-29 22:42 - 00018318 _____ () C:\Users\Florian\Desktop\GunGame.jar
2015-03-29 00:20 - 2015-04-04 18:14 - 00000000 ____D () C:\Users\Florian\.VirtualBox
2015-03-29 00:19 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-03-29 00:19 - 2015-03-29 00:19 - 00001099 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-03-29 00:19 - 2015-03-29 00:19 - 00000000 ____D () C:\Program Files\Oracle
2015-03-29 00:19 - 2015-03-16 18:36 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-03-29 00:19 - 2015-03-16 18:35 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-03-29 00:14 - 2015-04-04 19:59 - 00000000 ____D () C:\Users\Florian\AppData\Local\Genymobile
2015-03-29 00:14 - 2015-03-29 00:14 - 00048879 _____ () C:\Users\Florian\genymotion-log.zip
2015-03-29 00:13 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-03-29 00:13 - 2015-03-29 00:13 - 00001004 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000999 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000000 ____D () C:\Program Files\Genymobile
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-03-28 23:24 - 2015-03-28 23:24 - 00001843 _____ () C:\Users\Public\Desktop\Apps.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00001826 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-03-28 18:16 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-03-28 15:53 - 2015-03-28 15:53 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-27 23:05 - 2015-03-27 23:05 - 00000433 _____ () C:\Users\Florian\Desktop\ERROR.txt
2015-03-27 13:07 - 2015-01-28 16:45 - 00037704 _____ (RealVNC Ltd) C:\Windows\system32\VNCpm.dll
2015-03-27 09:29 - 2015-03-27 09:29 - 00328928 _____ () C:\Windows\Minidump\032715-20078-01.dmp
2015-03-27 07:29 - 2015-03-27 07:29 - 00321056 _____ () C:\Windows\Minidump\032715-13656-01.dmp
2015-03-26 21:25 - 2015-03-26 21:25 - 00323472 _____ () C:\Windows\Minidump\032615-16156-01.dmp
2015-03-26 19:40 - 2015-03-26 19:40 - 00314112 _____ () C:\Windows\Minidump\032615-15593-01.dmp
2015-03-26 07:32 - 2015-03-26 07:32 - 00324456 _____ () C:\Windows\Minidump\032615-17656-01.dmp
2015-03-25 22:42 - 2015-03-25 22:42 - 00944913 _____ () C:\Users\Florian\Desktop\Swegen.rar
2015-03-25 19:39 - 2015-03-25 19:41 - 01673860 _____ (TeamExtreme) C:\Users\Florian\Desktop\Minecraft Cracked Launcher.jar
2015-03-25 19:32 - 2015-03-25 19:32 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-03-25 19:31 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-25 19:22 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-25 19:01 - 2015-03-25 19:01 - 00356976 _____ () C:\Windows\Minidump\032515-18578-01.dmp
2015-03-25 18:21 - 2015-03-25 18:21 - 00000000 ____D () C:\Dropbox
2015-03-25 17:56 - 2015-03-25 17:56 - 00079360 _____ () C:\Users\Florian\Desktop\XPloit.exe
2015-03-25 16:43 - 2015-03-25 16:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TeamViewer
2015-03-25 16:39 - 2015-03-25 17:33 - 00000000 ____D () C:\Users\Florian\Documents\Visual Studio 2013
2015-03-25 07:17 - 2015-03-25 07:17 - 00325112 _____ () C:\Windows\Minidump\032515-13453-01.dmp
2015-03-24 20:55 - 2015-03-24 20:55 - 00323576 _____ () C:\Windows\Minidump\032415-17734-01.dmp
2015-03-24 17:41 - 2015-04-05 12:15 - 00000000 ____D () C:\Users\Florian\Desktop\scripts
2015-03-24 07:42 - 2015-03-24 07:42 - 00331840 _____ () C:\Windows\Minidump\032415-15718-01.dmp
2015-03-23 19:30 - 2015-03-23 19:30 - 00335184 _____ () C:\Windows\Minidump\032315-16515-01.dmp
2015-03-23 19:03 - 2015-03-23 19:05 - 00000000 ____D () C:\Program Files (x86)\iPadian
2015-03-23 19:03 - 2015-03-23 19:03 - 00000998 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-03-23 16:33 - 2015-03-23 16:33 - 00315864 _____ () C:\Windows\Minidump\032315-21156-01.dmp
2015-03-23 16:15 - 2015-03-23 16:15 - 00329744 _____ () C:\Windows\Minidump\032315-34703-01.dmp
2015-03-23 14:42 - 2015-03-23 14:42 - 00312568 _____ () C:\Windows\Minidump\032315-20531-01.dmp
2015-03-22 20:56 - 2015-03-22 20:59 - 00007852 _____ () C:\Users\Florian\Desktop\ACPSCANNER.PY
2015-03-21 16:55 - 2011-03-13 16:38 - 00000000 ____D () C:\Users\Florian\Desktop\jbe
2015-03-21 14:54 - 2015-03-21 14:54 - 00056620 _____ () C:\Users\Florian\Desktop\ParticleText1.jar
2015-03-21 11:36 - 2015-03-21 11:36 - 00393630 _____ () C:\Users\Florian\Desktop\AnimatedMOTD.rar
2015-03-21 11:36 - 2015-03-20 21:52 - 00278762 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bukkit.jar
2015-03-21 11:36 - 2015-03-20 21:52 - 00172206 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bungee.jar
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2015-03-21 09:47 - 2015-03-21 09:47 - 00224720 _____ () C:\Users\Florian\ts3_recording_15_03_21_8_47_49.wav
2015-03-21 07:02 - 2015-03-31 19:48 - 00017374 _____ () C:\Windows\PFRO.log
2015-03-20 23:34 - 2015-04-04 22:00 - 00002244 ____H () C:\Users\Florian\Documents\Default.rdp
2015-03-20 23:31 - 2015-03-20 23:31 - 00006930 _____ () C:\Users\Florian\Documents\Nicknamer.src.zip
2015-03-20 23:31 - 2015-03-20 23:31 - 00000000 ____D () C:\Users\Florian\Documents\Nicknamer.src
2015-03-20 23:17 - 2015-03-20 23:19 - 00000000 ____D () C:\Program Files (x86)\BitTorrent Sync
2015-03-20 23:17 - 2015-03-20 23:17 - 00000000 ____D () C:\Users\Florian\Desktop\Leak
2015-03-20 23:11 - 2015-03-20 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00866720 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00788896 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00095648 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-20 22:59 - 2015-03-27 22:59 - 00000000 ____D () C:\Users\Florian\Documents\CyberLink
2015-03-20 22:58 - 2015-03-20 22:58 - 00000000 ____D () C:\ProgramData\Sun
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-20 22:23 - 2015-04-04 17:04 - 00000000 ____D () C:\Users\Florian\Desktop\eclipse
2015-03-20 22:15 - 2015-04-05 12:15 - 00000000 ____D () C:\Users\Florian\Desktop\jd-gui-0.3.6.windows
2015-03-20 22:02 - 2015-04-05 19:52 - 00013069 _____ () C:\Windows\setupact.log
2015-03-20 22:02 - 2015-03-20 22:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-20 21:50 - 2015-03-20 21:50 - 00081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\cmcm
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-03-19 20:34 - 2015-03-19 20:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-18 19:34 - 2015-04-05 12:29 - 00000000 ____D () C:\Windows\Minidump
2015-03-18 16:24 - 2015-03-28 15:53 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-03-17 16:40 - 2015-03-17 16:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\CyberLink
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2015-03-16 19:51 - 2015-03-16 19:51 - 00106928 _____ () C:\Users\Florian\Desktop\custom plugins.rar
2015-03-16 18:35 - 2015-03-16 18:35 - 00204264 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2015-03-16 18:35 - 2015-03-16 18:35 - 00156360 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2015-03-16 18:35 - 2015-03-16 18:35 - 00141440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2015-03-16 16:00 - 2015-03-16 16:00 - 00000197 _____ () C:\Windows\system32\2015-03-16-14-00-06.003-AvastVBoxSVC.exe-4076.log
2015-03-15 19:58 - 2015-03-15 19:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\luc4chat
2015-03-15 19:57 - 2015-03-15 19:57 - 00288768 _____ () C:\Users\Florian\Desktop\Luc4Chat v1.3.exe
2015-03-15 11:43 - 2015-03-15 11:44 - 00000197 _____ () C:\Windows\system32\2015-03-15-09-43-36.078-AvastVBoxSVC.exe-3228.log
2015-03-14 15:25 - 2015-03-14 15:25 - 00000197 _____ () C:\Windows\system32\2015-03-14-13-25-52.097-AvastVBoxSVC.exe-2716.log
2015-03-14 09:25 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-25-10.040-aswFe.exe-2604.log
2015-03-14 09:21 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-21-19.072-aswFe.exe-7436.log
2015-03-14 09:21 - 2015-03-14 09:21 - 00000197 _____ () C:\Windows\system32\2015-03-14-07-21-18.027-AvastVBoxSVC.exe-6180.log
2015-03-13 17:55 - 2015-03-13 17:56 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-55-54.001-AvastVBoxSVC.exe-2600.log
2015-03-13 17:12 - 2015-03-13 17:12 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-12-15.058-AvastVBoxSVC.exe-3992.log
2015-03-12 16:37 - 2015-03-12 16:37 - 00000197 _____ () C:\Windows\system32\2015-03-12-14-37-52.020-AvastVBoxSVC.exe-3516.log
2015-03-12 15:50 - 2015-03-12 15:50 - 00000197 _____ () C:\Windows\system32\2015-03-12-13-50-39.060-AvastVBoxSVC.exe-3712.log
2015-03-11 18:48 - 2015-03-11 18:48 - 00000197 _____ () C:\Windows\system32\2015-03-11-16-48-07.026-AvastVBoxSVC.exe-2716.log
2015-03-11 17:59 - 2015-03-11 17:59 - 00000197 _____ () C:\Windows\system32\2015-03-11-15-59-52.069-AvastVBoxSVC.exe-3536.log
2015-03-10 20:09 - 2015-03-10 20:09 - 00000197 _____ () C:\Windows\system32\2015-03-10-18-09-36.034-AvastVBoxSVC.exe-3044.log
2015-03-10 14:17 - 2015-03-10 14:17 - 00000197 _____ () C:\Windows\system32\2015-03-10-12-17-33.065-AvastVBoxSVC.exe-3140.log
2015-03-09 19:54 - 2015-03-09 19:54 - 00000197 _____ () C:\Windows\system32\2015-03-09-17-54-57.026-AvastVBoxSVC.exe-2532.log
2015-03-09 17:11 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\IsolatedStorage
2015-03-09 17:10 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Red Gate
2015-03-09 16:31 - 2015-03-09 16:31 - 00000197 _____ () C:\Windows\system32\2015-03-09-14-31-28.032-AvastVBoxSVC.exe-2676.log
2015-03-09 16:25 - 2015-03-09 16:25 - 00000000 _____ () C:\Windows\SysWOW64\RENEAE.tmp
2015-03-09 15:41 - 2015-03-09 15:42 - 00000197 _____ () C:\Windows\system32\2015-03-09-13-41-55.009-AvastVBoxSVC.exe-2816.log
2015-03-08 19:10 - 2015-03-08 19:10 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\LibreOffice
2015-03-08 08:36 - 2015-03-08 08:41 - 00000000 ____D () C:\Users\Matthis\AppData\Roaming\TS3Client
2015-03-06 16:40 - 2015-04-05 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2015-03-06 16:40 - 2015-03-19 16:05 - 00001816 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-06 16:37 - 2015-04-05 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2015-03-06 16:32 - 2015-03-06 16:32 - 00000000 ____D () C:\Users\Florian\Tracing
2015-03-06 15:56 - 2015-03-06 15:57 - 00000197 _____ () C:\Windows\system32\2015-03-06-13-56-56.022-AvastVBoxSVC.exe-2820.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-05 19:59 - 2014-04-02 14:32 - 01890242 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-05 19:59 - 2013-08-23 01:24 - 00806992 _____ () C:\Windows\system32\perfh007.dat
2015-04-05 19:59 - 2013-08-23 01:24 - 00177002 _____ () C:\Windows\system32\perfc007.dat
2015-04-05 19:52 - 2015-02-12 15:08 - 00000000 ____D () C:\AdwCleaner
2015-04-05 19:52 - 2014-12-26 16:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-05 19:52 - 2014-12-26 16:08 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-05 19:52 - 2014-04-02 14:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-05 19:52 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-05 19:40 - 2015-01-01 11:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{23C4C847-DFE7-4B1C-BC07-57EF41478CF5}
2015-04-05 19:09 - 2014-06-25 13:10 - 01669002 _____ () C:\Windows\WindowsUpdate.log
2015-04-05 18:52 - 2014-12-27 14:26 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1002
2015-04-05 18:47 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-05 18:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-05 18:46 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-05 18:43 - 2014-12-26 18:35 - 00001666 _____ () C:\Windows\Sandboxie.ini
2015-04-05 18:43 - 2014-12-26 16:28 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2015-04-05 18:42 - 2015-03-05 13:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-05 18:42 - 2015-01-02 11:57 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2015-04-05 18:42 - 2014-12-26 19:51 - 00000000 __RDO () C:\Users\Florian\OneDrive
2015-04-05 13:59 - 2014-12-26 18:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2015-04-05 13:59 - 2014-12-26 16:24 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2015-04-05 13:58 - 2014-12-26 15:54 - 00000000 ____D () C:\Users\Florian
2015-04-05 13:56 - 2015-02-09 20:35 - 00000000 ____D () C:\Users\Florian\Desktop\Verison
2015-04-05 13:55 - 2015-01-09 15:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2015-04-05 13:52 - 2015-01-10 11:09 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2015-04-05 12:49 - 2014-12-26 16:07 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{57924B64-A7D9-4559-B436-2719A144580B}
2015-04-05 12:38 - 2015-01-05 15:28 - 00000000 ____D () C:\Users\Matthis\AppData\Roaming\.minecraft
2015-04-05 12:35 - 2014-12-29 11:09 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1003
2015-04-05 12:25 - 2014-12-26 15:59 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1001
2015-04-05 12:20 - 2015-03-05 10:49 - 00000000 ____D () C:\Users\Florian\AppData\Local\Dxtory Software
2015-04-05 12:20 - 2015-02-20 16:38 - 00000000 ____D () C:\Program Files (x86)\IPVanish
2015-04-05 12:20 - 2014-12-26 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-05 12:15 - 2015-01-24 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2015-04-05 12:15 - 2015-01-17 18:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-05 12:15 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Eclipse
2015-04-05 12:15 - 2014-04-02 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-05 12:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-05 12:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-04-05 12:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-05 11:56 - 2015-02-27 18:17 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-04 16:55 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\workspace
2015-04-04 16:36 - 2014-12-26 22:27 - 00000600 _____ () C:\Users\Florian\AppData\Local\PUTTY.RND
2015-04-04 14:53 - 2014-04-02 14:47 - 00001400 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 00:29 - 2015-01-31 17:37 - 00000000 ____D () C:\Users\Florian\.android
2015-03-28 23:24 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-28 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-28 15:53 - 2015-02-27 18:17 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-28 06:45 - 2015-02-21 18:52 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{609F7BC3-5603-4808-8DE8-6BBDD102A38E}
2015-03-28 05:44 - 2015-01-03 12:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-04-02 14:46 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2015-01-03 12:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-04-02 14:46 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 13:51 - 2014-12-26 17:13 - 00000000 ____D () C:\Fraps
2015-03-27 13:07 - 2015-01-24 13:58 - 00000000 ____D () C:\Program Files\RealVNC
2015-03-27 11:11 - 2015-02-07 22:57 - 00001966 _____ () C:\Users\Florian\Desktop\MC.txt
2015-03-27 09:29 - 2014-12-29 11:04 - 00000000 ____D () C:\Users\Matthis
2015-03-26 21:04 - 2015-01-04 21:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-23 18:25 - 2015-01-02 19:26 - 00000000 ____D () C:\Users\Florian\AppData\Local\Windows Live
2015-03-23 16:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-20 23:23 - 2014-12-26 21:16 - 00000000 ____D () C:\Program Files\Java
2015-03-20 23:23 - 2014-12-26 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-20 22:58 - 2014-12-26 16:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-20 21:51 - 2014-12-26 16:28 - 00000000 ____D () C:\ProgramData\Skype
2015-03-20 21:51 - 2014-04-03 00:23 - 00000000 ____D () C:\Windows\Panther
2015-03-20 17:40 - 2014-06-26 09:35 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 15:17 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert
2015-03-20 08:25 - 2013-08-22 16:44 - 05104232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-19 21:35 - 2014-06-26 09:36 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-18 16:26 - 2015-02-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-17 16:40 - 2015-01-12 20:09 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-03-17 16:36 - 2015-01-12 20:14 - 00000000 ____D () C:\Program Files\NewBlue
2015-03-17 16:36 - 2015-01-12 20:09 - 00000000 ____D () C:\Program Files\CyberLink
2015-03-17 16:36 - 2014-04-02 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-17 16:33 - 2014-04-02 14:26 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-03-17 14:06 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert\AppData\Local\Google
2015-03-13 21:41 - 2015-01-03 12:40 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2014-04-02 14:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 15:10 - 2014-04-02 14:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-06 23:19 - 2015-02-19 16:32 - 00028500 _____ () C:\Users\Florian\Desktop\start.sh
2015-03-06 16:31 - 2014-12-26 16:28 - 00000000 ___RD () C:\Program Files (x86)\Skype

==================== Files in the root of some directories =======

2014-04-02 14:47 - 2014-04-02 14:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Florian\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Florian\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Florian\AppData\Local\Temp\nvStInst.exe
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 20:26

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Robert at 2015-04-05 20:02:34
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
.NET Reflector Desktop (HKLM-x32\...\{3450CBDE-2AE7-4FB8-93E3-37995ADE4F13}) (Version: 8.5.0.179 - Red Gate Software Ltd)
.NET Reflector Visual Studio Extension 8.5 (HKLM-x32\...\{EF31CB34-7A2F-47EE-A45A-C3E547FB92A3}) (Version: 8.5.0.179 - Red Gate Software Ltd)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{BFDBC96A-C44F-4BE9-B671-54517F87A097}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
CMake 3.1.0, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.1.0) (Version: 3.1.0 - Kitware)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2104.0 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
Java(TM) 6 Update 41 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216041FF}) (Version: 6.0.410 - Oracle)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 with Update 4 (HKLM-x32\...\{dca572ee-b6f6-4560-9879-fec58cc0022c}) (Version: 12.0.31101 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenVPN 2.3.6-I001  (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python 3.4.3 (64-bit) (HKLM\...\{9529565F-E693-3F11-B3BF-8CD545F5F9A0}) (Version: 3.4.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd)
VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-03-2015 15:38:21 Installed Java SE Development Kit 7 Update 75 (64-bit)
18-03-2015 16:20:31 avast! antivirus system restore point
20-03-2015 22:25:40 Installed Java(TM) 6 Update 41
28-03-2015 15:52:51 avast! antivirus system restore point
05-04-2015 12:08:44 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B532CFC-CFDF-41F7-BCC5-721E20B08235} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {10A6F690-FF61-4306-BD83-2C6CB502AEAD} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {20CC6A02-1F66-4620-935B-37F98358FF07} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {41C94DA0-B7FB-4A13-8829-7AE01F013CF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {87DBC435-1E3E-4C52-BBF0-1E303F830702} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {C16DB48F-2B54-45DF-A953-7A232773CA21} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-florian.kemnitz@ewetel.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {CA0EFB09-12D8-4662-9551-FD9F2C61EFF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-28] (Avast Software s.r.o.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-02 14:45 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-26 15:40 - 2014-09-26 15:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-28 15:53 - 2015-03-28 15:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-28 15:53 - 2015-03-28 15:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-05 12:44 - 2015-04-05 12:44 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040500\algo.dll
2015-04-04 14:53 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-03-18 16:24 - 2015-03-18 16:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-02 14:42 - 2014-02-26 09:59 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-16 11:15 - 2014-10-16 11:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 09:44 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Florian\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-349037752-829444022-2895315871-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.27 - 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"

==================== Accounts: =============================

Administrator (S-1-5-21-349037752-829444022-2895315871-500 - Administrator - Disabled)
Florian (S-1-5-21-349037752-829444022-2895315871-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-349037752-829444022-2895315871-501 - Limited - Disabled)
Matthis (S-1-5-21-349037752-829444022-2895315871-1003 - Limited - Enabled) => C:\Users\Matthis
Robert (S-1-5-21-349037752-829444022-2895315871-1002 - Administrator - Enabled) => C:\Users\Robert

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/05/2015 08:02:14 PM) (Source: DCOM) (EventID: 10010) (User: GamerPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/05/2015 08:01:44 PM) (Source: DCOM) (EventID: 10010) (User: GamerPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/05/2015 08:01:14 PM) (Source: DCOM) (EventID: 10010) (User: GamerPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 23%
Total physical RAM: 8134.25 MB
Available physical RAM: 6187.41 MB
Total Pagefile: 16326.25 MB
Available Pagefile: 14005.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:102.02 GB) (Free:11.49 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:911.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 117.4 GB) (Disk ID: E5E8230C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1D911FED)

Partition: GPT Partition Type.

==================== End Of Log ============================

Hallo schrauber,
ich habe per cmd "ipconfig -flushdns" eingegeben,
um den DNS Cache einmal zu leeren.
Komisch, denn es geht nun?

schrauber · 06.04.2015, 13:46

Is normal, aber das umgeht das nur.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Tcpip\..\Interfaces\{097A13CA-7B61-473E-84C3-3B048D361D21}: [NameServer] 192.168.178.27,192.168.178.1
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

PhesmanLP · 08.04.2015, 16:06

Fixlog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Florian at 2015-04-08 15:53:55 Run:1
Running from C:\Users\Florian\Desktop
Loaded Profiles: Florian (Available profiles: Florian & Robert & Matthis)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Tcpip\..\Interfaces\{097A13CA-7B61-473E-84C3-3B048D361D21}: [NameServer] 192.168.178.27,192.168.178.1
Emptytemp:
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{097A13CA-7B61-473E-84C3-3B048D361D21}\\NameServer => value deleted successfully.
EmptyTemp: => Removed 2.1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 15:54:43 ====

checkup.txt:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.99  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 41  
 Java 7 Update 21  
 Java SE Development Kit 7 Update 75 
 Visual Studio Extensions for Windows Library for JavaScript 
 Java version 32-bit out of Date! 
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.118) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

ESET Log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9480490bbcccc24aae4f819df84e2bf4
# engine=23286
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-08 02:37:44
# local_time=2015-04-08 04:37:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 2558 3453639 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 274952 18808183 0 0
# scanned=397860
# found=0
# cleaned=0
# scan_time=2220

schrauber · 08.04.2015, 19:10

Und der Rest?

PhesmanLP · 08.04.2015, 19:20

Tut mir leid, schrauber..

FRST.txt:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Florian (administrator) on GAMERPC on 08-04-2015 20:18:45
Running from C:\Users\Florian\Desktop
Loaded Profiles: Florian (Available profiles: Florian & Robert & Matthis)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1330944 2015-01-29] (Bogdan Sharkov)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [Spotify Web Helper] => C:\Users\Florian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-19] (Spotify Ltd)
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Run: [Spotify] => C:\Users\Florian\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-19] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-349037752-829444022-2895315871-1001 -> {46DDD9D6-040C-4960-9327-CD651D9D6285} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-28] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Visual Basic\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-20] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-03-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-27]

Chrome: 
=======
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (Google Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Google Search) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (iMacros for Chrome) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2015-03-23]
CHR Extension: (Google Sheets) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (Gyazo) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2015-01-05]
CHR Extension: (Avast Online Security) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
CHR Extension: (ScriptSafe) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-02-01]
CHR Extension: (Gmail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-28] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-18] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-26] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-28] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-03-20] (Kingsoft Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-26] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-18] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2013-12-11] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 20:18 - 2015-04-08 20:18 - 00022452 _____ () C:\Users\Florian\Desktop\FRST.txt
2015-04-08 16:28 - 2015-04-08 16:28 - 00031328 _____ () C:\Users\Florian\Downloads\Corpses.jar
2015-04-08 15:58 - 2015-04-08 15:58 - 00852607 _____ () C:\Users\Florian\Downloads\SecurityCheck.exe
2015-04-08 15:58 - 2015-04-08 15:58 - 00852607 _____ () C:\Users\Florian\Desktop\SecurityCheck.exe
2015-04-08 15:57 - 2015-04-08 15:57 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2015-04-08 15:53 - 2015-04-08 15:53 - 02095616 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2015-04-08 15:53 - 2015-04-08 15:53 - 02095616 _____ (Farbar) C:\Users\Florian\Desktop\FRST64.exe
2015-04-08 15:00 - 2015-04-08 15:00 - 00050854 _____ () C:\Users\Florian\Downloads\WorldGuard_Custom_Flags.zip
2015-04-08 14:55 - 2015-04-08 14:56 - 00007092 _____ () C:\Users\Florian\Downloads\WGRegionCommands (1).jar
2015-04-08 14:41 - 2015-04-08 14:41 - 00007092 _____ () C:\Users\Florian\Downloads\WGRegionCommands.jar
2015-04-08 14:41 - 2015-04-08 14:41 - 00004129 _____ () C:\Users\Florian\Downloads\OITC.sk
2015-04-08 14:25 - 2015-04-08 14:25 - 00019942 _____ () C:\Users\Florian\Desktop\2015-04-05-1.log.gz
2015-04-08 14:25 - 2015-04-08 14:25 - 00011043 _____ () C:\Users\Florian\Desktop\2015-04-08-1.log.gz
2015-04-07 21:17 - 2015-04-07 21:17 - 00029575 _____ () C:\Users\Florian\Desktop\GunGame2.jar
2015-04-07 21:15 - 2015-04-07 21:16 - 19972216 _____ () C:\Users\Florian\Downloads\craftbukkit-1.7.2-r0.3.jar
2015-04-07 20:48 - 2015-03-28 15:53 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-07 20:47 - 2015-04-07 20:47 - 00333128 _____ () C:\Windows\Minidump\040715-17406-01.dmp
2015-04-06 19:19 - 2015-04-06 19:19 - 00018136 _____ () C:\Users\Florian\Downloads\x5lmE4C-.jpeg
2015-04-06 13:49 - 2015-04-06 13:50 - 10668616 _____ () C:\Users\Florian\Downloads\ServerSpawn - TripleRedShells.rar
2015-04-06 11:17 - 2015-04-06 11:17 - 02782320 _____ (Beepa Pty Ltd) C:\Users\Florian\Downloads\Fraps_v3.5.9.9.exe
2015-04-06 11:17 - 2015-04-06 11:17 - 00000587 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-04-06 11:17 - 2015-04-06 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-04-06 10:59 - 2015-04-06 11:19 - 00000000 ____D () C:\Users\Florian\Desktop\Instagram Hack v.2
2015-04-06 10:56 - 2015-04-06 10:56 - 00524288 _____ (Simon Tatham) C:\Users\Florian\Downloads\putty.exe
2015-04-06 10:47 - 2015-04-06 10:47 - 00128512 _____ (hxxp://softwarebydefault.com) C:\Users\Florian\Downloads\BatToExe.exe
2015-04-06 10:02 - 2015-04-06 10:02 - 00000000 _____ () C:\Users\Florian\Desktop\Neues Textdokument.txt
2015-04-05 21:26 - 2015-04-05 21:26 - 01692545 _____ (TeamExtreme) C:\Users\Matthis\Downloads\Minecraft Cracked Launcher.jar
2015-04-05 21:26 - 2015-04-05 21:26 - 01674929 _____ (TeamExtreme) C:\Users\Matthis\Desktop\Minecraft Cracked Launcher.jar
2015-04-05 20:55 - 2015-04-05 20:55 - 02347384 _____ (ESET) C:\Users\Robert\Downloads\esetsmartinstaller_deu.exe
2015-04-05 20:55 - 2015-04-05 20:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-05 20:43 - 2015-04-05 20:43 - 00000000 ____D () C:\Users\Robert\VirtualBox VMs
2015-04-05 20:40 - 2015-04-05 20:44 - 00000000 ____D () C:\Users\Robert\.VirtualBox
2015-04-05 20:40 - 2015-04-05 20:41 - 00000000 ____D () C:\Users\Robert\AppData\Local\Genymobile
2015-04-05 20:00 - 2015-04-05 20:00 - 00000615 _____ () C:\Users\Robert\Desktop\JRT.txt
2015-04-05 19:53 - 2015-04-05 19:53 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-GAMERPC-Windows-8.1-(64-bit).dat
2015-04-05 19:53 - 2015-04-05 19:53 - 00000000 ____D () C:\RegBackup
2015-04-05 19:51 - 2015-04-05 19:51 - 02690981 _____ (Thisisu) C:\Users\Robert\Desktop\JRT.exe
2015-04-05 19:50 - 2015-04-05 19:51 - 02690981 _____ (Thisisu) C:\Users\Robert\Downloads\JRT.exe
2015-04-05 19:50 - 2015-04-05 19:50 - 02208768 _____ () C:\Users\Robert\Downloads\AdwCleaner_4.200.exe
2015-04-05 19:50 - 2015-04-05 19:50 - 02208768 _____ () C:\Users\Robert\Desktop\AdwCleaner_4.200.exe
2015-04-05 19:12 - 2015-04-05 19:11 - 05617096 _____ (Swearware) C:\Users\Robert\Desktop\ComboFix.exe
2015-04-05 19:10 - 2015-04-05 19:11 - 05617096 _____ (Swearware) C:\Users\Robert\Downloads\ComboFix.exe
2015-04-05 19:04 - 2015-04-06 08:04 - 00000000 ____D () C:\Users\Robert\AppData\Local\CrashDumps
2015-04-05 18:54 - 2015-04-08 20:18 - 00000000 ____D () C:\FRST
2015-04-05 18:54 - 2015-04-05 20:02 - 00052999 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-04-05 18:54 - 2015-04-05 20:02 - 00025346 _____ () C:\Users\Robert\Desktop\Addition.txt
2015-04-05 18:54 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-04-05 18:53 - 2015-04-05 18:54 - 02095616 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2015-04-05 13:58 - 2015-04-05 13:58 - 00000000 ____D () C:\Users\Florian\.idlerc
2015-04-05 13:56 - 2015-04-05 13:57 - 00000653 _____ () C:\Users\Florian\Desktop\server.properties
2015-04-05 13:46 - 2015-04-05 13:46 - 00000061 _____ () C:\Users\Florian\Desktop\spam.txt
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-04-05 13:46 - 2015-04-05 13:46 - 00000000 ____D () C:\Users\Florian\AppData\Local\pip
2015-04-05 13:45 - 2015-04-05 13:46 - 00000000 ____D () C:\Python34
2015-04-05 13:43 - 2015-04-05 13:45 - 25550848 _____ () C:\Users\Florian\Downloads\python-3.4.3.amd64.msi
2015-04-05 13:41 - 2015-04-07 11:09 - 00005776 _____ () C:\Users\Florian\Desktop\Pwnage.py
2015-04-05 12:46 - 2015-01-23 09:18 - 22290560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-05 12:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 19731312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-05 12:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-05 12:45 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-05 12:45 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-05 12:29 - 2015-04-05 12:29 - 00316976 _____ () C:\Windows\Minidump\040515-25781-01.dmp
2015-04-04 16:36 - 2015-04-04 18:04 - 06420600 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-03-31 23:35 - 2015-04-04 21:38 - 00000020 _____ () C:\Windows\capsys184523.log
2015-03-31 23:35 - 2015-04-04 21:38 - 00000000 ____D () C:\Action!
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mirillis
2015-03-31 23:35 - 2015-03-31 23:35 - 00000000 ____D () C:\ProgramData\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-03-31 23:34 - 2015-04-05 12:20 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2015-03-29 22:42 - 2015-03-29 22:42 - 00018318 _____ () C:\Users\Florian\Desktop\GunGame.jar
2015-03-29 00:20 - 2015-04-08 14:20 - 00000000 ____D () C:\Users\Florian\.VirtualBox
2015-03-29 00:19 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-03-29 00:19 - 2015-03-29 00:19 - 00001099 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-03-29 00:19 - 2015-03-29 00:19 - 00000000 ____D () C:\Program Files\Oracle
2015-03-29 00:19 - 2015-03-16 18:36 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-03-29 00:19 - 2015-03-16 18:35 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-03-29 00:14 - 2015-04-08 14:20 - 00000000 ____D () C:\Users\Florian\AppData\Local\Genymobile
2015-03-29 00:14 - 2015-03-29 00:14 - 00048879 _____ () C:\Users\Florian\genymotion-log.zip
2015-03-29 00:13 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-03-29 00:13 - 2015-03-29 00:13 - 00001004 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000999 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2015-03-29 00:13 - 2015-03-29 00:13 - 00000000 ____D () C:\Program Files\Genymobile
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-03-28 23:24 - 2015-04-05 12:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-03-28 23:24 - 2015-03-28 23:24 - 00001843 _____ () C:\Users\Public\Desktop\Apps.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00001826 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-03-28 23:24 - 2015-03-28 23:24 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-03-28 18:16 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-27 23:05 - 2015-03-27 23:05 - 00000433 _____ () C:\Users\Florian\Desktop\ERROR.txt
2015-03-27 13:07 - 2015-01-28 16:45 - 00037704 _____ (RealVNC Ltd) C:\Windows\system32\VNCpm.dll
2015-03-27 09:29 - 2015-03-27 09:29 - 00328928 _____ () C:\Windows\Minidump\032715-20078-01.dmp
2015-03-27 07:29 - 2015-03-27 07:29 - 00321056 _____ () C:\Windows\Minidump\032715-13656-01.dmp
2015-03-26 21:25 - 2015-03-26 21:25 - 00323472 _____ () C:\Windows\Minidump\032615-16156-01.dmp
2015-03-26 19:40 - 2015-03-26 19:40 - 00314112 _____ () C:\Windows\Minidump\032615-15593-01.dmp
2015-03-26 07:32 - 2015-03-26 07:32 - 00324456 _____ () C:\Windows\Minidump\032615-17656-01.dmp
2015-03-25 22:42 - 2015-03-25 22:42 - 00944913 _____ () C:\Users\Florian\Desktop\Swegen.rar
2015-03-25 19:39 - 2015-03-25 19:41 - 01673860 _____ (TeamExtreme) C:\Users\Florian\Desktop\Minecraft Cracked Launcher.jar
2015-03-25 19:32 - 2015-03-25 19:32 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-03-25 19:31 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-25 19:22 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00101576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-03-25 19:22 - 2015-03-13 21:41 - 00040136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-03-25 19:22 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-25 19:01 - 2015-03-25 19:01 - 00356976 _____ () C:\Windows\Minidump\032515-18578-01.dmp
2015-03-25 18:21 - 2015-03-25 18:21 - 00000000 ____D () C:\Dropbox
2015-03-25 17:56 - 2015-03-25 17:56 - 00079360 _____ () C:\Users\Florian\Desktop\XPloit.exe
2015-03-25 16:43 - 2015-03-25 16:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TeamViewer
2015-03-25 16:39 - 2015-03-25 17:33 - 00000000 ____D () C:\Users\Florian\Documents\Visual Studio 2013
2015-03-25 07:17 - 2015-03-25 07:17 - 00325112 _____ () C:\Windows\Minidump\032515-13453-01.dmp
2015-03-24 20:55 - 2015-03-24 20:55 - 00323576 _____ () C:\Windows\Minidump\032415-17734-01.dmp
2015-03-24 17:41 - 2015-04-05 12:15 - 00000000 ____D () C:\Users\Florian\Desktop\scripts
2015-03-24 07:42 - 2015-03-24 07:42 - 00331840 _____ () C:\Windows\Minidump\032415-15718-01.dmp
2015-03-23 19:30 - 2015-03-23 19:30 - 00335184 _____ () C:\Windows\Minidump\032315-16515-01.dmp
2015-03-23 19:03 - 2015-03-23 19:05 - 00000000 ____D () C:\Program Files (x86)\iPadian
2015-03-23 19:03 - 2015-03-23 19:03 - 00000998 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-03-23 16:33 - 2015-03-23 16:33 - 00315864 _____ () C:\Windows\Minidump\032315-21156-01.dmp
2015-03-23 16:15 - 2015-03-23 16:15 - 00329744 _____ () C:\Windows\Minidump\032315-34703-01.dmp
2015-03-23 14:42 - 2015-03-23 14:42 - 00312568 _____ () C:\Windows\Minidump\032315-20531-01.dmp
2015-03-22 20:56 - 2015-03-22 20:59 - 00007852 _____ () C:\Users\Florian\Desktop\ACPSCANNER.PY
2015-03-21 16:55 - 2011-03-13 16:38 - 00000000 ____D () C:\Users\Florian\Desktop\jbe
2015-03-21 14:54 - 2015-03-21 14:54 - 00056620 _____ () C:\Users\Florian\Desktop\ParticleText1.jar
2015-03-21 11:36 - 2015-03-21 11:36 - 00393630 _____ () C:\Users\Florian\Desktop\AnimatedMOTD.rar
2015-03-21 11:36 - 2015-03-20 21:52 - 00278762 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bukkit.jar
2015-03-21 11:36 - 2015-03-20 21:52 - 00172206 _____ () C:\Users\Florian\Desktop\AnimatedMOTD-Bungee.jar
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2015-03-21 11:03 - 2015-03-21 11:03 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2015-03-21 09:47 - 2015-03-21 09:47 - 00224720 _____ () C:\Users\Florian\ts3_recording_15_03_21_8_47_49.wav
2015-03-21 07:02 - 2015-04-08 15:55 - 00050610 _____ () C:\Windows\PFRO.log
2015-03-20 23:34 - 2015-04-04 22:00 - 00002244 ____H () C:\Users\Florian\Documents\Default.rdp
2015-03-20 23:31 - 2015-03-20 23:31 - 00006930 _____ () C:\Users\Florian\Documents\Nicknamer.src.zip
2015-03-20 23:31 - 2015-03-20 23:31 - 00000000 ____D () C:\Users\Florian\Documents\Nicknamer.src
2015-03-20 23:17 - 2015-03-20 23:19 - 00000000 ____D () C:\Program Files (x86)\BitTorrent Sync
2015-03-20 23:17 - 2015-03-20 23:17 - 00000000 ____D () C:\Users\Florian\Desktop\Leak
2015-03-20 23:11 - 2015-03-20 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-20 23:11 - 2015-03-20 23:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00866720 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00788896 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-20 23:08 - 2015-03-20 23:08 - 00095648 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-20 22:59 - 2015-03-27 22:59 - 00000000 ____D () C:\Users\Florian\Documents\CyberLink
2015-03-20 22:58 - 2015-03-20 22:58 - 00000000 ____D () C:\ProgramData\Sun
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-20 22:55 - 2015-03-20 22:55 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-20 22:23 - 2015-04-07 21:12 - 00000000 ____D () C:\Users\Florian\Desktop\eclipse
2015-03-20 22:15 - 2015-04-08 16:28 - 00000000 ____D () C:\Users\Florian\Desktop\jd-gui-0.3.6.windows
2015-03-20 22:02 - 2015-04-08 15:55 - 00015505 _____ () C:\Windows\setupact.log
2015-03-20 22:02 - 2015-03-20 22:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-20 21:50 - 2015-03-20 21:50 - 00081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\ProgramData\cmcm
2015-03-20 21:50 - 2015-03-20 21:50 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-03-19 20:34 - 2015-03-19 20:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-18 19:34 - 2015-04-07 20:47 - 00000000 ____D () C:\Windows\Minidump
2015-03-17 16:40 - 2015-03-17 16:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\CyberLink
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2015-03-17 16:36 - 2015-03-17 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2015-03-16 19:51 - 2015-03-16 19:51 - 00106928 _____ () C:\Users\Florian\Desktop\custom plugins.rar
2015-03-16 18:35 - 2015-03-16 18:35 - 00204264 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2015-03-16 18:35 - 2015-03-16 18:35 - 00156360 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2015-03-16 18:35 - 2015-03-16 18:35 - 00141440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2015-03-16 16:00 - 2015-03-16 16:00 - 00000197 _____ () C:\Windows\system32\2015-03-16-14-00-06.003-AvastVBoxSVC.exe-4076.log
2015-03-15 19:58 - 2015-03-15 19:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\luc4chat
2015-03-15 19:57 - 2015-03-15 19:57 - 00288768 _____ () C:\Users\Florian\Desktop\Luc4Chat v1.3.exe
2015-03-15 11:43 - 2015-03-15 11:44 - 00000197 _____ () C:\Windows\system32\2015-03-15-09-43-36.078-AvastVBoxSVC.exe-3228.log
2015-03-14 15:25 - 2015-03-14 15:25 - 00000197 _____ () C:\Windows\system32\2015-03-14-13-25-52.097-AvastVBoxSVC.exe-2716.log
2015-03-14 09:25 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-25-10.040-aswFe.exe-2604.log
2015-03-14 09:21 - 2015-03-14 09:25 - 00000247 _____ () C:\Windows\system32\2015-03-14-07-21-19.072-aswFe.exe-7436.log
2015-03-14 09:21 - 2015-03-14 09:21 - 00000197 _____ () C:\Windows\system32\2015-03-14-07-21-18.027-AvastVBoxSVC.exe-6180.log
2015-03-13 17:55 - 2015-03-13 17:56 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-55-54.001-AvastVBoxSVC.exe-2600.log
2015-03-13 17:12 - 2015-03-13 17:12 - 00000197 _____ () C:\Windows\system32\2015-03-13-15-12-15.058-AvastVBoxSVC.exe-3992.log
2015-03-12 16:37 - 2015-03-12 16:37 - 00000197 _____ () C:\Windows\system32\2015-03-12-14-37-52.020-AvastVBoxSVC.exe-3516.log
2015-03-12 15:50 - 2015-03-12 15:50 - 00000197 _____ () C:\Windows\system32\2015-03-12-13-50-39.060-AvastVBoxSVC.exe-3712.log
2015-03-11 18:48 - 2015-03-11 18:48 - 00000197 _____ () C:\Windows\system32\2015-03-11-16-48-07.026-AvastVBoxSVC.exe-2716.log
2015-03-11 17:59 - 2015-03-11 17:59 - 00000197 _____ () C:\Windows\system32\2015-03-11-15-59-52.069-AvastVBoxSVC.exe-3536.log
2015-03-10 20:09 - 2015-03-10 20:09 - 00000197 _____ () C:\Windows\system32\2015-03-10-18-09-36.034-AvastVBoxSVC.exe-3044.log
2015-03-10 14:17 - 2015-03-10 14:17 - 00000197 _____ () C:\Windows\system32\2015-03-10-12-17-33.065-AvastVBoxSVC.exe-3140.log
2015-03-09 19:54 - 2015-03-09 19:54 - 00000197 _____ () C:\Windows\system32\2015-03-09-17-54-57.026-AvastVBoxSVC.exe-2532.log
2015-03-09 17:11 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\IsolatedStorage
2015-03-09 17:10 - 2015-03-09 17:11 - 00000000 ____D () C:\Users\Florian\AppData\Local\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Gate
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-03-09 17:10 - 2015-03-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Red Gate
2015-03-09 16:31 - 2015-03-09 16:31 - 00000197 _____ () C:\Windows\system32\2015-03-09-14-31-28.032-AvastVBoxSVC.exe-2676.log
2015-03-09 16:25 - 2015-03-09 16:25 - 00000000 _____ () C:\Windows\SysWOW64\RENEAE.tmp
2015-03-09 15:41 - 2015-03-09 15:42 - 00000197 _____ () C:\Windows\system32\2015-03-09-13-41-55.009-AvastVBoxSVC.exe-2816.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 20:19 - 2014-12-26 16:28 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2015-04-08 20:18 - 2014-06-25 13:10 - 01591415 _____ () C:\Windows\WindowsUpdate.log
2015-04-08 20:17 - 2014-12-26 19:51 - 00000000 __RDO () C:\Users\Florian\OneDrive
2015-04-08 20:17 - 2014-12-26 16:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-08 20:17 - 2014-12-26 16:08 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-08 20:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-08 19:21 - 2014-12-26 16:24 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2015-04-08 19:03 - 2015-01-09 15:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2015-04-08 18:50 - 2014-12-26 15:59 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1001
2015-04-08 18:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-08 17:48 - 2014-12-26 16:07 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{57924B64-A7D9-4559-B436-2719A144580B}
2015-04-08 16:01 - 2014-04-02 14:32 - 01890242 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 16:01 - 2013-08-23 01:24 - 00806992 _____ () C:\Windows\system32\perfh007.dat
2015-04-08 16:01 - 2013-08-23 01:24 - 00177002 _____ () C:\Windows\system32\perfc007.dat
2015-04-08 15:58 - 2015-01-02 11:57 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2015-04-08 15:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-08 15:55 - 2015-02-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-08 15:55 - 2014-04-02 14:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-08 15:55 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 15:54 - 2014-12-26 18:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2015-04-08 15:54 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-08 13:03 - 2014-12-26 22:27 - 00000600 _____ () C:\Users\Florian\AppData\Local\PUTTY.RND
2015-04-08 09:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-08 09:40 - 2014-12-27 14:26 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1002
2015-04-07 21:13 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Eclipse
2015-04-07 20:56 - 2015-02-21 18:52 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{609F7BC3-5603-4808-8DE8-6BBDD102A38E}
2015-04-07 20:52 - 2014-12-29 11:09 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-349037752-829444022-2895315871-1003
2015-04-07 20:49 - 2015-01-05 15:28 - 00000000 ____D () C:\Users\Matthis\AppData\Roaming\.minecraft
2015-04-07 20:48 - 2015-02-27 18:17 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-07 07:43 - 2015-01-01 11:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{23C4C847-DFE7-4B1C-BC07-57EF41478CF5}
2015-04-06 14:20 - 2015-01-10 11:09 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2015-04-05 21:47 - 2014-12-29 11:04 - 00000000 ____D () C:\Users\Matthis
2015-04-05 20:43 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert
2015-04-05 19:52 - 2015-02-12 15:08 - 00000000 ____D () C:\AdwCleaner
2015-04-05 18:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-05 18:46 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-05 18:43 - 2014-12-26 18:35 - 00001666 _____ () C:\Windows\Sandboxie.ini
2015-04-05 18:42 - 2015-03-05 13:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-05 13:58 - 2014-12-26 15:54 - 00000000 ____D () C:\Users\Florian
2015-04-05 13:56 - 2015-02-09 20:35 - 00000000 ____D () C:\Users\Florian\Desktop\Verison
2015-04-05 12:20 - 2015-03-05 10:49 - 00000000 ____D () C:\Users\Florian\AppData\Local\Dxtory Software
2015-04-05 12:20 - 2015-02-20 16:38 - 00000000 ____D () C:\Program Files (x86)\IPVanish
2015-04-05 12:20 - 2014-12-26 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-05 12:17 - 2015-03-06 16:40 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2015-04-05 12:17 - 2015-03-06 16:37 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2015-04-05 12:15 - 2015-01-24 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2015-04-05 12:15 - 2015-01-17 18:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-05 12:15 - 2014-04-02 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-05 12:15 - 2014-04-02 14:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-05 12:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-05 12:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-04-04 16:55 - 2014-12-26 22:01 - 00000000 ____D () C:\Users\Florian\workspace
2015-04-04 14:53 - 2014-04-02 14:47 - 00001400 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 00:29 - 2015-01-31 17:37 - 00000000 ____D () C:\Users\Florian\.android
2015-03-28 23:24 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-28 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-28 15:53 - 2015-02-27 18:17 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-28 15:53 - 2015-02-27 18:17 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-28 05:44 - 2015-01-03 12:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-04-02 14:46 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2015-01-03 12:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-04-02 14:46 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 13:51 - 2014-12-26 17:13 - 00000000 ____D () C:\Fraps
2015-03-27 13:07 - 2015-01-24 13:58 - 00000000 ____D () C:\Program Files\RealVNC
2015-03-27 11:11 - 2015-02-07 22:57 - 00001966 _____ () C:\Users\Florian\Desktop\MC.txt
2015-03-26 21:04 - 2015-01-04 21:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-23 18:25 - 2015-01-02 19:26 - 00000000 ____D () C:\Users\Florian\AppData\Local\Windows Live
2015-03-20 23:23 - 2014-12-26 21:16 - 00000000 ____D () C:\Program Files\Java
2015-03-20 23:23 - 2014-12-26 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-20 22:58 - 2014-12-26 16:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-20 21:51 - 2014-12-26 16:28 - 00000000 ____D () C:\ProgramData\Skype
2015-03-20 21:51 - 2014-04-03 00:23 - 00000000 ____D () C:\Windows\Panther
2015-03-20 17:40 - 2014-06-26 09:35 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 08:25 - 2013-08-22 16:44 - 05104232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-19 21:35 - 2014-06-26 09:36 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-19 16:05 - 2015-03-06 16:40 - 00001816 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-17 16:40 - 2015-01-12 20:09 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-03-17 16:36 - 2015-01-12 20:14 - 00000000 ____D () C:\Program Files\NewBlue
2015-03-17 16:36 - 2015-01-12 20:09 - 00000000 ____D () C:\Program Files\CyberLink
2015-03-17 16:36 - 2014-04-02 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-17 16:33 - 2014-04-02 14:26 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-03-17 14:06 - 2014-12-27 14:21 - 00000000 ____D () C:\Users\Robert\AppData\Local\Google
2015-03-13 21:41 - 2015-01-03 12:40 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 21:41 - 2014-04-02 14:45 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2014-04-02 14:45 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2014-04-02 14:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 15:10 - 2014-04-02 14:45 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2015-01-22 16:07 - 2015-01-29 19:35 - 0000600 _____ () C:\Users\Florian\AppData\Roaming\PUTTY.RND
2014-12-26 22:27 - 2015-04-08 13:03 - 0000600 _____ () C:\Users\Florian\AppData\Local\PUTTY.RND
2014-04-02 14:47 - 2014-04-02 14:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-05 20:09

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Florian at 2015-04-08 20:19:15
Running from C:\Users\Florian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
.NET Reflector Desktop (HKLM-x32\...\{3450CBDE-2AE7-4FB8-93E3-37995ADE4F13}) (Version: 8.5.0.179 - Red Gate Software Ltd)
.NET Reflector Visual Studio Extension 8.5 (HKLM-x32\...\{EF31CB34-7A2F-47EE-A45A-C3E547FB92A3}) (Version: 8.5.0.179 - Red Gate Software Ltd)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{BFDBC96A-C44F-4BE9-B671-54517F87A097}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
CMake 3.1.0, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.1.0) (Version: 3.1.0 - Kitware)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2104.0 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
Java(TM) 6 Update 41 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216041FF}) (Version: 6.0.410 - Oracle)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 with Update 4 (HKLM-x32\...\{dca572ee-b6f6-4560-9879-fec58cc0022c}) (Version: 12.0.31101 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenVPN 2.3.6-I001  (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python 3.4.3 (64-bit) (HKLM\...\{9529565F-E693-3F11-B3BF-8CD545F5F9A0}) (Version: 3.4.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd)
VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-03-2015 15:52:51 avast! antivirus system restore point
05-04-2015 12:08:44 Wiederherstellungsvorgang
07-04-2015 20:48:11 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B532CFC-CFDF-41F7-BCC5-721E20B08235} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {10A6F690-FF61-4306-BD83-2C6CB502AEAD} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {20CC6A02-1F66-4620-935B-37F98358FF07} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {41C94DA0-B7FB-4A13-8829-7AE01F013CF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {87DBC435-1E3E-4C52-BBF0-1E303F830702} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {C16DB48F-2B54-45DF-A953-7A232773CA21} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-florian.kemnitz@ewetel.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {CCE17257-66A0-4A05-97A0-375020C83C17} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-28] (Avast Software s.r.o.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-02 14:45 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-26 21:32 - 2014-12-26 21:32 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-26 15:40 - 2014-09-26 15:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-03-28 15:53 - 2015-03-28 15:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-28 15:53 - 2015-03-28 15:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-08 13:40 - 2015-04-08 13:40 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040801\algo.dll
2014-04-02 14:42 - 2014-02-26 09:59 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-04 14:53 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-16 11:15 - 2014-10-16 11:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-04-05 22:31 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-05 22:31 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-05 22:31 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-05 22:31 - 2015-03-30 23:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-03-18 16:24 - 2015-03-18 16:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Florian\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Florian\Desktop\Instagram Hack v.2:)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-349037752-829444022-2895315871-1001\Software\Classes\exefile:  <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-349037752-829444022-2895315871-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-349037752-829444022-2895315871-1001\...\StartupApproved\Run: => "Spotify"

==================== Accounts: =============================

Administrator (S-1-5-21-349037752-829444022-2895315871-500 - Administrator - Disabled)
Florian (S-1-5-21-349037752-829444022-2895315871-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-349037752-829444022-2895315871-501 - Limited - Disabled)
Matthis (S-1-5-21-349037752-829444022-2895315871-1003 - Limited - Enabled) => C:\Users\Matthis
Robert (S-1-5-21-349037752-829444022-2895315871-1002 - Administrator - Enabled) => C:\Users\Robert

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2015 08:17:33 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/08/2015 05:41:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.750.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b34

Startzeit: 01d072125a36d10b

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.7\bin\javaw.exe

Berichts-ID: a77df24f-de05-11e4-82d7-448a5b822d03

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/08/2015 04:54:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (04/08/2015 03:57:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (04/08/2015 03:57:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (04/08/2015 03:57:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (04/08/2015 03:54:49 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/08/2015 09:47:41 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (04/08/2015 09:41:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (04/08/2015 09:32:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


System errors:
=============
Error: (04/08/2015 03:54:46 PM) (Source: DCOM) (EventID: 10010) (User: GAMERPC)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/08/2015 09:40:49 AM) (Source: DCOM) (EventID: 10010) (User: GamerPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/07/2015 09:12:24 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:12:15 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:12:01 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:11:52 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:11:43 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:11:34 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:11:25 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869

Error: (04/07/2015 09:11:16 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:2869


Microsoft Office Sessions:
=========================
Error: (04/08/2015 08:17:33 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/08/2015 05:41:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.750.131b3401d072125a36d10b16C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.7\bin\javaw.exea77df24f-de05-11e4-82d7-448a5b822d03

Error: (04/08/2015 04:54:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/08/2015 03:57:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe

Error: (04/08/2015 03:57:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe

Error: (04/08/2015 03:57:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe

Error: (04/08/2015 03:54:49 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/08/2015 09:47:41 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (04/08/2015 09:41:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (04/08/2015 09:32:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8134.25 MB
Available physical RAM: 5046.53 MB
Total Pagefile: 16326.25 MB
Available Pagefile: 11934.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:102.02 GB) (Free:15.82 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:911.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 117.4 GB) (Disk ID: E5E8230C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1D911FED)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 09.04.2015, 09:37

Alte Java Versionen deinstallieren, aktuelle installieren.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

08.04.2015, 19:10	#6
schrauber /// the machine /// TB-Ausbilder	Kein Internetzugriff, nur durch Browser. Und der Rest? __________________ --> Kein Internetzugriff, nur durch Browser.

Kein Internetzugriff, nur durch Browser.

Plagegeister aller Art und deren Bekämpfung: Kein Internetzugriff, nur durch Browser.