Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Chrome/Opera öffnet werbe-tabs automatisch!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.05.2015, 19:30   #1
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Hallo,

ich habe mich bereits ein wenig durchs Forum geklickt und mit beiden empfohlenen Programmen gearbeitet.

Chrome und auch Opera öffnet werbetabs automatisch und exzessiv sobald ich auf irgendwelche links klicke! Habe schon Antiviren software versucht drüberlaufen zu lassen, nichts funktioniert!

Danke im Voraus!!!

Addition:

PHP-Code:
Additional scan result of Farbar Recovery Scan Tool (x64Version14-05-2015 02
Ran by Durdelschön at 2015
-05-15 17:45:38
Running from C
:\Users\Durdelschön\Downloads
Boot Mode
Normal
==========================================================


==================== 
Accounts: =============================

Administrator (S-1-5-21-2719917741-3841041876-3078627320-500 Administrator Disabled)
Durdelschön (S-1-5-21-2719917741-3841041876-3078627320-1001 Administrator Enabled) => C:\Users\Durdelschön
Gast 
(S-1-5-21-2719917741-3841041876-3078627320-501 Limited Disabled)

==================== 
Security Center ========================

(If 
an entry is included in the fixlistit will be removed.)

AVWindows Defender (Disabled Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AVavastAntivirus (Enabled Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: 
Windows Defender (Disabled Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 
avastAntivirus (Enabled Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== 
Installed Programs ======================

(
Only the adware programs with "hidden" flag could be added to the fixlist to unhide themThe adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version2.3.0.322 Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version17.0.0.169 Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version13.0 Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version11.0.11 Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version2.1.5 Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version2.1.3.127 Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version10.2.2218 AVAST Software)
BatmanArkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version1.0.0.0 Square Enix Limited)
calibre (HKLM-x32\...\{A66F2101-9BFC-4FB6-9277-7F59EF88BCC2}) (Version1.38.0 Kovid Goyal)
D3DX10 (x32 Version15.4.2368.0902 MicrosoftHidden
Dropbox 
(HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Dropbox) (Version2.10.52 DropboxInc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version3.1.521 Skype Limited)
Fotogalerie (x32 Version16.4.3528.0331 Microsoft CorporationHidden
Free Audio Converter version 5.0.37.327 
(HKLM-x32\...\Free Audio Converter_is1) (Version5.0.37.327 DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version42.0.2311.152 Google Inc.)
Google Update Helper (x32 Version1.3.25.11 Google Inc.) Hidden
Google Update Helper 
(x32 Version1.3.27.5 Google Inc.) Hidden
Intel
(RProcessor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version10.18.10.3379 Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version8.0.200 Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version8.0.200 Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version0.9 AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version2.0 AppWork GmbH)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version5.3.06.20130913 LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version3.12.1.0 LG Electronics)
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{43295475-62CA-4F25-B46C-43C59258780E}) (Version4.1.4.2 The Document Foundation)
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version4.1.3.2 The Document Foundation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version3.8.150.1 McAfeeInc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version4.0.40804.0 Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version8.0.31217.1 Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version4.0.4276.0 Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{E5AB3F65-7FAC-41C6-B176-7599D2404BB2}) (Version4.0.4276.0 Microsoft Corporation)
Microsoft Games for Windows LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version3.5.95.0 Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version3.5.67.0 Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version5.1.40416.0 Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version3.1.0000 Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version8.0.61001 Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version8.0.56336 Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version8.0.61000 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version9.0.30729 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version9.0.30729.4148 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version9.0.30729.6161 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version9.0.30729 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version9.0.30729.4148 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version9.0.30729.6161 Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version10.0.40219 Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version10.0.40219 Microsoft Corporation)
Might MagicHeroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version1.0.3.0 Mojang)
Movie Maker (x32 Version16.4.3528.0331 Microsoft CorporationHidden
Mozilla Maintenance Service 
(HKLM-x32\...\MozillaMaintenanceService) (Version24.5.0 Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version31.6.0 Mozilla)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version2.1.4 NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version340.52 NVIDIA Corporation)
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version29.0.1795.47 Opera Software ASA)
PDF Settings CS6 (x32 Version11.0 Adobe Systems IncorporatedHidden
Pidgin 
(HKLM-x32\...\Pidgin) (Version2.10.9 - )
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-GamesLtd.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version1.5.2 Alessandro Portale)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version7.71.80.42 Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version1.95 VS Revo Group)
SHIELD Streaming (Version3.1.2000 NVIDIA CorporationHidden
SHIELD Wireless Controller Driver 
(Version16.13.65 NVIDIA CorporationHidden
Skype™ 7.0 
(HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version7.0.102 Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version2.10.91.91 Valve Corporation)
The Elder Scrolls VSkyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Endless Forest (HKLM-x32\...\The Endless Forest_is1) (Version:  - Tale of Tales)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version3.8.0.117 PandoraTV)
Uplay (HKLM-x32\...\Uplay) (Version4.4 Ubisoft)
Valiant HeartsThe Great War™ Soldats Inconnus Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version2.1.2 VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version5.3.3-Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version2.1.0.3 Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version2.1.0.3 Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version16.4.3528.0331 Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version5.01.0 win.rar GmbH)

==================== 
Custom CLSID (selected items): ==========================

(If 
an entry is included in the fixlistit will be removed from registryAny eventual file will not be moved.)

CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)
CustomCLSIDHKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (DropboxInc.)

==================== 
Restore Points  =========================

12-05-2015 08:11:26 Geplanter Prüfpunkt
15
-05-2015 09:40:24 avastantivirus system restore point

==================== Hosts content: ==========================

(If 
needed Hostsdirective could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 2013-08-22 15:25 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If 
an entry is included in the fixlistit will be removed from registryAny associated file could be listed separately to be moved.)

Task: {16575543-0B74-4BD1-B6B5-6E27D9BB382E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {2587BFA0-5756-44B1-A38F-1DDD48CC24EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {33E22528-F43C-4E4B-8A9D-3A960D992E30} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {41360B2D-3FFF-4B2A-9C0D-6AB955FFA4C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {44CC233A-11CE-422A-A77A-62AC8005107B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {71BF2952-7FFB-4565-939D-A1205A76B827} - System32\Tasks\AdobeAAMUpdater-1.0-Brush-Durdelschön => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {7BC3A6E1-6146-4658-8D16-EC3C2BADA46E} - System32\Tasks\Opera scheduled Autoupdate 1400175085 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {82FF8F1C-E9F6-4182-807A-CA90BCE8958F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
Task: {8D62AFD0-DA00-4C0C-9A5B-CBDD79740FC8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B52BB833-C9E2-47D5-9C58-DAC647C47426} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {BDE12863-B71F-474B-A705-242BC21B5D0A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {C3CB0B49-DBBA-4CD5-BAD9-D0D1F1862018} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C9B287E1-F314-45CB-9767-FE6EB210F912} - System32\Tasks\avastEmergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-15] (Avast Software s.r.o.)
Task: {D1F53511-14EE-48C8-98A2-540B6F33F9EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
TaskC:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core.job => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA.job => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-19 02:35 2014-07-02 20:55 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013
-12-13 13:20 2013-12-13 13:20 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014
-01-23 10:34 2013-12-17 03:17 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015
-05-15 10:05 2015-05-15 10:05 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015
-05-15 10:05 2015-05-15 10:05 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015
-05-15 10:05 2015-05-15 10:05 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051500\algo.dll
2015
-05-15 10:05 2015-05-15 10:05 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015
-05-13 07:21 2015-05-05 06:06 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015
-05-13 07:21 2015-05-05 06:06 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2015
-05-13 07:21 2015-05-05 06:06 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll
2015
-04-07 20:22 2015-04-07 20:22 03348592 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015
-04-07 20:22 2015-04-07 20:22 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015
-04-07 20:22 2015-04-07 20:22 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If 
an entry is included in the fixlistonly the Alternate Data Streams will be removed.)


==================== 
Safe Mode (Whitelisted) ===================

(If 
an item is included in the fixlistit will be removed from the registryThe "AlternateShell" will be restored.)


==================== 
EXE Association (Whitelisted) ===============

(If 
an entry is included in the fixlistthe default will be restoredNone default entries will be removed.)


==================== 
Internet Explorer trusted/restricted ===============

(If 
an entry is included in the fixlistthe associated entry will be removed from the registry.)


==================== 
Other Areas ============================

(
Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Durdelschön\Desktop\tedahah.png
DNS Servers
192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(
Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If 
an entry is included in the fixlistit will be removed from registryAny eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (AllowLPort=139
FirewallRules
: [TCP Query User{23E59FA1-DBDE-4006-A57D-E05F158F103D}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (AllowC:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules
: [UDP Query User{C8ABC53C-9CFF-4A6B-BEBF-5D62B69E4306}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (AllowC:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules
: [{8DCBC85A-DF5B-46A3-850E-245CD5B7BFF4}] => (AllowH:\games\Steam\Steam.exe
FirewallRules
: [{03B331AA-91D2-450A-B1BA-E4FB222966E9}] => (AllowH:\games\Steam\Steam.exe
FirewallRules
: [{DED09175-75AB-40B4-B3B3-4060B48E3BDC}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules
: [{8FF8F173-8C3E-4CA2-AACB-2ADCE93743FA}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules
: [{1EFA5709-D34D-4F8C-A5F4-673545DBAD54}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules
: [{76ED0809-8CEF-4774-AEB1-0DB1964BEC72}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules
: [{B66C379C-3D03-4FA0-81B7-9E2EC2CF75FF}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules
: [{10132F4E-D0E0-4A54-859B-58584D04A407}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules
: [{B04BE202-F3A1-4D32-BB8F-AA65CBA04720}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules
: [{59583472-EDE3-4197-ABFE-1C93DCCD4E90}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules
: [{98B8E2A2-D2D5-4165-A9A5-13B016B0DCC8}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules
: [{74CD8258-7AA0-4B48-9DCA-7BB681076969}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules
: [{8E90869B-7727-41C3-92ED-323853179E44}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules
: [{887D15AC-1F06-4342-8734-0EAE578E523C}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules
: [{70FCD27B-5C9E-4091-90B8-C293105546D0}] => (AllowC:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules
: [{B86030BC-8A1A-456B-A66A-11E679BAFBD3}] => (AllowC:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules
: [TCP Query User{D9B56AEC-2BC0-4AFE-BF7D-6EDC7A73BB65}C:\program files (x86)\skype\phone\skype.exe] => (AllowC:\program files (x86)\skype\phone\skype.exe
FirewallRules
: [UDP Query User{32A26551-63C1-47AB-B200-F52B6A5E91BC}C:\program files (x86)\skype\phone\skype.exe] => (AllowC:\program files (x86)\skype\phone\skype.exe
FirewallRules
: [TCP Query User{9A011109-64B9-4CAA-A23A-184E60A7B5B5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (AllowC:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules
: [UDP Query User{0875E7E8-65F9-4136-96B9-E2CE8DD2A6FE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (AllowC:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules
: [{8D094831-BB1A-44DB-AACC-25EB62C8761A}] => (AllowC:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules
: [{5E0C7F84-52A7-4986-B98A-2164E937801E}] => (AllowH:\games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules
: [{D8C157FA-5295-4167-8B17-D59333396D6E}] => (AllowH:\games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules
: [{28E014F8-52D2-42D7-BA0D-4EAED7B3DA87}] => (AllowH:\games\BatmanAsylum\Binaries\ShippingPC-BmGame.exe
FirewallRules
: [{4ED64276-059D-4ACD-89FF-5D3205F6A126}] => (AllowH:\games\BatmanAsylum\Binaries\ShippingPC-BmGame.exe
FirewallRules
: [{7DE00FF8-D575-46FD-B38C-E8D573CF2F72}] => (AllowH:\games\Steam\SteamApps\common\pixeljunkeden\eden.exe
FirewallRules
: [{3E28D44D-8BA1-4FB2-A316-B7A6FA8A7CC8}] => (AllowH:\games\Steam\SteamApps\common\pixeljunkeden\eden.exe
FirewallRules
: [{74FE03DA-24FC-42B6-8780-DEFC2A91DF2F}] => (AllowH:\games\Steam\SteamApps\common\Proteus\Proteus.exe
FirewallRules
: [{6EC01CD7-7FFF-4CB4-8A68-DB7FBB2771E5}] => (AllowH:\games\Steam\SteamApps\common\Proteus\Proteus.exe
FirewallRules
: [TCP Query User{F5892784-757C-4722-88CE-FC9FAE9A76F6}C:\windows\system32\java.exe] => (AllowC:\windows\system32\java.exe
FirewallRules
: [UDP Query User{CED51448-16B6-4185-A901-5B4FAF4AF518}C:\windows\system32\java.exe] => (AllowC:\windows\system32\java.exe
FirewallRules
: [TCP Query User{6E7861EB-1B95-477D-AF2E-EADE60492116}C:\program files\java\jre8\bin\javaw.exe] => (AllowC:\program files\java\jre8\bin\javaw.exe
FirewallRules
: [UDP Query User{172CF3BA-9EAF-410B-A3CF-57085EADAFA9}C:\program files\java\jre8\bin\javaw.exe] => (AllowC:\program files\java\jre8\bin\javaw.exe
FirewallRules
: [{C316B2F6-887C-47BD-AA48-B4F8D12F9DB2}] => (AllowH:\games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules
: [{F506F01D-E0FA-4E96-B307-E53EE31C7C41}] => (AllowH:\games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules
: [{22649C40-9537-49F5-8BEA-3BC31F7A5933}] => (AllowH:\games\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules
: [{58A2E13F-0F2F-416D-961E-7C5DA06A8461}] => (AllowH:\games\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules
: [{AC77C2FD-0A9F-44F2-915D-7DA458970F95}] => (AllowC:\Users\Durdelschön\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules
: [TCP Query User{742259BA-5503-46A0-9067-8E4E94DF568A}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (AllowC:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules
: [UDP Query User{303923FE-2024-44DA-9EA7-347074FA1252}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (AllowC:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules
: [TCP Query User{66A278A6-3B44-436A-9B36-C72C50FA0BF7}C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe] => (AllowC:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules
: [UDP Query User{DE88C640-2E0A-4708-BEC8-93A9FEF469AF}C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe] => (AllowC:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules
: [TCP Query User{98A53DD8-7CFD-477E-9854-85BA17224E11}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (AllowC:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules
: [UDP Query User{217AE602-17B9-407E-A414-A06AA3B78356}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (AllowC:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules
: [TCP Query User{228DB9B4-98E6-470F-A5A1-F51E7915C410}C:\program files (x86)\skype\phone\skype.exe] => (AllowC:\program files (x86)\skype\phone\skype.exe
FirewallRules
: [UDP Query User{59E142F8-4036-40D7-99EA-B92FAF2F788B}C:\program files (x86)\skype\phone\skype.exe] => (AllowC:\program files (x86)\skype\phone\skype.exe
FirewallRules
: [TCP Query User{5240A6FF-4E62-4CA3-88DD-C4FDD3393AC7}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (AllowC:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules
: [UDP Query User{DA6D86A0-41D2-499E-88F0-42892B4E3EE0}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (AllowC:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules
: [{0608121A-6266-4BBB-9B3A-3CA107D70C08}] => (AllowC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules
: [{34F9AFF7-23F4-4B64-854B-3276B0C4517F}] => (AllowLPort=2869
FirewallRules
: [{76640BEE-61FC-4630-A80F-CD56CB9A35FA}] => (AllowLPort=1900
FirewallRules
: [TCP Query User{FC6B42F8-602F-4816-993A-81FAE0492477}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (AllowC:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules
: [UDP Query User{BCFA6E2E-EC63-4D54-842E-310D8A8DFAC9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (AllowC:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules
: [{210C09C2-7162-44C9-8A63-BBF32004DAA7}] => (AllowH:\Steam\Steam.exe
FirewallRules
: [{8FC6ECAE-E27B-42F6-9DFD-F4E0CF330AC6}] => (AllowH:\Steam\Steam.exe
FirewallRules
: [{6A2F1BBB-6B09-4174-99F6-F1260C55FD4D}] => (AllowH:\Steam\bin\steamwebhelper.exe
FirewallRules
: [{AA9BA9B8-EEC7-4A58-9043-107D08B42344}] => (AllowH:\Steam\bin\steamwebhelper.exe
FirewallRules
: [{63F139E8-E754-45EF-A725-8BD4C749167C}] => (AllowH:\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules
: [{356526C8-16F8-49AE-B09B-301E6B8E9D5A}] => (AllowH:\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules
: [{1FDEC119-9042-4FFF-AF54-DF391B111616}] => (AllowC:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

NameSM-Bus-Controller
Description
SM-Bus-Controller
Class Guid
Manufacturer
Service
Problem: : The drivers for this device are not installed. (Code 28)
ResolutionTo install the drivers for this deviceclick "Update Driver"which starts the Hardware Update wizard.

NamePCI-Gerät
Description
PCI-Gerät
Class Guid
Manufacturer
Service
Problem: : The drivers for this device are not installed. (Code 28)
ResolutionTo install the drivers for this deviceclick "Update Driver"which starts the Hardware Update wizard.

Name
Description
Class 
Guid
Manufacturer
Service
Problem: : The drivers for this device are not installed. (Code 28)
ResolutionTo install the drivers for this deviceclick "Update Driver"which starts the Hardware Update wizard.

NamePCI-Kommunikationscontroller (einfach)
DescriptionPCI-Kommunikationscontroller (einfach)
Class 
Guid
Manufacturer
Service
Problem: : The drivers for this device are not installed. (Code 28)
ResolutionTo install the drivers for this deviceclick "Update Driver"which starts the Hardware Update wizard.


==================== 
Event log errors: =========================

Application errors:
==================
Error: (05/15/2015 05:10:15 PM) (SourceNvStreamSvc) (EventID1) (User: )
DescriptionNvStreamSvcCan continue stopping. [1008]

Error: (05/15/2015 09:10:36 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.

Error: (05/15/2015 08:47:40 AM) (SourceMicrosoft-Windows-RestartManager) (EventID10006) (UserBrush)
Description: Die Anwendung oder der Dienst "Adobe Photoshop CS6" konnte nicht heruntergefahren werden.

Error: (05/15/2015 08:46:42 AM) (SourceApplication Error) (EventID1000) (User: )
DescriptionName der fehlerhaften Anwendungchrome.exeVersion42.0.2311.152Zeitstempel0x55481340
Name des fehlerhaften Moduls
chrome.dllVersion42.0.2311.152Zeitstempel0x55480f15
Ausnahmecode
0x80000003
Fehleroffset
0x0052c327
ID des fehlerhaften Prozesses
0x1b7c
Startzeit der fehlerhaften Anwendung
0xchrome.exe0
Pfad der fehlerhaften Anwendung
chrome.exe1
Pfad des fehlerhaften Moduls
chrome.exe2
Berichtskennung
chrome.exe3
Vollständiger Name des fehlerhaften Pakets
chrome.exe4
Anwendungs
-ID, die relativ zum fehlerhaften Paket istchrome.exe5

Error
: (05/15/2015 06:52:58 AM) (SourceApplication Error) (EventID1000) (User: )
DescriptionName der fehlerhaften Anwendungchrome.exeVersion42.0.2311.152Zeitstempel0x55481340
Name des fehlerhaften Moduls
chrome.dllVersion42.0.2311.152Zeitstempel0x55480f15
Ausnahmecode
0x80000003
Fehleroffset
0x0052c327
ID des fehlerhaften Prozesses
0x1a78
Startzeit der fehlerhaften Anwendung
0xchrome.exe0
Pfad der fehlerhaften Anwendung
chrome.exe1
Pfad des fehlerhaften Moduls
chrome.exe2
Berichtskennung
chrome.exe3
Vollständiger Name des fehlerhaften Pakets
chrome.exe4
Anwendungs
-ID, die relativ zum fehlerhaften Paket istchrome.exe5

Error
: (05/15/2015 04:15:49 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.

Error: (05/15/2015 03:14:42 AM) (SourceMsiInstaller) (EventID1024) (UserBrush)
DescriptionProduktAdobe Reader XI (11.0.10) - Deutsch Update "{AC76BA86-7AD7-0000-2550-7A8C40011011}" konnte nicht installiert werdenFehlercode 1625. Windows Installer kann Protokolle erstellenum bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu seinVerwenden Sie folgenden Linkum Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhaltenhxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/14/2015 00:18:59 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.

Error: (05/13/2015 09:11:48 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.

Error: (05/13/2015 07:21:23 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.


System errors:
=============
Error: (05/15/2015 05:14:14 PM) (Sourcebowser) (EventID8016) (User: )
DescriptionDer Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "BRUSH" auf Transport "NetBT_Tcpip_{E495A7BE-08C9-406F-A7FA-D64766ADEA21}"Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugtsolange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/15/2015 05:13:18 PM) (SourceBTHUSB) (EventID30) (User: )
DescriptionDer lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff"vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (05/15/2015 05:13:04 PM) (Sourcevolmgr) (EventID46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (05/15/2015 09:47:32 AM) (Sourcebowser) (EventID8016) (User: )
DescriptionDer Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "BRUSH" auf Transport "NetBT_Tcpip_{E495A7BE-08C9-406F-A7FA-D64766ADEA21}"Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugtsolange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/15/2015 09:46:10 AM) (SourceBTHUSB) (EventID30) (User: )
DescriptionDer lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff"vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (05/15/2015 09:42:05 AM) (SourceService Control Manager) (EventID7032) (User: )
DescriptionDer Versuch des Dienststeuerungs-Managersnach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Dienstsdurchzuführenist fehlgeschlagenFehler
%%
1056

Error
: (05/15/2015 09:41:51 AM) (SourceDCOM) (EventID10010) (UserBrush)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (05/15/2015 09:41:35 AM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Windows Search" wurde unerwartet beendetDies ist bereits 2 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführtNeustart des Diensts.

Error: (05/15/2015 09:41:35 AM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Druckwarteschlange" wurde unerwartet beendetDies ist bereits 2 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführtNeustart des Diensts.

Error: (05/15/2015 09:41:25 AM) (SourceService Control Manager) (EventID7034) (User: )
DescriptionDienst "Volumeschattenkopie" wurde unerwartet beendetDies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/15/2015 05:10:15 PM) (SourceNvStreamSvc) (EventID1) (User: )
DescriptionNvStreamSvcCan continue stopping. [1008]

Error: (05/15/2015 09:10:36 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error
: (05/15/2015 08:47:40 AM) (SourceMicrosoft-Windows-RestartManager) (EventID10006) (UserBrush)
Description1C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exeAdobe Photoshop CS60111714960

Error
: (05/15/2015 08:46:42 AM) (SourceApplication Error) (EventID1000) (User: )
Descriptionchrome.exe42.0.2311.15255481340chrome.dll42.0.2311.15255480f15800000030052c3271b7c01d08eda9d9bfe25C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\chrome.dll25097114-face-11e4-82d1-00c2c62e9509

Error
: (05/15/2015 06:52:58 AM) (SourceApplication Error) (EventID1000) (User: )
Descriptionchrome.exe42.0.2311.15255481340chrome.dll42.0.2311.15255480f15800000030052c3271a7801d08ecab8579199C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\chrome.dll4180927c-fabe-11e4-82d1-00c2c62e9509

Error
: (05/15/2015 04:15:49 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error
: (05/15/2015 03:14:42 AM) (SourceMsiInstaller) (EventID1024) (UserBrush)
DescriptionAdobe Reader XI (11.0.10) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011011}1625(NULL)(NULL)(NULL)

Error: (05/14/2015 00:18:59 AM) (SourceSideBySide) (EventID78) (User: )
DescriptionC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error
: (05/13/2015 09:11:48 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error
: (05/13/2015 07:21:23 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe


CodeIntegrity Errors
:
===================================
  
Date2015-04-30 03:14:43.773
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:43.269
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:42.753
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:42.028
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:41.634
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:41.306
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:39.941
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:39.414
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:38.745
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.

  
Date2015-04-30 03:14:38.176
  Description
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exeattempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 Antimalware signing level requirements.


==================== 
Memory info =========================== 

ProcessorIntel(RCore(TMi7-4702MQ CPU 2.20GHz
Percentage of memory in 
use: 38%
Total physical RAM8111.55 MB
Available physical RAM
5007.97 MB
Total Pagefile
9903.55 MB
Available Pagefile
6100.56 MB
Total Virtual
131072 MB
Available Virtual
131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:198.75 GB) (Free:4.24 GBNTFS
Drive d
: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GBNTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:97.56 GB) (Free:5.77 GBNTFS
Drive g
: () (Fixed) (Total:368.1 GB) (Free:2.2 GBNTFS
Drive h
: (Ich bin groß) (Fixed) (Total:732.42 GB) (Free:304.41 GBNTFS

==================== MBR Partition Table ==================

========================================================
Disk(MBR CodeWindows 7 or 8) (Size931.5 GB) (Disk ID48C452BE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)

========================================================
Disk(MBR CodeWindows 7 or 8) (Size465.8 GB) (Disk ID0DA1342C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

==================== 
End Of Log ============================ 
FRST

PHP-Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64Version14-05-2015 02
Ran by Durdelschön 
(administratoron BRUSH on 15-05-2015 17:42:14
Running from C
:\Users\Durdelschön\Downloads
Loaded Profiles
Durdelschön (Available profilesDurdelschön)
PlatformWindows 8.1 (X64OS LanguageDeutsch (Deutschland)
Internet Explorer Version 11 (Default browserOpera)
Boot ModeNormal
Tutorial 
for Farbar Recovery Scan Toolhxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If 
an entry is included in the fixlistthe process will be closedThe file will not be moved.)

(
NVIDIA CorporationC:\Windows\System32\nvvsvc.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA CorporationC:\Windows\System32\nvvsvc.exe
(Wacom TechnologyCorp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wacom TechnologyCorp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom TechnologyC:\Program Files\Tablet\Pen\WacomHost.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft CorporationC:\Windows\System32\dasHost.exe
(NVIDIA CorporationC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA CorporationC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA CorporationC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom TechnologyCorp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom TechnologyCorp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel CorporationC:\Windows\System32\igfxtray.exe
(Intel CorporationC:\Windows\System32\hkcmd.exe
(Intel CorporationC:\Windows\System32\igfxsrvc.exe
(Intel CorporationC:\Windows\System32\igfxpers.exe
(McAfeeInc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla CorporationC:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(VS Revo GroupC:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If 
an entry is included in the fixlistthe registry item will be restored to default or removedThe file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM
-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-15] (Avast Software s.r.o.)
Winlogon\Notify\igfxcuiC:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [Facebook Update] => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-18] (Facebook Inc.)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [Steam] => H:\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\MountPoints2: {57a6286d-6ce9-11e3-be74-00c2c62e9509} - "I:\LGAutoRun.exe" 
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: ,c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
StartupC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-05-02]
ShortcutTargetMcAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfeeInc.)
StartupC:\Users\Durdelschön\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-03-01]
ShortcutTargetDownload.lnk -> C:\ProgramData\{113cd23e-792d-f36f-113c-cd23e79248f9}\Download.exe (No File)
StartupC:\Users\Durdelschön\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-01]
ShortcutTargetDropbox.lnk -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-15] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\GooglePolicy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If 
an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Software\Microsoft\Internet Explorer\Main,Start Page hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache hxxp://t.de.msn.com/
SearchScopesHKLM -> {758E549F-6AF9-40F3-906C-B246399EAF11URL hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopesHKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3AURL 
SearchScopesHKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3AURL 
SearchScopesHKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3AURL 
SearchScopesHKU\S-1-5-21-2719917741-3841041876-3078627320-1001 -> DefaultScope {758E549F-6AF9-40F3-906C-B246399EAF11URL hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopesHKU\S-1-5-21-2719917741-3841041876-3078627320-1001 -> {758E549F-6AF9-40F3-906C-B246399EAF11URL hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHOavastOnline Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-15] (Avast Software s.r.o.)
BHO-x32avastOnline Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-15] (Avast Software s.r.o.)
Handler-x32skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer192.168.2.1

FireFox
:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-10-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-10-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Pluginadobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-12-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-10-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-10-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=-> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=-> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-12-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2719917741-3841041876-3078627320-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Durdelschön\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2719917741-3841041876-3078627320-1001wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension
Avast Online Security C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-15]

Chrome
=======
CHR devChrome dev build detected! <======= ATTENTION
CHR StartupUrls
: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR ProfileC:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-19]
CHR Extension: (Google Search) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-19]
CHR Extension: (Avast Online Security) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-15]
CHR Extension: (Gmail) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-15]

==================== 
Services (Whitelisted) =================

(If 
an entry is included in the fixlistthe service will be removed from the registryThe file will not be moved unless listed separately.)

R2 avastAntivirusC:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-15] (Avast Software s.r.o.)
S3 BthHFSrvC:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrackC:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 GfExperienceServiceC:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S3 McComponentHostServiceC:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfeeInc.)
R2 NvNetworkServiceC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvcC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 SwitchBoardC:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvcC:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefendC:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServiceConC:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom TechnologyCorp.)

==================== 
Drivers (Whitelisted) ====================

(If 
an entry is included in the fixlistthe service will be removed from the registryThe file will not be moved unless listed separately.)

S3 AndNetDiagC:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModemC:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
S3 andnetndisC:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2014-05-27] (LG Electronics Inc.)
R2 aswHwidC:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-15] ()
R2 aswMonFltC:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-15] (Avast Software s.r.o.)
R1 aswRdrC:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-15] (Avast Software s.r.o.)
R0 aswRvrtC:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-15] ()
R1 aswSnxC:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-15] (Avast Software s.r.o.)
R1 aswSPC:\Windows\system32\drivers\aswSP.sys [442264 2015-05-15] (Avast Software s.r.o.)
R2 aswStmC:\Windows\system32\drivers\aswStm.sys [137288 2015-05-15] (Avast Software s.r.o.)
R0 aswVmmC:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-15] ()
R3 NETwNe64C:\Windows\system32\DRIVERS\NETwew00.sys [3346912 2013-10-31] (Intel Corporation)
R3 NvStreamKmsC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensibleC:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 WdNisDrvC:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 MpKsl5d227bed; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38021227-6A02-4EF2-BA8C-C863992AEFF9}\MpKsl5d227bed.sys [X]

==================== 
NetSvcs (Whitelisted) ===================

(If 
an item is included in the fixlistit will be removed from the registryAny associated file could be listed separately to be moved.)


==================== 
One Month Created Files and Folders ========

(If 
an entry is included in the fixlistthe file\folder will be moved.)

2015-05-15 17:42 2015-05-15 17:42 00018621 _____ () C:\Users\Durdelschön\Downloads\FRST.txt
2015
-05-15 17:29 2015-05-15 17:42 00000000 ____D () C:\FRST
2015
-05-15 17:29 2015-05-15 17:29 02106368 _____ (FarbarC:\Users\Durdelschön\Downloads\FRST64.exe
2015
-05-15 17:29 2015-05-15 17:29 00001284 _____ () C:\Users\Durdelschön\Desktop\Revo Uninstaller.lnk
2015
-05-15 17:29 2015-05-15 17:29 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015
-05-15 17:28 2015-05-15 17:28 02623656 _____ (VS Revo Group Ltd.) C:\Users\Durdelschön\Downloads\revosetup95.exe
2015
-05-15 11:42 2015-05-15 11:42 00000000 __SHD () C:\Users\Durdelschön\AppData\Local\EmieBrowserModeList
2015
-05-15 10:07 2015-05-15 10:07 00000000 ____D () C:\Users\Durdelschön\AppData\Roaming\AVAST Software
2015
-05-15 10:06 2015-05-15 10:06 00003924 _____ () C:\WINDOWS\System32\Tasks\avastEmergency Update
2015
-05-15 10:06 2015-05-15 10:06 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015
-05-15 10:06 2015-05-15 10:06 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015
-05-15 10:05 2015-05-15 10:05 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015
-05-15 10:05 2015-05-15 10:05 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015
-05-15 10:05 2015-05-15 10:05 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015
-05-15 10:05 2015-05-15 10:05 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015
-05-15 10:05 2015-05-15 10:05 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015
-05-15 10:05 2015-05-15 10:05 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015
-05-15 10:05 2015-05-15 10:05 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015
-05-15 10:05 2015-05-15 10:05 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015
-05-15 10:05 2015-05-15 10:05 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015
-05-15 10:05 2015-05-15 10:05 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015
-05-15 09:41 2015-05-15 09:41 00000000 ____D () C:\Program Files\AVAST Software
2015
-05-15 09:39 2015-05-15 09:39 05481344 _____ (Avast Software s.r.o.) C:\Users\Durdelschön\Downloads\avast_free_antivirus_setup_online_cbild.exe
2015
-05-15 09:39 2015-05-15 09:39 00000000 ____D () C:\ProgramData\AVAST Software
2015
-05-15 09:24 2015-05-15 09:41 00000000 ____D () C:\AdwCleaner
2015
-05-15 09:24 2015-05-15 09:24 02209792 _____ () C:\Users\Durdelschön\Downloads\adwcleaner_4.204.exe
2015
-05-15 09:13 2015-05-15 09:13 00000000 _____ () C:\Users\Durdelschön\AppData\Local\Temp.dat
2015
-05-15 04:17 2015-04-22 23:11 40769589 _____ () C:\Users\Durdelschön\Desktop\Family.Guy.S10E14.HDTV.XviD-LOL.ebk.mp4
2015
-05-15 04:17 2015-04-22 23:10 39396200 _____ () C:\Users\Durdelschön\Desktop\Family.Guy.S10E13.HDTV.XviD-LOL.ebk.mp4
2015
-05-13 18:00 2015-04-30 22:35 00124112 _____ (Microsoft CorporationC:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015
-05-13 18:00 2015-04-30 22:35 00102608 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015
-05-13 11:35 2015-04-24 23:32 00036864 _____ (Microsoft CorporationC:\WINDOWS\system32\UtcResources.dll
2015
-05-13 11:35 2015-04-10 02:34 02256896 _____ (Microsoft CorporationC:\WINDOWS\system32\dwmcore.dll
2015
-05-13 11:35 2015-04-10 02:11 01943040 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\dwmcore.dll
2015
-05-13 11:35 2015-03-30 07:47 00561928 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\cng.sys
2015
-05-13 11:35 2015-03-27 05:27 00445440 _____ (Microsoft CorporationC:\WINDOWS\system32\certcli.dll
2015
-05-13 11:35 2015-03-27 04:50 00324096 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\certcli.dll
2015
-05-13 11:35 2015-03-27 04:48 01441792 _____ (Microsoft CorporationC:\WINDOWS\system32\lsasrv.dll
2015
-05-13 11:35 2015-03-20 03:56 00080384 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\ahcache.sys
2015
-05-13 11:35 2015-03-17 19:26 00467776 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015
-05-13 11:35 2015-03-11 03:49 00024576 _____ (Microsoft CorporationC:\WINDOWS\system32\sdbinst.exe
2015
-05-13 11:35 2015-03-11 03:09 00021504 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\sdbinst.exe
2015
-05-13 11:35 2015-03-09 04:02 00057856 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\bthhfenum.sys
2015
-05-13 11:35 2015-03-05 01:09 01429504 _____ (Microsoft CorporationC:\WINDOWS\system32\diagtrack.dll
2015
-05-13 11:35 2015-03-04 03:32 00172544 _____ (Microsoft CorporationC:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015
-05-13 11:35 2015-03-04 03:12 00141824 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015
-05-13 11:35 2015-01-30 02:53 02819584 _____ (Microsoft CorporationC:\WINDOWS\system32\SettingsHandlers.dll
2015
-05-13 11:35 2014-11-14 08:58 00116736 _____ (Microsoft CorporationC:\WINDOWS\system32\SystemSettingsDatabase.dll
2015
-05-13 11:34 2015-05-01 01:05 00429568 _____ (Microsoft CorporationC:\WINDOWS\system32\schannel.dll
2015
-05-13 11:34 2015-05-01 00:48 00358912 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\schannel.dll
2015
-05-13 11:34 2015-04-21 19:14 24971776 _____ (Microsoft CorporationC:\WINDOWS\system32\mshtml.dll
2015
-05-13 11:34 2015-04-14 00:48 04180480 _____ (Microsoft CorporationC:\WINDOWS\system32\win32k.sys
2015
-05-13 11:34 2015-04-10 03:00 01996800 _____ (Microsoft CorporationC:\WINDOWS\system32\DWrite.dll
2015
-05-13 11:34 2015-04-10 02:50 01387008 _____ (Microsoft CorporationC:\WINDOWS\system32\FntCache.dll
2015
-05-13 11:34 2015-04-10 02:26 01560576 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\DWrite.dll
2015
-05-13 11:34 2015-04-09 00:55 00410128 _____ (Microsoft CorporationC:\WINDOWS\system32\services.exe
2015
-05-13 11:34 2015-04-03 02:35 00445440 _____ (Microsoft CorporationC:\WINDOWS\system32\PhotoMetadataHandler.dll
2015
-05-13 11:34 2015-04-03 02:14 00364544 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015
-05-13 11:34 2015-04-02 00:22 02985984 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\dbgeng.dll
2015
-05-13 11:34 2015-04-02 00:20 04417536 _____ (Microsoft CorporationC:\WINDOWS\system32\dbgeng.dll
2015
-05-13 11:34 2015-04-01 05:45 01491456 _____ (Microsoft CorporationC:\WINDOWS\system32\dbghelp.dll
2015
-05-13 11:34 2015-04-01 04:31 01207296 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\dbghelp.dll
2015
-05-13 11:34 2015-03-13 06:03 00239424 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\sdbus.sys
2015
-05-13 11:34 2015-03-13 06:03 00154432 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\dumpsd.sys
2015
-05-13 11:34 2015-03-13 04:02 00316416 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\udfs.sys
2015
-05-13 11:34 2015-03-13 03:11 02162176 _____ (Microsoft CorporationC:\WINDOWS\system32\SRH.dll
2015
-05-13 11:34 2015-03-13 02:39 01812992 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\SRH.dll
2015
-05-13 11:34 2015-03-06 05:08 02067968 _____ (Microsoft CorporationC:\WINDOWS\system32\wpdshext.dll
2015
-05-13 11:34 2015-03-06 04:47 01696256 _____ (Microsoft CorporationC:\WINDOWS\system32\wevtsvc.dll
2015
-05-13 11:34 2015-03-06 04:43 01969664 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wpdshext.dll
2015
-05-13 11:34 2015-02-18 01:19 00186368 _____ (Microsoft CorporationC:\WINDOWS\system32\dpapisrv.dll
2015
-05-13 11:33 2015-04-21 18:50 00584192 _____ (Microsoft CorporationC:\WINDOWS\system32\vbscript.dll
2015
-05-13 11:33 2015-04-21 18:50 00417792 _____ (Microsoft CorporationC:\WINDOWS\system32\html.iec
2015
-05-13 11:33 2015-04-21 18:49 02885120 _____ (Microsoft CorporationC:\WINDOWS\system32\iertutil.dll
2015
-05-13 11:33 2015-04-21 18:37 00633856 _____ (Microsoft CorporationC:\WINDOWS\system32\ieui.dll
2015
-05-13 11:33 2015-04-21 18:35 00816640 _____ (Microsoft CorporationC:\WINDOWS\system32\jscript.dll
2015
-05-13 11:33 2015-04-21 18:31 06025728 _____ (Microsoft CorporationC:\WINDOWS\system32\jscript9.dll
2015
-05-13 11:33 2015-04-21 18:24 19691008 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\mshtml.dll
2015
-05-13 11:33 2015-04-21 18:13 00107520 _____ (Microsoft CorporationC:\WINDOWS\system32\inseng.dll
2015
-05-13 11:33 2015-04-21 18:11 00504320 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\vbscript.dll
2015
-05-13 11:33 2015-04-21 18:09 00341504 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\html.iec
2015
-05-13 11:33 2015-04-21 18:08 00092160 _____ (Microsoft CorporationC:\WINDOWS\system32\mshtmled.dll
2015
-05-13 11:33 2015-04-21 18:07 00145408 _____ (Microsoft CorporationC:\WINDOWS\system32\iepeers.dll
2015
-05-13 11:33 2015-04-21 18:05 00316928 _____ (Microsoft CorporationC:\WINDOWS\system32\dxtrans.dll
2015
-05-13 11:33 2015-04-21 18:04 02278400 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\iertutil.dll
2015
-05-13 11:33 2015-04-21 17:59 01032704 _____ (Microsoft CorporationC:\WINDOWS\system32\inetcomm.dll
2015
-05-13 11:33 2015-04-21 17:58 00664576 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\jscript.dll
2015
-05-13 11:33 2015-04-21 17:52 00262144 _____ (Microsoft CorporationC:\WINDOWS\system32\webcheck.dll
2015
-05-13 11:33 2015-04-21 17:49 00801280 _____ (Microsoft CorporationC:\WINDOWS\system32\msfeeds.dll
2015
-05-13 11:33 2015-04-21 17:49 00720384 _____ (Microsoft CorporationC:\WINDOWS\system32\ie4uinit.exe
2015
-05-13 11:33 2015-04-21 17:49 00374272 _____ (Microsoft CorporationC:\WINDOWS\system32\iedkcs32.dll
2015
-05-13 11:33 2015-04-21 17:46 02125824 _____ (Microsoft CorporationC:\WINDOWS\system32\inetcpl.cpl
2015
-05-13 11:33 2015-04-21 17:40 14401536 _____ (Microsoft CorporationC:\WINDOWS\system32\ieframe.dll
2015
-05-13 11:33 2015-04-21 17:38 00076288 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\mshtmled.dll
2015
-05-13 11:33 2015-04-21 17:37 00128000 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\iepeers.dll
2015
-05-13 11:33 2015-04-21 17:36 00285696 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\dxtrans.dll
2015
-05-13 11:33 2015-04-21 17:32 00880128 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\inetcomm.dll
2015
-05-13 11:33 2015-04-21 17:31 04305920 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\jscript9.dll
2015
-05-13 11:33 2015-04-21 17:28 00230400 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\webcheck.dll
2015
-05-13 11:33 2015-04-21 17:27 02352128 _____ (Microsoft CorporationC:\WINDOWS\system32\wininet.dll
2015
-05-13 11:33 2015-04-21 17:26 00688640 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\msfeeds.dll
2015
-05-13 11:33 2015-04-21 17:26 00327168 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\iedkcs32.dll
2015
-05-13 11:33 2015-04-21 17:25 02052608 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\inetcpl.cpl
2015
-05-13 11:33 2015-04-21 17:17 12828672 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\ieframe.dll
2015
-05-13 11:33 2015-04-21 17:15 01547264 _____ (Microsoft CorporationC:\WINDOWS\system32\urlmon.dll
2015
-05-13 11:33 2015-04-21 17:03 00800768 _____ (Microsoft CorporationC:\WINDOWS\system32\ieapfltr.dll
2015
-05-13 11:33 2015-04-21 17:02 01882112 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wininet.dll
2015
-05-13 11:33 2015-04-21 16:58 01310208 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\urlmon.dll
2015
-05-13 11:33 2015-04-21 16:56 00710144 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\ieapfltr.dll
2015
-05-13 11:33 2015-03-13 02:29 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015
-05-12 19:13 2015-05-12 19:14 165602873 _____ () C:\Users\Durdelschön\Desktop\diese bösen.mp4
2015
-05-12 18:59 2015-05-12 18:59 12831337 _____ () C:\Users\Durdelschön\Downloads\video-1431449844.mp4.mp4
2015
-05-12 13:28 2015-05-12 13:28 05718497 _____ () C:\Users\Durdelschön\Downloads\video-1431429961.mp4.mp4
2015
-05-11 23:29 2015-05-11 23:32 666332108 _____ () C:\Users\Durdelschön\Desktop\teddy sleeepy.mp4
2015
-05-11 08:04 2015-05-15 17:14 00004756 _____ () C:\WINDOWS\setupact.log
2015
-05-11 08:04 2015-05-11 08:04 00000000 _____ () C:\WINDOWS\setuperr.log
2015
-05-09 06:31 2015-05-11 21:41 00012774 _____ () C:\Users\Durdelschön\Desktop\Mein Film.wlmp
2015
-05-08 21:48 2000-01-01 01:06 2220902152 ____N () C:\Users\Durdelschön\Desktop\MVI_2926.MOV
2015
-05-08 13:04 2015-05-08 13:04 01203488 _____ () C:\Users\Durdelschön\Downloads\PosteRazor CHIP-Installer.exe
2015
-05-08 12:34 2015-05-08 12:34 00000107 ____H () C:\Users\Durdelschön\Downloads\.~lock.15_05_07-Prüfungsleistung-Teil-1.docx#
2015-05-08 10:43 2015-05-08 10:43 00016090 _____ () C:\Users\Durdelschön\Downloads\Modern.Family.S06E22.HDTV.x264-LOL[ettv].torrent
2015
-05-04 16:27 2015-05-04 16:27 00013407 _____ () C:\Users\Durdelschön\Desktop\Budai internet.odt
2015
-05-04 16:27 2015-05-04 16:27 00000107 ____H () C:\Users\Durdelschön\Desktop\.~lock.Budai internet.odt#
2015-05-03 16:19 2015-05-03 16:20 05857851 _____ () C:\Users\Durdelschön\Downloads\video-1412428727.mp4.mp4
2015
-05-03 13:46 2015-05-03 13:47 02904502 _____ () C:\Users\Durdelschön\Downloads\video-1430653607.mp4.mp4
2015
-04-30 18:18 2015-05-05 19:23 00010377 _____ () C:\Users\Durdelschön\Desktop\Lilly.ods
2015
-04-30 13:29 2015-04-30 13:33 163765692 _____ () C:\Users\Durdelschön\Downloads\Tribal Journeys_ The Toulambi (1_2)(360p_VP8-Vorbis).webm
2015
-04-30 05:38 2015-04-30 05:38 00016525 _____ () C:\Users\Durdelschön\Desktop\Unbenannt 1.odt
2015
-04-27 17:58 2015-04-27 17:58 00000216 _____ () C:\Users\Durdelschön\.swfinfo
2015
-04-24 07:43 2015-04-24 07:43 00025069 _____ () C:\Users\Durdelschön\Downloads\Download
2015
-04-23 16:01 2000-01-01 01:00 197480560 ____N () C:\Users\Durdelschön\Desktop\MVI_2908.MOV
2015
-04-21 03:46 2015-04-21 03:46 00002231 _____ () C:\Users\Durdelschön\Downloads\DUS_Abfallkalender_Stand_20150420.ics
2015
-04-16 20:10 2015-04-16 20:12 485221783 _____ () C:\Users\Durdelschön\Desktop\teddy schildis.mp4
2015
-04-16 19:46 2015-04-16 19:51 00000000 ____D () C:\Users\Durdelschön\Desktop\vidz
2015
-04-15 21:25 2015-04-15 21:25 00000000 ____D () C:\WINDOWS\system32\appraiser
2015
-04-15 09:16 2015-03-23 23:59 07476032 _____ (Microsoft CorporationC:\WINDOWS\system32\ntoskrnl.exe
2015
-04-15 09:16 2015-03-23 23:59 01733952 _____ (Microsoft CorporationC:\WINDOWS\system32\ntdll.dll
2015
-04-15 09:16 2015-03-23 23:59 00360480 _____ (Microsoft CorporationC:\WINDOWS\system32\sechost.dll
2015
-04-15 09:16 2015-03-23 23:58 01498872 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\ntdll.dll
2015
-04-15 09:16 2015-03-23 23:45 00257216 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\sechost.dll
2015
-04-15 09:16 2015-03-20 06:12 00246272 _____ (Microsoft CorporationC:\WINDOWS\system32\microsoft-windows-system-events.dll
2015
-04-15 09:16 2015-03-20 06:10 00285184 _____ (Microsoft CorporationC:\WINDOWS\system32\wow64.dll
2015
-04-15 09:16 2015-03-20 06:10 00013312 _____ (Microsoft CorporationC:\WINDOWS\system32\wow64cpu.dll
2015
-04-15 09:16 2015-03-20 05:17 00411648 _____ (Microsoft CorporationC:\WINDOWS\system32\tracerpt.exe
2015
-04-15 09:16 2015-03-20 04:41 00369152 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\tracerpt.exe
2015
-04-15 09:16 2015-03-20 04:40 00950784 _____ (Microsoft CorporationC:\WINDOWS\system32\tdh.dll
2015
-04-15 09:16 2015-03-20 04:16 00749568 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\tdh.dll
2015
-04-15 09:16 2015-03-14 10:20 01385256 _____ (Microsoft CorporationC:\WINDOWS\system32\msctf.dll
2015
-04-15 09:16 2015-03-14 10:13 01124352 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\msctf.dll
2015
-04-15 09:16 2015-02-21 01:49 00780800 _____ (Microsoft CorporationC:\WINDOWS\system32\lsm.dll
2015
-04-15 09:15 2015-03-14 10:54 00133256 _____ (Microsoft CorporationC:\WINDOWS\system32\wuauclt.exe
2015
-04-15 09:15 2015-03-14 03:56 00066048 _____ (Microsoft CorporationC:\WINDOWS\system32\wups.dll
2015
-04-15 09:15 2015-03-14 03:56 00052224 _____ (Microsoft CorporationC:\WINDOWS\system32\wups2.dll
2015
-04-15 09:15 2015-03-14 03:51 00015360 _____ (Microsoft CorporationC:\WINDOWS\system32\wu.upgrade.ps.dll
2015
-04-15 09:15 2015-03-14 03:37 00267264 _____ (Microsoft CorporationC:\WINDOWS\system32\WinSetupUI.dll
2015
-04-15 09:15 2015-03-14 03:14 00027136 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wups.dll
2015
-04-15 09:15 2015-03-14 02:22 03678720 _____ (Microsoft CorporationC:\WINDOWS\system32\wuaueng.dll
2015
-04-15 09:15 2015-03-14 02:12 00140288 _____ (Microsoft CorporationC:\WINDOWS\system32\wuwebv.dll
2015
-04-15 09:15 2015-03-14 02:12 00035840 _____ (Microsoft CorporationC:\WINDOWS\system32\wuapp.exe
2015
-04-15 09:15 2015-03-14 02:09 00200192 _____ (Microsoft CorporationC:\WINDOWS\system32\storewuauth.dll
2015
-04-15 09:15 2015-03-14 02:08 00408064 _____ (Microsoft CorporationC:\WINDOWS\system32\WUSettingsProvider.dll
2015
-04-15 09:15 2015-03-14 02:08 00095744 _____ (Microsoft CorporationC:\WINDOWS\system32\wudriver.dll
2015
-04-15 09:15 2015-03-14 02:06 02373632 _____ (Microsoft CorporationC:\WINDOWS\system32\wucltux.dll
2015
-04-15 09:15 2015-03-14 02:06 00891392 _____ (Microsoft CorporationC:\WINDOWS\system32\wuapi.dll
2015
-04-15 09:15 2015-03-14 02:02 00124928 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wuwebv.dll
2015
-04-15 09:15 2015-03-14 02:02 00029696 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wuapp.exe
2015
-04-15 09:15 2015-03-14 01:59 00721920 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wuapi.dll
2015
-04-15 09:15 2015-03-14 01:59 00081920 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\wudriver.dll
2015
-04-15 09:15 2015-03-13 04:58 00259072 _____ (Microsoft CorporationC:\WINDOWS\system32\pku2u.dll
2015
-04-15 09:15 2015-03-13 04:37 00208896 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\pku2u.dll
2015
-04-15 09:15 2015-03-04 12:25 00377152 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\clfs.sys
2015
-04-15 09:15 2015-03-04 05:04 00075264 _____ (Microsoft CorporationC:\WINDOWS\system32\clfsw32.dll
2015
-04-15 09:15 2015-03-04 04:19 00058880 _____ (Microsoft CorporationC:\WINDOWS\SysWOW64\clfsw32.dll
2015
-04-15 09:15 2015-02-24 10:32 00991552 _____ (Microsoft CorporationC:\WINDOWS\system32\Drivers\http.sys
2015
-04-15 09:14 2015-03-23 00:45 00227328 _____ (Microsoft CorporationC:\WINDOWS\system32\aepdu.dll
2015
-04-15 09:14 2015-03-23 00:09 01111552 _____ (Microsoft CorporationC:\WINDOWS\system32\aeinv.dll
2015
-04-15 09:14 2015-03-23 00:09 00957440 _____ (Microsoft CorporationC:\WINDOWS\system32\appraiser.dll
2015
-04-15 09:14 2015-03-23 00:09 00769024 _____ (Microsoft CorporationC:\WINDOWS\system32\invagent.dll
2015
-04-15 09:14 2015-03-23 00:09 00726528 _____ (Microsoft CorporationC:\WINDOWS\system32\generaltel.dll
2015
-04-15 09:14 2015-03-23 00:09 00419328 _____ (Microsoft CorporationC:\WINDOWS\system32\devinv.dll
2015
-04-15 09:14 2015-03-23 00:09 00030720 _____ (Microsoft CorporationC:\WINDOWS\system32\acmigration.dll
2015
-04-15 09:14 2014-12-03 01:09 00192000 _____ (Microsoft CorporationC:\WINDOWS\system32\aepic.dll

==================== One Month Modified Files and Folders =======

(If 
an entry is included in the fixlistthe file\folder will be moved.)

2015-05-15 17:40 2014-06-22 10:46 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015
-05-15 17:38 2014-01-19 01:17 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2719917741-3841041876-3078627320-1001
2015
-05-15 17:30 2014-01-19 01:03 01987025 _____ () C:\WINDOWS\WindowsUpdate.log
2015
-05-15 17:29 2014-01-19 01:29 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015
-05-15 17:28 2014-08-18 17:23 00000964 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA.job
2015
-05-15 17:28 2014-08-18 17:23 00000942 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core.job
2015
-05-15 17:15 2014-01-19 01:29 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015
-05-15 17:13 2013-08-22 16:45 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015
-05-15 17:10 2013-08-22 15:25 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015
-05-15 17:00 2013-08-22 17:36 00000000 ____D () C:\WINDOWS\system32\sru
2015
-05-15 13:24 2014-01-19 01:29 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015
-05-15 13:24 2014-01-19 01:29 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015
-05-15 10:35 2014-01-19 01:26 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1783AAA-AF45-4F53-8926-C45EEE141E36}
2015-05-15 09:46 2014-12-19 21:49 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015
-05-15 09:46 2013-08-22 16:44 05011776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015
-05-15 09:45 2014-12-19 21:49 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015
-05-15 09:42 2013-08-22 17:36 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015
-05-15 09:42 2013-08-22 15:36 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015
-05-15 09:41 2014-01-19 01:02 00000000 ____D () C:\Users\Durdelschön
2015
-05-15 09:16 2014-01-20 01:27 00000000 ____D () C:\Users\Durdelschön\AppData\Roaming\vlc
2015
-05-15 09:00 2014-01-23 14:04 00000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-PNG-Format Voreinstellungen
2015
-05-15 06:51 2015-03-01 13:24 00000000 ____D () C:\ProgramData\318918782725639969
2015
-05-15 04:17 2015-04-08 18:52 00000000 ____D () C:\Users\Durdelschön\AppData\Local\JDownloader 2.0
2015
-05-15 03:16 2014-06-23 00:51 00000000 ____D () C:\Users\Durdelschön\AppData\Local\Adobe
2015
-05-15 03:15 2014-05-02 10:46 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015
-05-14 13:36 2013-08-22 17:36 00000000 ____D () C:\WINDOWS\AppReadiness
2015
-05-13 18:10 2013-08-22 17:20 00000000 ____D () C:\WINDOWS\CbsTemp
2015
-05-13 17:57 2014-01-20 23:37 00000000 ____D () C:\WINDOWS\system32\MRT
2015
-05-13 16:14 2014-01-20 23:37 140425016 _____ (Microsoft CorporationC:\WINDOWS\system32\MRT.exe
2015
-05-13 16:02 2014-12-19 21:49 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015
-05-13 15:44 2013-08-23 01:26 00000000 ____D () C:\Program Files\Windows Journal
2015
-05-10 12:03 2015-03-09 06:08 00000020 _____ () C:\Users\Durdelschön\AppData\Roaming\appdataFr3.bin
2015
-05-09 10:28 2014-08-25 19:11 00000000 ____D () C:\Users\Durdelschön\Desktop\whatever
2015
-05-08 20:40 2014-01-26 18:25 00000000 ____D () C:\Users\Durdelschön\AppData\Local\Windows Live
2015
-05-08 13:05 2014-05-09 15:07 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosteRazor
2015
-05-08 13:05 2014-05-09 15:07 00000000 ____D () C:\Program Files (x86)\PosteRazor
2015
-05-05 19:59 2015-03-14 10:26 00792568 _____ (Adobe Systems IncorporatedC:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015
-05-05 19:59 2015-03-14 10:26 00178168 _____ (Adobe Systems IncorporatedC:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015
-05-02 21:30 2014-01-19 01:06 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015
-05-02 21:30 2013-08-23 01:24 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015
-05-02 21:30 2013-08-23 01:24 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015
-04-28 21:05 2014-06-17 12:34 00003846 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1400175085
2015
-04-28 21:05 2014-05-15 19:31 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015
-04-28 21:05 2014-05-15 19:31 00000000 ____D () C:\Program Files (x86)\Opera
2015
-04-19 11:40 2013-08-22 17:36 00000000 ____D () C:\WINDOWS\system32\NDF
2015
-04-17 15:30 2013-08-22 17:36 00000000 ____D () C:\WINDOWS\rescache
2015
-04-16 11:46 2013-08-22 17:36 00000000 ____D () C:\WINDOWS\AppCompat
2015
-04-15 21:25 2015-03-14 10:14 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015
-04-15 09:14 2014-11-12 09:40 00017408 _____ (Microsoft CorporationC:\WINDOWS\system32\wuaext.dll

==================== Files in the root of some directories =======

2014-05-17 11:16 2014-05-27 14:03 0000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-BMP-Format Voreinstellungen
2014
-01-23 14:04 2015-05-15 09:00 0000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-PNG-Format Voreinstellungen
2015
-03-09 06:08 2015-05-10 12:03 0000020 _____ () C:\Users\Durdelschön\AppData\Roaming\appdataFr3.bin
2014
-01-19 02:27 2015-02-17 01:27 0000198 _____ () C:\Users\Durdelschön\AppData\Roaming\WB.CFG
2014
-02-20 13:27 2015-03-05 21:51 0001456 _____ () C:\Users\Durdelschön\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015
-03-14 10:11 2015-03-18 11:00 0000410 _____ () C:\Users\Durdelschön\AppData\Local\Temp-log.txt
2015
-05-15 09:13 2015-05-15 09:13 0000000 _____ () C:\Users\Durdelschön\AppData\Local\Temp.dat

Some content of TEMP
:
====================
C:\Users\Durdelschön\AppData\Local\Temp\proxy_vole8857952343291013203.dll
C
:\Users\Durdelschön\AppData\Local\Temp\Quarantine.exe
C
:\Users\Durdelschön\AppData\Local\Temp\sqlite3.dll


==================== Bamital volsnap Check =================

(
There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C
:\Windows\System32\wininit.exe => File is digitally signed
C
:\Windows\explorer.exe => File is digitally signed
C
:\Windows\SysWOW64\explorer.exe => File is digitally signed
C
:\Windows\System32\svchost.exe => File is digitally signed
C
:\Windows\SysWOW64\svchost.exe => File is digitally signed
C
:\Windows\System32\services.exe => File is digitally signed
C
:\Windows\System32\User32.dll => File is digitally signed
C
:\Windows\SysWOW64\User32.dll => File is digitally signed
C
:\Windows\System32\userinit.exe => File is digitally signed
C
:\Windows\SysWOW64\userinit.exe => File is digitally signed
C
:\Windows\System32\rpcss.dll => File is digitally signed
C
:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack
2015-05-11 11:01

==================== End Of Log ============================ 

Alt 16.05.2015, 19:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 16.05.2015, 20:02   #3
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Ja mit AVAST! Aber ich kann die file, die sich nach dem scan automatisch geöffnet hat nicht mehr finden da sich der pc nach dem scan aufgehangen hat und ich den pc neu starten musste. Da war sie dann verschwunden. Konnte sie auch nicht mehr unter der "zuletzt geöffneten" finden.
__________________

Alt 16.05.2015, 20:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Log Dateien Avast 2015 / 2014 / 8 / 7 / 6: C:\ProgramData\AVAST Software\Avast\log
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.05.2015, 20:27   #5
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Zitat:
Zitat von cosinus Beitrag anzeigen
Log Dateien Avast 2015 / 2014 / 8 / 7 / 6: C:\ProgramData\AVAST Software\Avast\log
Welche der 30. stück?

hxxp://fs1.directupload.net/images/150516/9jf7ihje.png



Tut mir leid das ich so blöd frag, aber ich hatte so ein Problem noch nie! Danke nochmal für die Hilfe!


Alt 16.05.2015, 20:32   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Poste mal bitte: eventlog, selfdef, aswAr und nshield
__________________
--> Chrome/Opera öffnet werbe-tabs automatisch!

Alt 16.05.2015, 20:40   #7
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Zitat:
Zitat von cosinus Beitrag anzeigen
Poste mal bitte: eventlog, selfdef, aswAr und nshield

eventlog:

Code:
ATTFilter
15.05.2015	10:06:45	RefreshStaticAccountData thr. 1596
15.05.2015	10:07:22	Maj 6 Min 2 GetVersionEx 6.2 Stored 5.0
15.05.2015	10:07:22	[00001640] RegisterAVASFirewall preVista 0 pszProductName avast! Antivirus pszProductExe C:\Program Files\AVAST Software\Avast\VisthAux.exe firewall 0 OnlyFirewall 0
15.05.2015	10:07:22	[00001640] WaitForWscService( 600 ) -> true, SCM OK wsc OK err 0
15.05.2015	10:07:35	[00001640] Register AV OK
15.05.2015	10:07:35	[00001640] WaitForWscService( 600 ) -> true, SCM OK wsc OK err 0
15.05.2015	10:07:35	[00001640] Register AS OK
15.05.2015	10:07:35	[00001640] WriteAVASFirewallStat SignUpToDate 1 preVis0 IsWin81 ExpPrg 0 Fw 0 Fs 1
15.05.2015	10:07:35	[00001640] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
15.05.2015	10:07:36	[00001640] UpdateStatus AV OK status 0 sign 1
15.05.2015	10:07:36	[00001640] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
15.05.2015	10:07:36	[00001640] UpdateStatus AS OK status 0 sign 1
15.05.2015	17:14:20	RefreshStaticAccountData thr. 2456
15.05.2015	17:14:57	Maj 6 Min 2 GetVersionEx 6.2 Stored 6.2
15.05.2015	17:14:57	[00001074] WriteAVASFirewallStat SignUpToDate 1 preVis0 IsWin81 ExpPrg 0 Fw 0 Fs 1
15.05.2015	17:14:58	[00001074] WaitForWscService( 839 ) -> true, SCM OK wsc OK err 0
15.05.2015	17:15:15	[00001074] UpdateStatus AV OK status 0 sign 1
15.05.2015	17:15:16	[00001074] WaitForWscService( 832 ) -> true, SCM OK wsc OK err 0
15.05.2015	17:15:16	[00001074] UpdateStatus AS OK status 0 sign 1
15.05.2015	22:22:49	Maj 6 Min 2 GetVersionEx 6.2 Stored 6.2
15.05.2015	22:22:49	[0000137C] WriteAVASFirewallStat SignUpToDate 1 preVis0 IsWin81 ExpPrg 0 Fw 0 Fs 1
15.05.2015	22:22:49	[0000137C] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
15.05.2015	22:22:50	[0000137C] UpdateStatus AV OK status 0 sign 1
15.05.2015	22:22:50	[0000137C] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
15.05.2015	22:22:50	[0000137C] UpdateStatus AS OK status 0 sign 1
16.05.2015	14:03:13	Maj 6 Min 2 GetVersionEx 6.2 Stored 6.2
16.05.2015	14:03:13	[00000518] WriteAVASFirewallStat SignUpToDate 1 preVis0 IsWin81 ExpPrg 0 Fw 0 Fs 1
16.05.2015	14:03:13	[00000518] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
16.05.2015	14:03:15	[00000518] UpdateStatus AV OK status 0 sign 1
16.05.2015	14:03:15	[00000518] WaitForWscService( 840 ) -> true, SCM OK wsc OK err 0
16.05.2015	14:03:15	[00000518] UpdateStatus AS OK status 0 sign 1
16.05.2015	17:42:18	RefreshStaticAccountData thr. 5412
         
selfdef:

Code:
ATTFilter
揈16.05.2015 10:48:58	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc110.crt_2036b14a11e83e4a_none_c373722873c01144 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:48:58	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc110.crt_2036b14a11e83e4a_none_c373722873c01144\11.0 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:48:59	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_465fa0e2615861d0 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:48:59	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_465fa0e2615861d0\11.0 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:48:59	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc110.crt_2036b14a11e83e4a_none_0b20a8ff883c3a4a verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:48:59	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc110.crt_2036b14a11e83e4a_none_0b20a8ff883c3a4a\11.0 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:49:00	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_5679bb9c25dbf18d verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
16.05.2015 10:49:00	Schreibzugriff auf den Registrierungsschlüssel \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_5679bb9c25dbf18d\11.0 verweigert. [C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe]
         
aswAr:

Code:
ATTFilter
avast! Antirootkit, version 1.0
Scan started: Freitag, 15. Mai 2015 17:23:44

Process  [0] 
Process  [4] 
Process C:\Windows\System32\smss.exe [492] 
Process C:\Windows\System32\csrss.exe [608] 
Process C:\Windows\System32\wininit.exe [692] 
Process C:\Windows\System32\csrss.exe [712] 
Process C:\Windows\System32\services.exe [768] 
Process C:\Windows\System32\lsass.exe [776] 
Process C:\Windows\System32\winlogon.exe [812] 
Process C:\Windows\System32\svchost.exe [888] 
Process C:\Windows\System32\svchost.exe [928] 
Process C:\Windows\System32\dwm.exe [96] 
Process C:\Windows\System32\nvvsvc.exe [372] 
Process C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [436] 
Process C:\Windows\System32\nvvsvc.exe [444] 
Process C:\Windows\System32\svchost.exe [460] 
Process C:\Windows\System32\svchost.exe [508] 
Process C:\Windows\System32\svchost.exe [600] 
Process C:\Windows\System32\svchost.exe [972] 
Process C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [1160] 
Process C:\Windows\System32\svchost.exe [1240] 
Process C:\Windows\explorer.exe [1404] 
Process C:\Program Files\AVAST Software\Avast\AvastSvc.exe [1436] 
Process C:\Program Files\Tablet\Pen\Pen_TabletUser.exe [1916] 
Process C:\Program Files\Tablet\Pen\WacomHost.exe [1924] 
Process C:\Windows\System32\spoolsv.exe [2044] 
Process C:\Windows\System32\svchost.exe [1224] 
Process C:\Windows\System32\taskhostex.exe [1368] 
Process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2172] 
Process C:\Windows\System32\svchost.exe [2272] 
Process C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2292] 
Process C:\Windows\System32\dasHost.exe [2344] 
Process C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2352] 
Process C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2400] 
Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2484] 
Process C:\Windows\System32\svchost.exe [2652] 
Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2752] 
Process C:\Windows\System32\conhost.exe [2768] 
Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2776] 
Process C:\Windows\System32\conhost.exe [2784] 
Process C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1076] 
Process C:\Windows\System32\svchost.exe [1016] 
Process C:\Windows\System32\svchost.exe [2716] 
Process C:\Program Files\Tablet\Pen\Pen_Tablet.exe [3536] 
Process C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [3568] 
Process C:\Windows\System32\SearchIndexer.exe [4020] 
Process C:\Windows\System32\wbem\WmiPrvSE.exe [3272] 
Process C:\Windows\System32\igfxtray.exe [1620] 
Process C:\Windows\System32\hkcmd.exe [3864] 
Process C:\Windows\System32\igfxsrvc.exe [3968] 
Process C:\Windows\System32\igfxpers.exe [1688] 
Process C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [2628] 
Process C:\Program Files\AVAST Software\Avast\avastui.exe [4072] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4104] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4484] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4760] 
Process C:\Windows\System32\wbem\unsecapp.exe [4828] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4856] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4076] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4048] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1732] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2912] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [456] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [3248] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2972] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1536] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [3148] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5028] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [3416] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [4680] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1548] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [3192] 
Process C:\Windows\System32\audiodg.exe [4920] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1416] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5152] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [6028] 
Process C:\Windows\System32\svchost.exe [1644] 
Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [6000] 
VM: Intel CPU supported virtualized 
Disk 0 MBR read successfully
Disk 0 MBR scan
VM: statistics 0/49 @ 0,52 MB/s
Service .NET CLR Data [???] 
Service .NET CLR Networking [???] 
Service .NET CLR Networking 4.0.0.0 [???] 
Service .NET Data Provider for Oracle [???] 
Service .NET Data Provider for SqlServer [???] 
Service .NET Memory Cache 4.0 [???] 
Service .NETFramework [???] 
Service 1394ohci [C:\WINDOWS\System32\drivers\1394ohci.sys] 
Service 3ware [C:\WINDOWS\System32\drivers\3ware.sys] 
Service ACPI [C:\WINDOWS\System32\drivers\ACPI.sys] 
Service acpiex [C:\WINDOWS\System32\Drivers\acpiex.sys] 
Service acpipagr [C:\WINDOWS\System32\drivers\acpipagr.sys] 
Service AcpiPmi [C:\WINDOWS\System32\drivers\acpipmi.sys] 
Service acpitime [C:\WINDOWS\System32\drivers\acpitime.sys] 
Service AdobeARMservice [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe] 
Service AdobeFlashPlayerUpdateSvc [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] 
Service ADP80XX [C:\WINDOWS\System32\drivers\ADP80XX.SYS] 
Service adsi [???] 
Service AeLookupSvc [C:\WINDOWS\System32\aelupsvc.dll] 
Service AFD [C:\WINDOWS\system32\drivers\afd.sys] 
Service agp440 [C:\WINDOWS\System32\drivers\agp440.sys] 
Service ahcache [C:\WINDOWS\system32\DRIVERS\ahcache.sys] 
Service ALG [C:\WINDOWS\System32\alg.exe] 
Service AmdK8 [C:\WINDOWS\System32\drivers\amdk8.sys] 
Service AmdPPM [C:\WINDOWS\System32\drivers\amdppm.sys] 
Service amdsata [C:\WINDOWS\System32\drivers\amdsata.sys] 
Service amdsbs [C:\WINDOWS\System32\drivers\amdsbs.sys] 
Service amdxata [C:\WINDOWS\System32\drivers\amdxata.sys] 
Service AndNetDiag [C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys] 
Service ANDNetModem [C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys] 
Service andnetndis [C:\WINDOWS\system32\DRIVERS\lgandnetndis64.sys] 
Service AppID [C:\WINDOWS\system32\drivers\appid.sys] 
Service AppIDSvc [C:\WINDOWS\System32\appidsvc.dll] 
Service Appinfo [C:\WINDOWS\System32\appinfo.dll] 
Service AppReadiness [C:\WINDOWS\system32\AppReadiness.dll] 
Service AppXSvc [C:\WINDOWS\system32\appxdeploymentserver.dll] 
Service arcsas [C:\WINDOWS\System32\drivers\arcsas.sys] 
Service aswHwid [C:\WINDOWS\system32\drivers\aswHwid.sys] 
Service aswMonFlt [C:\WINDOWS\system32\drivers\aswMonFlt.sys] 
Service aswRdr [C:\WINDOWS\system32\drivers\aswRdr2.sys] 
Service aswRvrt [C:\WINDOWS\System32\Drivers\aswRvrt.sys] 
Service aswSnx [C:\WINDOWS\system32\drivers\aswSnx.sys] 
Service aswSP [C:\WINDOWS\system32\drivers\aswSP.sys] 
Service aswStm [C:\WINDOWS\system32\drivers\aswStm.sys] 
Service aswVmm [C:\WINDOWS\System32\Drivers\aswVmm.sys] 
Service AsyncMac [C:\WINDOWS\system32\DRIVERS\asyncmac.sys] 
Service atapi [C:\WINDOWS\System32\drivers\atapi.sys] 
Service AudioEndpointBuilder [C:\WINDOWS\System32\AudioEndpointBuilder.dll] 
Service Audiosrv [C:\WINDOWS\System32\Audiosrv.dll] 
Service avast! Antivirus [C:\Program Files\AVAST Software\Avast\AvastSvc.exe] 
Service AxInstSV [C:\WINDOWS\System32\AxInstSV.dll] 
Service b06bdrv [C:\WINDOWS\System32\drivers\bxvbda.sys] 
Service BasicDisplay [C:\WINDOWS\System32\drivers\BasicDisplay.sys] 
Service BasicRender [C:\WINDOWS\System32\drivers\BasicRender.sys] 
Service BattC [???] 
Service bcmfn2 [C:\WINDOWS\System32\drivers\bcmfn2.sys] 
Service BDESVC [C:\WINDOWS\System32\bdesvc.dll] 
Service Beep [C:\WINDOWS\System32\Drivers\Beep.sys] 
Service BFE [C:\WINDOWS\System32\bfe.dll] 
Service BITS [C:\WINDOWS\System32\qmgr.dll] 
Service bowser [C:\WINDOWS\system32\DRIVERS\bowser.sys] 
Service BrokerInfrastructure [C:\WINDOWS\System32\bisrv.dll] 
Service Browser [C:\WINDOWS\System32\browser.dll] 
Service BthAvrcpTg [C:\WINDOWS\System32\drivers\BthAvrcpTg.sys] 
Service BthEnum [C:\WINDOWS\System32\drivers\BthEnum.sys] 
Service BthHFEnum [C:\WINDOWS\System32\drivers\bthhfenum.sys] 
Service bthhfhid [C:\WINDOWS\System32\drivers\BthHFHid.sys] 
Service BthHFSrv [C:\WINDOWS\System32\BthHFSrv.dll] 
Service BTHMODEM [C:\WINDOWS\System32\drivers\bthmodem.sys] 
Service BthPan [C:\WINDOWS\System32\drivers\bthpan.sys] 
Service BTHPORT [C:\WINDOWS\System32\Drivers\BTHport.sys] 
Service bthserv [C:\WINDOWS\system32\bthserv.dll] 
Service BTHUSB [C:\WINDOWS\System32\Drivers\BTHUSB.sys] 
Service cdfs [C:\WINDOWS\system32\DRIVERS\cdfs.sys] 
Service cdrom [C:\WINDOWS\System32\drivers\cdrom.sys] 
Service CertPropSvc [C:\WINDOWS\System32\certprop.dll] 
Service circlass [C:\WINDOWS\System32\drivers\circlass.sys] 
Service CLFS [C:\WINDOWS\System32\drivers\CLFS.sys] 
Service clr_optimization_v2.0.50727_32 [???] 
Service clr_optimization_v2.0.50727_64 [???] 
Service clr_optimization_v4.0.30319_32 [???] 
Service clr_optimization_v4.0.30319_64 [???] 
Service CmBatt [C:\WINDOWS\System32\drivers\CmBatt.sys] 
Service CNG [C:\WINDOWS\System32\Drivers\cng.sys] 
Service CngHwAssist [???] 
Service CompositeBus [C:\WINDOWS\System32\drivers\CompositeBus.sys] 
Service COMSysApp [C:\WINDOWS\system32\dllhost.exe] 
Service condrv [C:\WINDOWS\System32\drivers\condrv.sys] 
Service cphs [C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe] 
Service crypt32 [???] 
Service CryptSvc [C:\WINDOWS\system32\cryptsvc.dll] 
Service dam [C:\WINDOWS\system32\drivers\dam.sys] 
Service DCLocator [???] 
Service DcomLaunch [C:\WINDOWS\system32\rpcss.dll] 
Service defragsvc [C:\WINDOWS\System32\defragsvc.dll] 
Service DeviceAssociationService [C:\WINDOWS\system32\das.dll] 
Service DeviceInstall [C:\WINDOWS\system32\umpnpmgr.dll] 
Service Dfsc [C:\WINDOWS\System32\Drivers\dfsc.sys] 
Service Dhcp [C:\WINDOWS\system32\dhcpcore.dll] 
Service DiagTrack [C:\WINDOWS\system32\diagtrack.dll] 
Service disk [C:\WINDOWS\System32\drivers\disk.sys] 
Service dmvsc [C:\WINDOWS\System32\drivers\dmvsc.sys] 
Service Dnscache [C:\WINDOWS\System32\dnsrslvr.dll] 
Service dot3svc [C:\WINDOWS\System32\dot3svc.dll] 
Service DPS [C:\WINDOWS\system32\dps.dll] 
Service drmkaud [C:\WINDOWS\system32\drivers\drmkaud.sys] 
Service DsmSvc [C:\WINDOWS\System32\DeviceSetupManager.dll] 
Service DXGKrnl [C:\WINDOWS\System32\drivers\dxgkrnl.sys] 
Service Eaphost [C:\WINDOWS\System32\eapsvc.dll] 
Service ebdrv [C:\WINDOWS\System32\drivers\evbda.sys] 
Service EFS [C:\WINDOWS\System32\lsass.exe] 
Service EhStorClass [C:\WINDOWS\System32\drivers\EhStorClass.sys] 
Service EhStorTcgDrv [C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys] 
Service ErrDev [C:\WINDOWS\System32\drivers\errdev.sys] 
Service ESENT [???] 
Service EventLog [C:\WINDOWS\System32\wevtsvc.dll] 
Service EventSystem [C:\WINDOWS\system32\es.dll] 
Service exfat [C:\WINDOWS\System32\Drivers\exfat.sys] 
Service fastfat [C:\WINDOWS\System32\Drivers\fastfat.sys] 
Service Fax [C:\WINDOWS\system32\fxssvc.exe] 
Service fdc [C:\WINDOWS\System32\drivers\fdc.sys] 
Service fdPHost [C:\WINDOWS\system32\fdPHost.dll] 
Service FDResPub [C:\WINDOWS\system32\fdrespub.dll] 
Service fhsvc [C:\WINDOWS\system32\fhsvc.dll] 
Service FileInfo [C:\WINDOWS\System32\drivers\fileinfo.sys] 
Service Filetrace [C:\WINDOWS\system32\drivers\filetrace.sys] 
Service flpydisk [C:\WINDOWS\System32\drivers\flpydisk.sys] 
Service FltMgr [C:\WINDOWS\system32\drivers\fltmgr.sys] 
Service FontCache [C:\WINDOWS\system32\FntCache.dll] 
Service FontCache3.0.0.0 [C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe] 
Service FsDepends [C:\WINDOWS\System32\drivers\FsDepends.sys] 
Service Fs_Rec [C:\WINDOWS\System32\Drivers\Fs_Rec.sys] 
Service fvevol [C:\WINDOWS\System32\DRIVERS\fvevol.sys] 
Service FxPPM [C:\WINDOWS\System32\drivers\fxppm.sys] 
Service gagp30kx [C:\WINDOWS\System32\drivers\gagp30kx.sys] 
Service gencounter [C:\WINDOWS\System32\drivers\vmgencounter.sys] 
Service GfExperienceService [C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe] 
Service GPIOClx0101 [C:\WINDOWS\System32\Drivers\msgpioclx.sys] 
Service gpsvc [C:\WINDOWS\System32\gpsvc.dll] 
Service gupdate [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] 
Service gupdatem [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] 
Service HdAudAddService [C:\WINDOWS\system32\drivers\HdAudio.sys] 
Service HDAudBus [C:\WINDOWS\System32\drivers\HDAudBus.sys] 
Service HidBatt [C:\WINDOWS\System32\drivers\HidBatt.sys] 
Service HidBth [C:\WINDOWS\System32\drivers\hidbth.sys] 
Service hidi2c [C:\WINDOWS\System32\drivers\hidi2c.sys] 
Service HidIr [C:\WINDOWS\System32\drivers\hidir.sys] 
Service hidkmdf [C:\WINDOWS\System32\drivers\hidkmdf.sys] 
Service hidserv [C:\WINDOWS\system32\hidserv.dll] 
Service HidUsb [C:\WINDOWS\System32\drivers\hidusb.sys] 
Service hkmsvc [C:\WINDOWS\system32\kmsvc.dll] 
Service HomeGroupListener [C:\WINDOWS\system32\ListSvc.dll] 
Service HomeGroupProvider [C:\WINDOWS\system32\provsvc.dll] 
Service HpSAMD [C:\WINDOWS\System32\drivers\HpSAMD.sys] 
Service HTTP [C:\WINDOWS\system32\drivers\HTTP.sys] 
Service hwpolicy [C:\WINDOWS\System32\drivers\hwpolicy.sys] 
Service hyperkbd [C:\WINDOWS\System32\drivers\hyperkbd.sys] 
Service HyperVideo [C:\WINDOWS\system32\DRIVERS\HyperVideo.sys] 
Service i8042prt [C:\WINDOWS\System32\drivers\i8042prt.sys] 
Service ialm [???] 
Service iaLPSSi_GPIO [C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys] 
Service iaLPSSi_I2C [C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys] 
Service iaStorAV [C:\WINDOWS\System32\drivers\iaStorAV.sys] 
Service iaStorV [C:\WINDOWS\System32\drivers\iaStorV.sys] 
Service IEEtwCollectorService [C:\WINDOWS\system32\IEEtwCollector.exe] 
Service igfx [C:\WINDOWS\system32\DRIVERS\igdkmd64.sys] 
Service IKEEXT [C:\WINDOWS\System32\ikeext.dll] 
Service inetaccs [???] 
Service intaud_WaveExtensible [C:\WINDOWS\system32\drivers\intelaud.sys] 
Service intelide [C:\WINDOWS\System32\drivers\intelide.sys] 
Service intelpep [C:\WINDOWS\System32\drivers\intelpep.sys] 
Service intelppm [C:\WINDOWS\System32\drivers\intelppm.sys] 
Service IpFilterDriver [C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys] 
Service iphlpsvc [C:\WINDOWS\System32\iphlpsvc.dll] 
Service IPMIDRV [C:\WINDOWS\System32\drivers\IPMIDrv.sys] 
Service IPNAT [C:\WINDOWS\System32\drivers\ipnat.sys] 
Service IRENUM [C:\WINDOWS\system32\drivers\irenum.sys] 
Service isapnp [C:\WINDOWS\System32\drivers\isapnp.sys] 
Service iScsiPrt [C:\WINDOWS\System32\drivers\msiscsi.sys] 
Service iwdbus [C:\WINDOWS\System32\drivers\iwdbus.sys] 
Service kbdclass [C:\WINDOWS\System32\drivers\kbdclass.sys] 
Service kbdhid [C:\WINDOWS\System32\drivers\kbdhid.sys] 
Service kdnic [C:\WINDOWS\system32\DRIVERS\kdnic.sys] 
Service KeyIso [C:\WINDOWS\system32\lsass.exe] 
Service KSecDD [C:\WINDOWS\System32\Drivers\ksecdd.sys] 
Service KSecPkg [C:\WINDOWS\System32\Drivers\ksecpkg.sys] 
Service ksthunk [C:\WINDOWS\system32\drivers\ksthunk.sys] 
Service KtmRm [C:\WINDOWS\system32\msdtckrm.dll] 
Service LanmanServer [C:\WINDOWS\system32\srvsvc.dll] 
Service LanmanWorkstation [C:\WINDOWS\System32\wkssvc.dll] 
Service ldap [???] 
Service lfsvc [C:\WINDOWS\System32\GeofenceMonitorService.dll] 
Service lltdio [C:\WINDOWS\system32\DRIVERS\lltdio.sys] 
Service lltdsvc [C:\WINDOWS\System32\lltdsvc.dll] 
Service lmhosts [C:\WINDOWS\System32\lmhsvc.dll] 
Service Lsa [???] 
Service LSI_SAS [C:\WINDOWS\System32\drivers\lsi_sas.sys] 
Service LSI_SAS2 [C:\WINDOWS\System32\drivers\lsi_sas2.sys] 
Service LSI_SAS3 [C:\WINDOWS\System32\drivers\lsi_sas3.sys] 
Service LSI_SSS [C:\WINDOWS\System32\drivers\lsi_sss.sys] 
Service LSM [C:\WINDOWS\System32\lsm.dll] 
Service luafv [C:\WINDOWS\system32\drivers\luafv.sys] 
Service McComponentHostService [C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe] 
Service megasas [C:\WINDOWS\System32\drivers\megasas.sys] 
Service megasr [C:\WINDOWS\System32\drivers\megasr.sys] 
Service MMCSS [C:\WINDOWS\system32\mmcss.dll] 
Service Modem [C:\WINDOWS\system32\drivers\modem.sys] 
Service monitor [C:\WINDOWS\System32\drivers\monitor.sys] 
Service mouclass [C:\WINDOWS\System32\drivers\mouclass.sys] 
Service mouhid [C:\WINDOWS\System32\drivers\mouhid.sys] 
Service mountmgr [C:\WINDOWS\System32\drivers\mountmgr.sys] 
Service MozillaMaintenance [C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe] 
Service MpKsl5d227bed [C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38021227-6A02-4EF2-BA8C-C863992AEFF9}\MpKsl5d227bed.sys] 
Service mpsdrv [C:\WINDOWS\System32\drivers\mpsdrv.sys] 
Service MpsSvc [C:\WINDOWS\system32\mpssvc.dll] 
Service MRxDAV [C:\WINDOWS\system32\drivers\mrxdav.sys] 
Service mrxsmb [C:\WINDOWS\system32\DRIVERS\mrxsmb.sys] 
Service mrxsmb10 [C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys] 
Service mrxsmb20 [C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys] 
Service MsBridge [C:\WINDOWS\system32\DRIVERS\bridge.sys] 
Service MSDTC [C:\WINDOWS\System32\msdtc.exe] 
Service MSDTC Bridge 3.0.0.0 [???] 
Service MSDTC Bridge 4.0.0.0 [???] 
Service Msfs [C:\WINDOWS\System32\Drivers\Msfs.sys] 
Service msgpiowin32 [C:\WINDOWS\System32\drivers\msgpiowin32.sys] 
Service mshidkmdf [C:\WINDOWS\System32\drivers\mshidkmdf.sys] 
Service mshidumdf [C:\WINDOWS\System32\drivers\mshidumdf.sys] 
Service msisadrv [C:\WINDOWS\System32\drivers\msisadrv.sys] 
Service MSiSCSI [C:\WINDOWS\system32\iscsiexe.dll] 
Service msiserver [C:\WINDOWS\system32\msiexec.exe] 
Service MSKSSRV [C:\WINDOWS\system32\drivers\MSKSSRV.sys] 
Service MsLldp [C:\WINDOWS\system32\DRIVERS\mslldp.sys] 
Service MSPCLOCK [C:\WINDOWS\system32\drivers\MSPCLOCK.sys] 
Service MSPQM [C:\WINDOWS\system32\drivers\MSPQM.sys] 
Service MsRPC [C:\WINDOWS\System32\Drivers\MsRPC.sys] 
Service MSSCNTRS [???] 
Service mssmbios [C:\WINDOWS\System32\drivers\mssmbios.sys] 
Service MSTEE [C:\WINDOWS\system32\drivers\MSTEE.sys] 
Service MTConfig [C:\WINDOWS\System32\drivers\MTConfig.sys] 
Service Mup [C:\WINDOWS\System32\Drivers\mup.sys] 
Service mvumis [C:\WINDOWS\System32\drivers\mvumis.sys] 
Service napagent [C:\WINDOWS\system32\qagentRT.dll] 
Service NativeWifiP [C:\WINDOWS\system32\DRIVERS\nwifi.sys] 
Service NcaSvc [C:\WINDOWS\System32\ncasvc.dll] 
Service NcbService [C:\WINDOWS\System32\ncbservice.dll] 
Service NcdAutoSetup [C:\WINDOWS\System32\NcdAutoSetup.dll] 
Service NDIS [C:\WINDOWS\system32\drivers\ndis.sys] 
Service NdisCap [C:\WINDOWS\system32\DRIVERS\ndiscap.sys] 
Service NdisImPlatform [C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys] 
Service NdisTapi [C:\WINDOWS\system32\DRIVERS\ndistapi.sys] 
Service Ndisuio [C:\WINDOWS\system32\DRIVERS\ndisuio.sys] 
Service NdisVirtualBus [C:\WINDOWS\System32\drivers\NdisVirtualBus.sys] 
Service NdisWan [C:\WINDOWS\system32\DRIVERS\ndiswan.sys] 
Service NdisWanLegacy [C:\WINDOWS\system32\DRIVERS\ndiswan.sys] 
Service NDProxy [C:\WINDOWS\System32\Drivers\NDProxy.sys] 
Service Ndu [C:\WINDOWS\system32\drivers\Ndu.sys] 
Service NetBIOS [C:\WINDOWS\system32\DRIVERS\netbios.sys] 
Service NetBT [C:\WINDOWS\System32\DRIVERS\netbt.sys] 
Service Netlogon [C:\WINDOWS\system32\lsass.exe] 
Service Netman [C:\WINDOWS\System32\netman.dll] 
Service netprofm [C:\WINDOWS\System32\netprofmsvc.dll] 
Service NetTcpPortSharing [C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] 
Service netvsc [C:\WINDOWS\System32\drivers\netvsc63.sys] 
Service NETwNe64 [C:\WINDOWS\system32\DRIVERS\NETwew00.sys] 
Service NlaSvc [C:\WINDOWS\System32\nlasvc.dll] 
Service Npfs [C:\WINDOWS\System32\Drivers\Npfs.sys] 
Service npsvctrig [C:\WINDOWS\System32\drivers\npsvctrig.sys] 
Service nsi [C:\WINDOWS\system32\nsisvc.dll] 
Service nsiproxy [C:\WINDOWS\system32\drivers\nsiproxy.sys] 
Service NTDS [???] 
Service Ntfs [C:\WINDOWS\System32\Drivers\Ntfs.sys] 
Service Null [C:\WINDOWS\System32\Drivers\Null.sys] 
Service nvlddmkm [C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys] 
Service NvNetworkService [C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe] 
Service nvpciflt [C:\WINDOWS\system32\DRIVERS\nvpciflt.sys] 
Service nvraid [C:\WINDOWS\System32\drivers\nvraid.sys] 
Service nvstor [C:\WINDOWS\System32\drivers\nvstor.sys] 
Service NvStreamKms [C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys] 
Service NvStreamSvc [C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe] 
Service nvsvc [C:\WINDOWS\system32\nvvsvc.exe] 
Service nvvad_WaveExtensible [C:\WINDOWS\system32\drivers\nvvad64v.sys] 
Service nv_agp [C:\WINDOWS\System32\drivers\nv_agp.sys] 
Service p2pimsvc [C:\WINDOWS\system32\pnrpsvc.dll] 
Service p2psvc [C:\WINDOWS\system32\p2psvc.dll] 
Service Parport [C:\WINDOWS\System32\drivers\parport.sys] 
Service partmgr [C:\WINDOWS\System32\drivers\partmgr.sys] 
Service PcaSvc [C:\WINDOWS\System32\pcasvc.dll] 
Service pci [C:\WINDOWS\System32\drivers\pci.sys] 
Service pciide [C:\WINDOWS\System32\drivers\pciide.sys] 
Service pcmcia [C:\WINDOWS\System32\drivers\pcmcia.sys] 
Service pcw [C:\WINDOWS\System32\drivers\pcw.sys] 
Service pdc [C:\WINDOWS\system32\drivers\pdc.sys] 
Service PEAUTH [C:\WINDOWS\system32\drivers\peauth.sys] 
Service PerfDisk [???] 
Service PerfHost [C:\WINDOWS\SysWow64\perfhost.exe] 
Service PerfNet [???] 
Service PerfOS [???] 
Service PerfProc [???] 
Service pla [C:\WINDOWS\system32\pla.dll] 
Service PlugPlay [C:\WINDOWS\system32\umpnpmgr.dll] 
Service PNRPAutoReg [C:\WINDOWS\system32\pnrpauto.dll] 
Service PNRPsvc [C:\WINDOWS\system32\pnrpsvc.dll] 
Service PolicyAgent [C:\WINDOWS\System32\ipsecsvc.dll] 
Service PortProxy [???] 
Service Power [C:\WINDOWS\system32\umpo.dll] 
Service PptpMiniport [C:\WINDOWS\system32\DRIVERS\raspptp.sys] 
Service PrintNotify [C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll] 
Service Processor [C:\WINDOWS\System32\drivers\processr.sys] 
Service ProfSvc [C:\WINDOWS\system32\profsvc.dll] 
Service Psched [C:\WINDOWS\system32\DRIVERS\pacer.sys] 
Service QWAVE [C:\WINDOWS\system32\qwave.dll] 
Service QWAVEdrv [C:\WINDOWS\system32\drivers\qwavedrv.sys] 
Service RasAcd [C:\WINDOWS\System32\DRIVERS\rasacd.sys] 
Service RasAgileVpn [C:\WINDOWS\system32\DRIVERS\AgileVpn.sys] 
Service RasAuto [C:\WINDOWS\System32\rasauto.dll] 
Service Rasl2tp [C:\WINDOWS\system32\DRIVERS\rasl2tp.sys] 
Service RasMan [C:\WINDOWS\System32\rasmans.dll] 
Service RasPppoe [C:\WINDOWS\system32\DRIVERS\raspppoe.sys] 
Service RasSstp [C:\WINDOWS\system32\DRIVERS\rassstp.sys] 
Service rdbss [C:\WINDOWS\system32\DRIVERS\rdbss.sys] 
Service RDMANDK [???] 
Service rdpbus [C:\WINDOWS\System32\drivers\rdpbus.sys] 
Service RDPDR [C:\WINDOWS\System32\drivers\rdpdr.sys] 
Service RDPNP [???] 
Service RDPUDD [???] 
Service RdpVideoMiniport [C:\WINDOWS\System32\drivers\rdpvideominiport.sys] 
Service rdyboost [C:\WINDOWS\System32\drivers\rdyboost.sys] 
Service ReFS [C:\WINDOWS\System32\Drivers\ReFS.sys] 
Service RemoteAccess [C:\WINDOWS\System32\mprdim.dll] 
Service RemoteRegistry [C:\WINDOWS\system32\regsvc.dll] 
Service RFCOMM [C:\WINDOWS\System32\drivers\rfcomm.sys] 
Service RpcEptMapper [C:\WINDOWS\System32\RpcEpMap.dll] 
Service RpcLocator [C:\WINDOWS\system32\locator.exe] 
Service RpcSs [C:\WINDOWS\system32\rpcss.dll] 
Service rspndr [C:\WINDOWS\system32\DRIVERS\rspndr.sys] 
Service RTL8168 [C:\WINDOWS\system32\DRIVERS\Rt630x64.sys] 
Service s3cap [C:\WINDOWS\System32\drivers\vms3cap.sys] 
Service SamSs [C:\WINDOWS\system32\lsass.exe] 
Service sbp2port [C:\WINDOWS\System32\drivers\sbp2port.sys] 
Service SCardSvr [C:\WINDOWS\System32\SCardSvr.dll] 
Service ScDeviceEnum [C:\WINDOWS\System32\ScDeviceEnum.dll] 
Service scfilter [C:\WINDOWS\System32\DRIVERS\scfilter.sys] 
Service Schedule [C:\WINDOWS\system32\schedsvc.dll] 
Service SCPolicySvc [C:\WINDOWS\System32\certprop.dll] 
Service sdbus [C:\WINDOWS\System32\drivers\sdbus.sys] 
Service sdstor [C:\WINDOWS\System32\drivers\sdstor.sys] 
Service secdrv [C:\WINDOWS\System32\Drivers\secdrv.sys] 
Service seclogon [C:\WINDOWS\system32\seclogon.dll] 
Service SENS [C:\WINDOWS\System32\sens.dll] 
Service SensrSvc [C:\WINDOWS\system32\sensrsvc.dll] 
Service SerCx [C:\WINDOWS\system32\drivers\SerCx.sys] 
Service SerCx2 [C:\WINDOWS\system32\drivers\SerCx2.sys] 
Service Serenum [C:\WINDOWS\System32\drivers\serenum.sys] 
Service Serial [C:\WINDOWS\System32\drivers\serial.sys] 
Service sermouse [C:\WINDOWS\System32\drivers\sermouse.sys] 
Service ServiceModelEndpoint 3.0.0.0 [???] 
Service ServiceModelOperation 3.0.0.0 [???] 
Service ServiceModelService 3.0.0.0 [???] 
Service SessionEnv [C:\WINDOWS\system32\sessenv.dll] 
Service sfloppy [C:\WINDOWS\System32\drivers\sfloppy.sys] 
Service SharedAccess [C:\WINDOWS\System32\ipnathlp.dll] 
Service ShellHWDetection [C:\WINDOWS\System32\shsvcs.dll] 
Service SiSRaid2 [C:\WINDOWS\System32\drivers\SiSRaid2.sys] 
Service SiSRaid4 [C:\WINDOWS\System32\drivers\sisraid4.sys] 
Service SkypeUpdate [C:\Program Files (x86)\Skype\Updater\Updater.exe] 
Service smphost [C:\WINDOWS\System32\smphost.dll] 
Service SMSvcHost 3.0.0.0 [???] 
Service SMSvcHost 4.0.0.0 [???] 
Service SNMPTRAP [C:\WINDOWS\System32\snmptrap.exe] 
Service spaceport [C:\WINDOWS\System32\drivers\spaceport.sys] 
Service SpbCx [C:\WINDOWS\system32\drivers\SpbCx.sys] 
Service Spooler [C:\WINDOWS\System32\spoolsv.exe] 
Service sppsvc [C:\WINDOWS\system32\sppsvc.exe] 
Service srv [C:\WINDOWS\System32\DRIVERS\srv.sys] 
Service srv2 [C:\WINDOWS\System32\DRIVERS\srv2.sys] 
Service srvnet [C:\WINDOWS\System32\DRIVERS\srvnet.sys] 
Service SSDPSRV [C:\WINDOWS\System32\ssdpsrv.dll] 
Service SstpSvc [C:\WINDOWS\system32\sstpsvc.dll] 
Service Steam Client Service [C:\Program Files (x86)\Common Files\Steam\SteamService.exe] 
Service stexstor [C:\WINDOWS\System32\drivers\stexstor.sys] 
Service stisvc [C:\WINDOWS\System32\wiaservc.dll] 
Service storahci [C:\WINDOWS\System32\drivers\storahci.sys] 
Service storflt [C:\WINDOWS\System32\drivers\vmstorfl.sys] 
Service stornvme [C:\WINDOWS\System32\drivers\stornvme.sys] 
Service StorSvc [C:\WINDOWS\system32\storsvc.dll] 
Service storvsc [C:\WINDOWS\System32\drivers\storvsc.sys] 
Service svsvc [C:\WINDOWS\system32\svsvc.dll] 
Service swenum [C:\WINDOWS\System32\drivers\swenum.sys] 
Service SwitchBoard [C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe] 
Service swprv [C:\WINDOWS\System32\swprv.dll] 
Service SysMain [C:\WINDOWS\system32\sysmain.dll] 
Service SystemEventsBroker [C:\WINDOWS\System32\SystemEventsBrokerServer.dll] 
Service TabletInputService [C:\WINDOWS\System32\TabSvc.dll] 
Service TapiSrv [C:\WINDOWS\System32\tapisrv.dll] 
Service Tcpip [C:\WINDOWS\System32\drivers\tcpip.sys] 
Service TCPIP6 [C:\WINDOWS\system32\DRIVERS\tcpip.sys] 
Service TCPIP6TUNNEL [???] 
Service tcpipreg [C:\WINDOWS\System32\drivers\tcpipreg.sys] 
Service TCPIPTUNNEL [???] 
Service tdx [C:\WINDOWS\system32\DRIVERS\tdx.sys] 
Service terminpt [C:\WINDOWS\System32\drivers\terminpt.sys] 
Service TermService [C:\WINDOWS\System32\termsrv.dll] 
Service Themes [C:\WINDOWS\system32\themeservice.dll] 
Service THREADORDER [C:\WINDOWS\system32\mmcss.dll] 
Service TimeBroker [C:\WINDOWS\System32\TimeBrokerServer.dll] 
Service TPM [C:\WINDOWS\system32\drivers\tpm.sys] 
Service TrkWks [C:\WINDOWS\System32\trkwks.dll] 
Service TrustedInstaller [C:\WINDOWS\servicing\TrustedInstaller.exe] 
Service TSDDD [???] 
Service TsUsbFlt [C:\WINDOWS\system32\drivers\tsusbflt.sys] 
Service TsUsbGD [C:\WINDOWS\System32\drivers\TsUsbGD.sys] 
Service tunnel [C:\WINDOWS\system32\DRIVERS\tunnel.sys] 
Service uagp35 [C:\WINDOWS\System32\drivers\uagp35.sys] 
Service UASPStor [C:\WINDOWS\System32\drivers\uaspstor.sys] 
Service UCX01000 [C:\WINDOWS\System32\drivers\ucx01000.sys] 
Service udfs [C:\WINDOWS\system32\DRIVERS\udfs.sys] 
Service UEFI [C:\WINDOWS\System32\drivers\UEFI.sys] 
Service UGatherer [???] 
Service UGTHRSVC [???] 
Service UI0Detect [C:\WINDOWS\system32\UI0Detect.exe] 
Service uliagpkx [C:\WINDOWS\System32\drivers\uliagpkx.sys] 
Service umbus [C:\WINDOWS\System32\drivers\umbus.sys] 
Service UmPass [C:\WINDOWS\System32\drivers\umpass.sys] 
Service UmRdpService [C:\WINDOWS\System32\umrdp.dll] 
Service upnphost [C:\WINDOWS\System32\upnphost.dll] 
Service usbccgp [C:\WINDOWS\System32\drivers\usbccgp.sys] 
Service usbcir [C:\WINDOWS\System32\drivers\usbcir.sys] 
Service usbehci [C:\WINDOWS\System32\drivers\usbehci.sys] 
Service usbhub [C:\WINDOWS\System32\drivers\usbhub.sys] 
Service USBHUB3 [C:\WINDOWS\System32\drivers\UsbHub3.sys] 
Service usbohci [C:\WINDOWS\System32\drivers\usbohci.sys] 
Service usbprint [C:\WINDOWS\System32\drivers\usbprint.sys] 
Service USBSTOR [C:\WINDOWS\System32\drivers\USBSTOR.SYS] 
Service usbuhci [C:\WINDOWS\System32\drivers\usbuhci.sys] 
Service usbvideo [C:\WINDOWS\System32\Drivers\usbvideo.sys] 
Service USBXHCI [C:\WINDOWS\System32\drivers\USBXHCI.SYS] 
Service VaultSvc [C:\WINDOWS\system32\lsass.exe] 
Service vdrvroot [C:\WINDOWS\System32\drivers\vdrvroot.sys] 
Service vds [C:\WINDOWS\System32\vds.exe] 
Service VerifierExt [C:\WINDOWS\system32\drivers\VerifierExt.sys] 
Service vhdmp [C:\WINDOWS\System32\drivers\vhdmp.sys] 
Service viaide [C:\WINDOWS\System32\drivers\viaide.sys] 
Service vmbus [C:\WINDOWS\System32\drivers\vmbus.sys] 
Service VMBusHID [C:\WINDOWS\System32\drivers\VMBusHID.sys] 
Service vmicguestinterface [C:\WINDOWS\System32\ICSvc.dll] 
Service vmicheartbeat [C:\WINDOWS\System32\ICSvc.dll] 
Service vmickvpexchange [C:\WINDOWS\System32\ICSvc.dll] 
Service vmicrdv [C:\WINDOWS\System32\ICSvc.dll] 
Service vmicshutdown [C:\WINDOWS\System32\ICSvc.dll] 
Service vmictimesync [C:\WINDOWS\System32\ICSvc.dll] 
Service vmicvss [C:\WINDOWS\System32\ICSvc.dll] 
Service volmgr [C:\WINDOWS\System32\drivers\volmgr.sys] 
Service volmgrx [C:\WINDOWS\System32\drivers\volmgrx.sys] 
Service volsnap [C:\WINDOWS\System32\drivers\volsnap.sys] 
Service vpci [C:\WINDOWS\System32\drivers\vpci.sys] 
Service vsmraid [C:\WINDOWS\System32\drivers\vsmraid.sys] 
Service VSS [C:\WINDOWS\system32\vssvc.exe] 
Service VSTXRAID [C:\WINDOWS\System32\drivers\vstxraid.sys] 
Service vwifibus [C:\WINDOWS\System32\drivers\vwifibus.sys] 
Service vwififlt [C:\WINDOWS\system32\DRIVERS\vwififlt.sys] 
Service vwifimp [C:\WINDOWS\system32\DRIVERS\vwifimp.sys] 
Service W32Time [C:\WINDOWS\system32\w32time.dll] 
Service WacHidRouter [C:\WINDOWS\System32\drivers\wachidrouter.sys] 
Service WacomPen [C:\WINDOWS\System32\drivers\wacompen.sys] 
Service wacomrouterfilter [C:\WINDOWS\System32\drivers\wacomrouterfilter.sys] 
Service WANARP [C:\WINDOWS\system32\DRIVERS\wanarp.sys] 
Service Wanarpv6 [C:\WINDOWS\system32\DRIVERS\wanarp.sys] 
Service wbengine [C:\WINDOWS\system32\wbengine.exe] 
Service WbioSrvc [C:\WINDOWS\System32\wbiosrvc.dll] 
Service Wcmsvc [C:\WINDOWS\System32\wcmsvc.dll] 
Service wcncsvc [C:\WINDOWS\System32\wcncsvc.dll] 
Service WcsPlugInService [C:\WINDOWS\System32\WcsPlugInService.dll] 
Service WdBoot [C:\WINDOWS\system32\drivers\WdBoot.sys] 
Service Wdf01000 [C:\WINDOWS\system32\drivers\Wdf01000.sys] 
Service WdFilter [C:\WINDOWS\system32\drivers\WdFilter.sys] 
Service WdiServiceHost [C:\WINDOWS\system32\wdi.dll] 
Service WdiSystemHost [C:\WINDOWS\system32\wdi.dll] 
Service WdNisDrv [C:\WINDOWS\system32\Drivers\WdNisDrv.sys] 
Service WdNisSvc [C:\Program Files\Windows Defender\NisSrv.exe] 
Service WebClient [C:\WINDOWS\System32\webclnt.dll] 
Service Wecsvc [C:\WINDOWS\system32\wecsvc.dll] 
Service WEPHOSTSVC [C:\WINDOWS\system32\wephostsvc.dll] 
Service wercplsupport [C:\WINDOWS\System32\wercplsupport.dll] 
Service WerSvc [C:\WINDOWS\System32\WerSvc.dll] 
Service WFPLWFS [C:\WINDOWS\system32\DRIVERS\wfplwfs.sys] 
Service WiaRpc [C:\WINDOWS\System32\wiarpc.dll] 
Service WIMMount [C:\WINDOWS\system32\drivers\wimmount.sys] 
Service WinDefend [C:\Program Files\Windows Defender\MsMpEng.exe] 
Service Windows Workflow Foundation 3.0.0.0 [???] 
Service Windows Workflow Foundation 4.0.0.0 [???] 
Service WinHttpAutoProxySvc [C:\WINDOWS\system32\winhttp.dll] 
Service Winmgmt [C:\WINDOWS\system32\wbem\WMIsvc.dll] 
Service WinRM [C:\WINDOWS\system32\WsmSvc.dll] 
Service Winsock [???] 
Service WinSock2 [???] 
Service WinUsb [C:\WINDOWS\System32\drivers\WinUsb.sys] 
Service WlanSvc [C:\WINDOWS\System32\wlansvc.dll] 
Service wlidsvc [C:\WINDOWS\system32\wlidsvc.dll] 
Service WmiAcpi [C:\WINDOWS\System32\drivers\wmiacpi.sys] 
Service WmiApRpl [???] 
Service wmiApSrv [C:\WINDOWS\system32\wbem\WmiApSrv.exe] 
Service WMPNetworkSvc [C:\Program Files\Windows Media Player\wmpnetwk.exe] 
Service Wof [C:\WINDOWS\System32\Drivers\Wof.sys] 
Service workerdd [???] 
Service workfolderssvc [C:\WINDOWS\system32\workfolderssvc.dll] 
Service wpcfltr [C:\WINDOWS\system32\DRIVERS\wpcfltr.sys] 
Service WPCSvc [C:\WINDOWS\System32\wpcsvc.dll] 
Service WPDBusEnum [C:\WINDOWS\system32\wpdbusenum.dll] 
Service WpdUpFltr [C:\WINDOWS\System32\drivers\WpdUpFltr.sys] 
Service ws2ifsl [C:\WINDOWS\system32\drivers\ws2ifsl.sys] 
Service wscsvc [C:\WINDOWS\System32\wscsvc.dll] 
Service WSearch [C:\WINDOWS\system32\SearchIndexer.exe] 
Service WSearchIdxPi [???] 
Service WSService [C:\WINDOWS\System32\WSService.dll] 
Service WTabletServiceCon [C:\Program Files\Tablet\Pen\WTabletServiceCon.exe] 
Service wuauserv [C:\WINDOWS\system32\wuaueng.dll] 
Service WudfPf [C:\WINDOWS\system32\drivers\WudfPf.sys] 
Service WUDFRd [C:\WINDOWS\System32\drivers\WUDFRd.sys] 
Service WUDFSensorLP [C:\WINDOWS\System32\drivers\WUDFRd.sys] 
Service wudfsvc [C:\WINDOWS\System32\WUDFSvc.dll] 
Service WUDFWpdFs [C:\WINDOWS\System32\drivers\WUDFRd.sys] 
Service WUDFWpdMtp [C:\WINDOWS\System32\drivers\WUDFRd.sys] 
Service WwanSvc [C:\WINDOWS\System32\wwansvc.dll] 
Service xmlprov [???] 
Service xusb22 [C:\WINDOWS\System32\drivers\xusb22.sys] 
Service {3B96DE6E-1B49-4F32-9A84-0BF09E2660CA} [???] 
Service {8718928D-CBEB-45EA-A621-800A9249001D} [???] 
Service {B305B048-DC9F-454B-A5EE-D4D92BC429BA} [???] 
Service {E495A7BE-08C9-406F-A7FA-D64766ADEA21} [???] 
Service {F063A2E7-09CD-47AB-A893-9E802D1EA4B6} [???] 

Scan finished: Freitag, 15. Mai 2015 18:12:38
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0


----------
         
nshield:

Code:
ATTFilter
15.05.2015  13:12:19  Network Shield: blocked access to malicious site hxxp://45.33.112.29/?sov=1109987710&hid=dlhdfnvhlplltpj&redid=9842&gsid=280&id=XNSX.-r9842-t280 ([45.33.112.29]:80) [ C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe ( 5828 ) ]
15.05.2015  13:16:50  Network Shield: blocked access to malicious site hxxp://185.49.145.191/?l=tsk5146cnfhuf ([185.49.145.191]:80) [ C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe ( 5828 ) ]
15.05.2015  18:06:32  Network Shield: blocked access to malicious site https://binaryprofessional.com/ ([50.7.157.122]:443) [ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ( 4104 ) ]
15.05.2015  18:06:32  Network Shield: blocked access to malicious site https://binaryprofessional.com/365BinaryOption/EN/MillionareSociety/?offer_id=800&aff_id=2333&aff_sub=lima-azo-JJp4m33t&aff_sub2=&aff_sub3=365-Mill-4878-MultiGEO&aff_sub4=hxxp://368951.adcash.com&aff_sub5=365BinaryOption_MillionareSociety_EN&source=SOURCE&url_id=4878 ([50.7.157.122]:443) [ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ( 4104 ) ]
15.05.2015  18:18:24  Network Shield: blocked access to malicious site hxxp://185.49.145.182/?s=68121481143&l=tsk6245cgfde&g=DE&z=33771 ([185.49.145.182]:80) [ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ( 4104 ) ]
15.05.2015  18:18:24  Network Shield: blocked access to malicious site hxxp://185.49.145.182/?s=68121481143&l=tsk6245cgfde&g=DE&z=33771 ([185.49.145.182]:80) [ C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ( 4104 ) ]
         

Alt 17.05.2015, 12:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2015, 16:26   #9
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



mBam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.05.2015
Suchlauf-Zeit: 13:52:57
Logdatei: mbam.txt
Administrator: Ja

Version: 0.00.0.0000
Malware Datenbank: v2015.05.17.01
Rootkit Datenbank: v2015.05.16.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Durdelschön

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366293
Verstrichene Zeit: 38 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.204 - Bericht erstellt 17/05/2015 um 14:14:39
# Aktualisiert 12/05/2015 von Xplode
# Datenbank : 2015-05-12.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Durdelschön - BRUSH
# Gestarted von : C:\Users\Durdelschön\Downloads\adwcleaner_4.204.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v42.0.2311.152

[C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtD0CtB0CyCtB0EzyyDtDzy0D0A0DtCtN0D0Tzu0SyByEzytN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=1651180350&ir=
[C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.sm.de/?q={searchTerms}
[C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

-\\ Opera v29.0.1795.47


*************************

AdwCleaner[R0].txt - [11810 Bytes] - [15/05/2015 09:24:41]
AdwCleaner[R1].txt - [1489 Bytes] - [17/05/2015 14:14:39]
AdwCleaner[S0].txt - [10835 Bytes] - [15/05/2015 09:41:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1608 Bytes] ##########
         
JRT:


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 8.1 x64
Ran by Durdelsch”n on 17.05.2015 at 16:08:45,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2719917741-3841041876-3078627320-1001



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2015 at 16:16:43,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Durdelschön (administrator) on BRUSH on 17-05-2015 16:23:30
Running from C:\Users\Durdelschön\Downloads
Loaded Profiles: Durdelschön (Available profiles: Durdelschön)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.47\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.47\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Durdelschön\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-15] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [Facebook Update] => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-18] (Facebook Inc.)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Run: [Steam] => H:\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\MountPoints2: {57a6286d-6ce9-11e3-be74-00c2c62e9509} - "I:\LGAutoRun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-05-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Durdelschön\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-03-01]
ShortcutTarget: Download.lnk -> C:\ProgramData\{113cd23e-792d-f36f-113c-cd23e79248f9}\Download.exe (No File)
Startup: C:\Users\Durdelschön\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-15] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> {758E549F-6AF9-40F3-906C-B246399EAF11} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001 -> DefaultScope {758E549F-6AF9-40F3-906C-B246399EAF11} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001 -> {758E549F-6AF9-40F3-906C-B246399EAF11} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-15] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-15] (Avast Software s.r.o.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-10-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-10-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-12-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-10-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-10-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-12-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2719917741-3841041876-3078627320-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Durdelschön\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2719917741-3841041876-3078627320-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-15]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Profile: C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-19]
CHR Extension: (Google Search) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-19]
CHR Extension: (Avast Online Security) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-15]
CHR Extension: (Gmail) - C:\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-15] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2014-05-27] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-15] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3346912 2013-10-31] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 MpKsl5d227bed; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38021227-6A02-4EF2-BA8C-C863992AEFF9}\MpKsl5d227bed.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 16:23 - 2015-05-17 16:23 - 02107392 _____ (Farbar) C:\Users\Durdelschön\Downloads\FRST64 (1).exe
2015-05-17 16:17 - 2015-05-17 16:17 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2719917741-3841041876-3078627320-1001
2015-05-17 16:16 - 2015-05-17 16:16 - 00000732 _____ () C:\Users\Durdelschön\Desktop\JRT.txt
2015-05-17 16:09 - 2015-05-17 16:09 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-BRUSH-Windows-8.1-(64-bit).dat
2015-05-17 16:08 - 2015-05-17 16:08 - 00000000 ____D () C:\RegBackup
2015-05-17 16:05 - 2015-05-17 16:11 - 00000000 ____D () C:\Users\Durdelschön\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
2015-05-17 16:01 - 2015-05-17 16:01 - 02719698 _____ (Thisisu) C:\Users\Durdelschön\Downloads\JRT.exe
2015-05-17 14:10 - 2015-05-17 14:10 - 00013855 _____ () C:\Users\Durdelschön\Desktop\1. Malwarebytes Anti-Malware .odt
2015-05-17 14:04 - 2015-05-17 14:04 - 00001202 _____ () C:\Users\Durdelschön\Desktop\mbam.txt
2015-05-17 12:55 - 2015-05-17 12:55 - 02209792 _____ () C:\Users\Durdelschön\Downloads\AdwCleaner_4.204 (1).exe
2015-05-17 12:46 - 2015-05-17 16:05 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 12:45 - 2015-05-17 12:45 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-17 12:45 - 2015-05-17 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-17 12:45 - 2015-05-17 12:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-17 12:45 - 2015-05-17 12:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-17 12:45 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-17 12:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-17 12:45 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-17 12:44 - 2015-05-17 12:44 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Durdelschön\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-15 18:04 - 2015-05-15 18:04 - 00046224 _____ () C:\Users\Durdelschön\Desktop\FRST.txt
2015-05-15 18:03 - 2015-05-15 18:03 - 00048416 _____ () C:\Users\Durdelschön\Desktop\Addition.txt
2015-05-15 17:45 - 2015-05-15 17:47 - 00048416 _____ () C:\Users\Durdelschön\Downloads\Addition.txt
2015-05-15 17:42 - 2015-05-17 16:23 - 00016619 _____ () C:\Users\Durdelschön\Downloads\FRST.txt
2015-05-15 17:29 - 2015-05-17 16:23 - 00000000 ____D () C:\FRST
2015-05-15 17:29 - 2015-05-15 17:29 - 02106368 _____ (Farbar) C:\Users\Durdelschön\Downloads\FRST64.exe
2015-05-15 17:29 - 2015-05-15 17:29 - 00001284 _____ () C:\Users\Durdelschön\Desktop\Revo Uninstaller.lnk
2015-05-15 17:29 - 2015-05-15 17:29 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-15 17:28 - 2015-05-15 17:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Durdelschön\Downloads\revosetup95.exe
2015-05-15 11:42 - 2015-05-15 11:42 - 00000000 __SHD () C:\Users\Durdelschön\AppData\Local\EmieBrowserModeList
2015-05-15 10:07 - 2015-05-15 10:07 - 00000000 ____D () C:\Users\Durdelschön\AppData\Roaming\AVAST Software
2015-05-15 10:06 - 2015-05-15 10:06 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-15 10:06 - 2015-05-15 10:06 - 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-15 10:06 - 2015-05-15 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-15 10:05 - 2015-05-15 10:05 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-15 10:05 - 2015-05-15 10:05 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-05-15 10:05 - 2015-05-15 10:05 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-05-15 10:05 - 2015-05-15 10:05 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-05-15 09:41 - 2015-05-15 09:41 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-15 09:39 - 2015-05-15 09:39 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Durdelschön\Downloads\avast_free_antivirus_setup_online_cbild.exe
2015-05-15 09:39 - 2015-05-15 09:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-15 09:24 - 2015-05-17 14:16 - 00000000 ____D () C:\AdwCleaner
2015-05-15 09:24 - 2015-05-15 09:24 - 02209792 _____ () C:\Users\Durdelschön\Downloads\adwcleaner_4.204.exe
2015-05-15 09:13 - 2015-05-15 09:13 - 00000000 _____ () C:\Users\Durdelschön\AppData\Local\Temp.dat
2015-05-15 04:17 - 2015-04-22 23:11 - 40769589 _____ () C:\Users\Durdelschön\Desktop\Family.Guy.S10E14.HDTV.XviD-LOL.ebk.mp4
2015-05-15 04:17 - 2015-04-22 23:10 - 39396200 _____ () C:\Users\Durdelschön\Desktop\Family.Guy.S10E13.HDTV.XviD-LOL.ebk.mp4
2015-05-13 18:00 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:00 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:35 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 11:35 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 11:35 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 11:35 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 11:35 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 11:35 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 11:35 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 11:35 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 11:35 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 11:35 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 11:35 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 11:35 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 11:35 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 11:35 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 11:35 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 11:35 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 11:35 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 11:34 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 11:34 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 11:34 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 11:34 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 11:34 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 11:34 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 11:34 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 11:34 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 11:34 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 11:34 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 11:34 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 11:34 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 11:34 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 11:34 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 11:34 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 11:34 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 11:34 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 11:34 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 11:34 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 11:34 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 11:34 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 11:34 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 11:34 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 11:33 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 11:33 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 11:33 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 11:33 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 11:33 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 11:33 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 11:33 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 11:33 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 11:33 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 11:33 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 11:33 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 11:33 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 11:33 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 11:33 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 11:33 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 11:33 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 11:33 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 11:33 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 11:33 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 11:33 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 11:33 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 11:33 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 11:33 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 11:33 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 11:33 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 11:33 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 11:33 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 11:33 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 11:33 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 11:33 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 11:33 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 11:33 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 11:33 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 11:33 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 11:33 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 11:33 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 11:33 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 11:33 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 11:33 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 19:13 - 2015-05-12 19:14 - 165602873 _____ () C:\Users\Durdelschön\Desktop\diese bösen.mp4
2015-05-12 18:59 - 2015-05-12 18:59 - 12831337 _____ () C:\Users\Durdelschön\Downloads\video-1431449844.mp4.mp4
2015-05-12 13:28 - 2015-05-12 13:28 - 05718497 _____ () C:\Users\Durdelschön\Downloads\video-1431429961.mp4.mp4
2015-05-11 23:29 - 2015-05-11 23:32 - 666332108 _____ () C:\Users\Durdelschön\Desktop\teddy sleeepy.mp4
2015-05-11 08:04 - 2015-05-17 16:04 - 00007076 _____ () C:\WINDOWS\setupact.log
2015-05-11 08:04 - 2015-05-11 08:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-09 06:31 - 2015-05-11 21:41 - 00012774 _____ () C:\Users\Durdelschön\Desktop\Mein Film.wlmp
2015-05-08 21:48 - 2000-01-01 01:06 - 2220902152 ____N () C:\Users\Durdelschön\Desktop\MVI_2926.MOV
2015-05-08 13:04 - 2015-05-08 13:04 - 01203488 _____ () C:\Users\Durdelschön\Downloads\PosteRazor - CHIP-Installer.exe
2015-05-08 10:43 - 2015-05-08 10:43 - 00016090 _____ () C:\Users\Durdelschön\Downloads\Modern.Family.S06E22.HDTV.x264-LOL[ettv].torrent
2015-05-04 16:27 - 2015-05-04 16:27 - 00013407 _____ () C:\Users\Durdelschön\Desktop\Budai internet.odt
2015-05-04 16:27 - 2015-05-04 16:27 - 00000107 ____H () C:\Users\Durdelschön\Desktop\.~lock.Budai internet.odt#
2015-05-03 16:19 - 2015-05-03 16:20 - 05857851 _____ () C:\Users\Durdelschön\Downloads\video-1412428727.mp4.mp4
2015-05-03 13:46 - 2015-05-03 13:47 - 02904502 _____ () C:\Users\Durdelschön\Downloads\video-1430653607.mp4.mp4
2015-04-30 18:18 - 2015-05-05 19:23 - 00010377 _____ () C:\Users\Durdelschön\Desktop\Lilly.ods
2015-04-30 13:29 - 2015-04-30 13:33 - 163765692 _____ () C:\Users\Durdelschön\Downloads\Tribal Journeys_ The Toulambi (1_2)(360p_VP8-Vorbis).webm
2015-04-27 17:58 - 2015-04-27 17:58 - 00000216 _____ () C:\Users\Durdelschön\.swfinfo
2015-04-24 07:43 - 2015-04-24 07:43 - 00025069 _____ () C:\Users\Durdelschön\Downloads\Download
2015-04-23 16:01 - 2000-01-01 01:00 - 197480560 ____N () C:\Users\Durdelschön\Desktop\MVI_2908.MOV
2015-04-21 03:46 - 2015-04-21 03:46 - 00002231 _____ () C:\Users\Durdelschön\Downloads\DUS_Abfallkalender_Stand_20150420.ics

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 16:19 - 2014-01-19 01:03 - 01680305 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-17 16:12 - 2014-01-19 01:26 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1783AAA-AF45-4F53-8926-C45EEE141E36}
2015-05-17 16:04 - 2014-01-19 01:29 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 16:03 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-17 16:02 - 2014-01-19 00:56 - 00021744 _____ () C:\WINDOWS\PFRO.log
2015-05-17 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-17 15:40 - 2014-06-22 10:46 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-17 15:29 - 2014-01-19 01:29 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-17 14:28 - 2014-08-18 17:23 - 00000964 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA.job
2015-05-17 13:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-17 02:58 - 2014-06-23 00:51 - 00000000 ____D () C:\Users\Durdelschön\AppData\Local\Adobe
2015-05-16 20:21 - 2014-01-23 14:04 - 00000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-05-15 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-15 17:28 - 2014-08-18 17:23 - 00000942 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core.job
2015-05-15 17:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-15 13:24 - 2014-01-19 01:29 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 13:24 - 2014-01-19 01:29 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 09:46 - 2014-12-19 21:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 09:46 - 2013-08-22 16:44 - 05011776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 09:45 - 2014-12-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-15 09:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-15 09:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-15 09:41 - 2014-01-19 01:02 - 00000000 ____D () C:\Users\Durdelschön
2015-05-15 09:16 - 2014-01-20 01:27 - 00000000 ____D () C:\Users\Durdelschön\AppData\Roaming\vlc
2015-05-15 04:17 - 2015-04-08 18:52 - 00000000 ____D () C:\Users\Durdelschön\AppData\Local\JDownloader 2.0
2015-05-15 03:15 - 2014-05-02 10:46 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 18:10 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-13 17:57 - 2014-01-20 23:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 16:14 - 2014-01-20 23:37 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 16:02 - 2014-12-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 15:44 - 2013-08-23 01:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-10 12:03 - 2015-03-09 06:08 - 00000020 _____ () C:\Users\Durdelschön\AppData\Roaming\appdataFr3.bin
2015-05-09 10:28 - 2014-08-25 19:11 - 00000000 ____D () C:\Users\Durdelschön\Desktop\whatever
2015-05-08 20:40 - 2014-01-26 18:25 - 00000000 ____D () C:\Users\Durdelschön\AppData\Local\Windows Live
2015-05-08 13:05 - 2014-05-09 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosteRazor
2015-05-08 13:05 - 2014-05-09 15:07 - 00000000 ____D () C:\Program Files (x86)\PosteRazor
2015-05-05 19:59 - 2015-03-14 10:26 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-14 10:26 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-02 21:30 - 2014-01-19 01:06 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-02 21:30 - 2013-08-23 01:24 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-02 21:30 - 2013-08-23 01:24 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-28 21:05 - 2014-06-17 12:34 - 00003846 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1400175085
2015-04-28 21:05 - 2014-05-15 19:31 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-28 21:05 - 2014-05-15 19:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-19 11:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2014-05-17 11:16 - 2014-05-27 14:03 - 0000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-01-23 14:04 - 2015-05-16 20:21 - 0000132 _____ () C:\Users\Durdelschön\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-03-09 06:08 - 2015-05-10 12:03 - 0000020 _____ () C:\Users\Durdelschön\AppData\Roaming\appdataFr3.bin
2014-01-19 02:27 - 2015-02-17 01:27 - 0000198 _____ () C:\Users\Durdelschön\AppData\Roaming\WB.CFG
2014-02-20 13:27 - 2015-03-05 21:51 - 0001456 _____ () C:\Users\Durdelschön\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-03-14 10:11 - 2015-03-18 11:00 - 0000410 _____ () C:\Users\Durdelschön\AppData\Local\Temp-log.txt
2015-05-15 09:13 - 2015-05-15 09:13 - 0000000 _____ () C:\Users\Durdelschön\AppData\Local\Temp.dat

Some content of TEMP:
====================
C:\Users\Durdelschön\AppData\Local\Temp\proxy_vole8857952343291013203.dll
C:\Users\Durdelschön\AppData\Local\Temp\Quarantine.exe
C:\Users\Durdelschön\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-11 11:01

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 18.05.2015, 00:54   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.05.2015, 01:11   #11
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Durdelschön at 2015-05-18 01:06:25
Running from C:\Users\Durdelschön\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2719917741-3841041876-3078627320-500 - Administrator - Disabled)
Durdelschön (S-1-5-21-2719917741-3841041876-3078627320-1001 - Administrator - Enabled) => C:\Users\Durdelschön
Gast (S-1-5-21-2719917741-3841041876-3078627320-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
calibre (HKLM-x32\...\{A66F2101-9BFC-4FB6-9277-7F59EF88BCC2}) (Version: 1.38.0 - Kovid Goyal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.37.327 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.37.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{43295475-62CA-4F25-B46C-43C59258780E}) (Version: 4.1.4.2 - The Document Foundation)
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{E5AB3F65-7FAC-41C6-B176-7599D2404BB2}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-Games, Ltd.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Endless Forest (HKLM-x32\...\The Endless Forest_is1) (Version:  - Tale of Tales)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.8.0.117 - PandoraTV)
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-2 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2719917741-3841041876-3078627320-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

17-05-2015 13:44:35 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16575543-0B74-4BD1-B6B5-6E27D9BB382E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {2587BFA0-5756-44B1-A38F-1DDD48CC24EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {33E22528-F43C-4E4B-8A9D-3A960D992E30} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {41360B2D-3FFF-4B2A-9C0D-6AB955FFA4C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {44CC233A-11CE-422A-A77A-62AC8005107B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {71BF2952-7FFB-4565-939D-A1205A76B827} - System32\Tasks\AdobeAAMUpdater-1.0-Brush-Durdelschön => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {7BC3A6E1-6146-4658-8D16-EC3C2BADA46E} - System32\Tasks\Opera scheduled Autoupdate 1400175085 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {82FF8F1C-E9F6-4182-807A-CA90BCE8958F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
Task: {8D62AFD0-DA00-4C0C-9A5B-CBDD79740FC8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BDE12863-B71F-474B-A705-242BC21B5D0A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {C3CB0B49-DBBA-4CD5-BAD9-D0D1F1862018} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C6E10208-F7BB-4211-BAF3-CE0DED411F76} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {C9B287E1-F314-45CB-9767-FE6EB210F912} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-15] (Avast Software s.r.o.)
Task: {D1F53511-14EE-48C8-98A2-540B6F33F9EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001Core.job => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2719917741-3841041876-3078627320-1001UA.job => C:\Users\Durdelschön\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-19 02:35 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-01-23 10:34 - 2013-12-17 03:17 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-05-17 23:47 - 2015-05-17 23:47 - 00040448 ____N () C:\Users\Durdelschön\AppData\Local\Temp\proxy_vole4300117664336467175.dll
2015-05-17 23:48 - 2015-05-17 23:48 - 00566439 _____ () C:\Users\Durdelschön\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2015-05-17 23:48 - 2015-05-17 23:48 - 04078962 _____ () C:\Users\Durdelschön\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2015-04-28 21:05 - 2015-04-28 21:05 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.47\opera_crashreporter.exe
2015-05-15 10:05 - 2015-05-15 10:05 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-15 10:05 - 2015-05-15 10:05 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-17 19:09 - 2015-05-17 19:09 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051701\algo.dll
2015-05-15 10:05 - 2015-05-15 10:05 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00113664 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 02342912 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00246784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00047616 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00050688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 11747840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01283584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00079360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 02029568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00100352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00258560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00076288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00061440 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00465920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00719872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00114688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00136704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01449472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00300032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00056320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00192512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00378368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00118272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00292864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01297920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00350720 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00359424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00209408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00049152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 01384960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00144896 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01723904 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00048640 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00188928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 09262080 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00731136 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00052224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00384000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00137728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00051712 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00076800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00055808 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00041984 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00079872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00034816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01518592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00091136 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00069120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00077824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00048128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00094720 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00911360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00141312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 01170944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00638976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00402944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00502272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmod_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00129536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libts_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00056832 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libps_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00057344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libty_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00067584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00047104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00049152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00066048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00057856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00039424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00049664 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00047104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2013-12-09 02:19 - 2013-12-09 02:19 - 00085504 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00045056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll
2013-12-09 02:18 - 2013-12-09 02:18 - 00057856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll
2015-04-28 21:05 - 2015-04-28 21:05 - 00157304 _____ () C:\Program Files (x86)\Opera\29.0.1795.47\message_center_win8.dll
2015-04-28 21:05 - 2015-04-28 21:05 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.47\libglesv2.dll
2015-04-28 21:05 - 2015-04-28 21:05 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.47\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Durdelschön\Desktop\tedahah.png
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-2719917741-3841041876-3078627320-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{23E59FA1-DBDE-4006-A57D-E05F158F103D}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules: [UDP Query User{C8ABC53C-9CFF-4A6B-BEBF-5D62B69E4306}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules: [{8DCBC85A-DF5B-46A3-850E-245CD5B7BFF4}] => (Allow) H:\games\Steam\Steam.exe
FirewallRules: [{03B331AA-91D2-450A-B1BA-E4FB222966E9}] => (Allow) H:\games\Steam\Steam.exe
FirewallRules: [{DED09175-75AB-40B4-B3B3-4060B48E3BDC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8FF8F173-8C3E-4CA2-AACB-2ADCE93743FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1EFA5709-D34D-4F8C-A5F4-673545DBAD54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{76ED0809-8CEF-4774-AEB1-0DB1964BEC72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B66C379C-3D03-4FA0-81B7-9E2EC2CF75FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{10132F4E-D0E0-4A54-859B-58584D04A407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B04BE202-F3A1-4D32-BB8F-AA65CBA04720}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{59583472-EDE3-4197-ABFE-1C93DCCD4E90}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{98B8E2A2-D2D5-4165-A9A5-13B016B0DCC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{74CD8258-7AA0-4B48-9DCA-7BB681076969}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8E90869B-7727-41C3-92ED-323853179E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{887D15AC-1F06-4342-8734-0EAE578E523C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70FCD27B-5C9E-4091-90B8-C293105546D0}] => (Allow) C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B86030BC-8A1A-456B-A66A-11E679BAFBD3}] => (Allow) C:\Users\Durdelschön\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{D9B56AEC-2BC0-4AFE-BF7D-6EDC7A73BB65}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{32A26551-63C1-47AB-B200-F52B6A5E91BC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9A011109-64B9-4CAA-A23A-184E60A7B5B5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{0875E7E8-65F9-4136-96B9-E2CE8DD2A6FE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{8D094831-BB1A-44DB-AACC-25EB62C8761A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{5E0C7F84-52A7-4986-B98A-2164E937801E}] => (Allow) H:\games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D8C157FA-5295-4167-8B17-D59333396D6E}] => (Allow) H:\games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{28E014F8-52D2-42D7-BA0D-4EAED7B3DA87}] => (Allow) H:\games\BatmanAsylum\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{4ED64276-059D-4ACD-89FF-5D3205F6A126}] => (Allow) H:\games\BatmanAsylum\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{7DE00FF8-D575-46FD-B38C-E8D573CF2F72}] => (Allow) H:\games\Steam\SteamApps\common\pixeljunkeden\eden.exe
FirewallRules: [{3E28D44D-8BA1-4FB2-A316-B7A6FA8A7CC8}] => (Allow) H:\games\Steam\SteamApps\common\pixeljunkeden\eden.exe
FirewallRules: [{74FE03DA-24FC-42B6-8780-DEFC2A91DF2F}] => (Allow) H:\games\Steam\SteamApps\common\Proteus\Proteus.exe
FirewallRules: [{6EC01CD7-7FFF-4CB4-8A68-DB7FBB2771E5}] => (Allow) H:\games\Steam\SteamApps\common\Proteus\Proteus.exe
FirewallRules: [TCP Query User{F5892784-757C-4722-88CE-FC9FAE9A76F6}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{CED51448-16B6-4185-A901-5B4FAF4AF518}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{6E7861EB-1B95-477D-AF2E-EADE60492116}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{172CF3BA-9EAF-410B-A3CF-57085EADAFA9}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{C316B2F6-887C-47BD-AA48-B4F8D12F9DB2}] => (Allow) H:\games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{F506F01D-E0FA-4E96-B307-E53EE31C7C41}] => (Allow) H:\games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{22649C40-9537-49F5-8BEA-3BC31F7A5933}] => (Allow) H:\games\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{58A2E13F-0F2F-416D-961E-7C5DA06A8461}] => (Allow) H:\games\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{AC77C2FD-0A9F-44F2-915D-7DA458970F95}] => (Allow) C:\Users\Durdelschön\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{742259BA-5503-46A0-9067-8E4E94DF568A}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{303923FE-2024-44DA-9EA7-347074FA1252}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [TCP Query User{66A278A6-3B44-436A-9B36-C72C50FA0BF7}C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DE88C640-2E0A-4708-BEC8-93A9FEF469AF}C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\durdelschön\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{98A53DD8-7CFD-477E-9854-85BA17224E11}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{217AE602-17B9-407E-A414-A06AA3B78356}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [TCP Query User{228DB9B4-98E6-470F-A5A1-F51E7915C410}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{59E142F8-4036-40D7-99EA-B92FAF2F788B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5240A6FF-4E62-4CA3-88DD-C4FDD3393AC7}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules: [UDP Query User{DA6D86A0-41D2-499E-88F0-42892B4E3EE0}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe
FirewallRules: [{0608121A-6266-4BBB-9B3A-3CA107D70C08}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{34F9AFF7-23F4-4B64-854B-3276B0C4517F}] => (Allow) LPort=2869
FirewallRules: [{76640BEE-61FC-4630-A80F-CD56CB9A35FA}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{FC6B42F8-602F-4816-993A-81FAE0492477}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BCFA6E2E-EC63-4D54-842E-310D8A8DFAC9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{210C09C2-7162-44C9-8A63-BBF32004DAA7}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{8FC6ECAE-E27B-42F6-9DFD-F4E0CF330AC6}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{6A2F1BBB-6B09-4174-99F6-F1260C55FD4D}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{AA9BA9B8-EEC7-4A58-9043-107D08B42344}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{63F139E8-E754-45EF-A725-8BD4C749167C}] => (Allow) H:\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{356526C8-16F8-49AE-B09B-301E6B8E9D5A}] => (Allow) H:\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{1FDEC119-9042-4FFF-AF54-DF391B111616}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2015 11:47:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/17/2015 04:02:10 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]

Error: (05/17/2015 01:55:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [18]

Error: (05/17/2015 01:15:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/17/2015 00:47:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/17/2015 07:10:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/17/2015 06:06:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/17/2015 04:58:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/16/2015 07:40:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.

Error: (05/16/2015 06:24:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.


System errors:
=============
Error: (05/17/2015 10:26:22 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "BRUSH" auf Transport "NetBT_Tcpip_{E495A7BE-08C9-406F-A7FA-D64766ADEA21}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/17/2015 10:25:24 PM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (05/17/2015 08:03:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 192.168.2.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/17/2015 04:11:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/17/2015 04:11:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2015 04:11:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2015 04:10:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2015 04:10:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2015 04:10:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2015 04:10:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/17/2015 11:47:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (05/17/2015 04:02:10 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]

Error: (05/17/2015 01:55:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [18]

Error: (05/17/2015 01:15:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/17/2015 00:47:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (05/17/2015 07:10:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/17/2015 06:06:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/17/2015 04:58:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/16/2015 07:40:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (05/16/2015 06:24:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe


CodeIntegrity Errors:
===================================
  Date: 2015-04-30 03:14:43.773
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:43.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:42.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:42.028
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:41.634
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:41.306
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:39.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:39.414
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:38.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-30 03:14:38.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8111.55 MB
Available physical RAM: 4910.74 MB
Total Pagefile: 9455.55 MB
Available Pagefile: 5853.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:198.75 GB) (Free:10.7 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:97.56 GB) (Free:5.77 GB) NTFS
Drive g: () (Fixed) (Total:368.1 GB) (Free:2.2 GB) NTFS
Drive h: (Ich bin groß) (Fixed) (Total:732.42 GB) (Free:303.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 48C452BE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0DA1342C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 18.05.2015, 09:27   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Users\Durdelschön\AppData\Local\Temp.dat
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.05.2015, 10:38   #13
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Fixlog

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by Durdelschön at 2015-05-18 10:24:28 Run:1
Running from C:\Users\Durdelschön\Desktop
Loaded Profiles: Durdelschön (Available profiles: Durdelschön)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Users\Durdelschön\AppData\Local\Temp.dat
EmptyTemp:

*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\Users\Durdelschön\AppData\Local\Temp.dat => Moved successfully.
EmptyTemp: => Removed 5.1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:25:17 ====
         

Alt 18.05.2015, 10:49   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



Okay, dann Kontrollscans mit ESET und SC bitte:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.05.2015, 07:00   #15
Sna
 
Chrome/Opera öffnet werbe-tabs automatisch! - Standard

Chrome/Opera öffnet werbe-tabs automatisch!



ESET Log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b737d49be0d7ae45a8f4cde7bbfa8c82
# engine=23894
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-18 09:51:47
# local_time=2015-05-18 11:51:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 283251 308948 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 383089 9068299 0 0
# scanned=665777
# found=58
# cleaned=0
# scan_time=46494
sh=74152A96CD9EB68A7026230FF96A7480433C9AE4 ft=1 fh=6c7fdc0358a13e48 vn="Variante von Win32/Adware.MultiPlug.FC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{113cd23e-792d-f36f-113c-cd23e79248f9}\Download.exe.vir"
sh=98A388D65E95C3D57086C2AB69487B36AFD6D0EC ft=1 fh=2fb87105baa8a719 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=58D40ED6362D9E47DA227E035284DA000615AFB3 ft=1 fh=7af236524416cc53 vn="Variante von Win32/Amonetize.BN evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\berlin tag und nacht netload__3039_i1237306689_il2493085.exe"
sh=E389677B9FB4A312049E3475D4CD076BA140FAA5 ft=1 fh=3beb397f8910d9e2 vn="Variante von Win32/DepoDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\dfdownloader_RCEQvH_.exe"
sh=293CED1D01AC672EB0C102E85789FD63F55894E9 ft=1 fh=6f0bf7e30b4b56ae vn="Win32/InstallMonetizer.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\Google_Books_25Downloader (1).exe"
sh=293CED1D01AC672EB0C102E85789FD63F55894E9 ft=1 fh=6f0bf7e30b4b56ae vn="Win32/InstallMonetizer.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\Google_Books_25Downloader.exe"
sh=06FF1B646E4ECE39AA98C7E7D14E65A9E8D728C0 ft=1 fh=f40bab85a4383b26 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=2AC615DB9417B7366DAD1421955C1816AC616841 ft=1 fh=c8a4027cf6b6f724 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\Pidgin - CHIP-Installer.exe"
sh=D283D6386951142BD6E2F29CAC161E3E85BE0026 ft=1 fh=a7547e6710c51aa7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\PosteRazor - CHIP-Installer.exe"
sh=51D45FC15EFCB8FFB90B4FF531E58F3CC19B9541 ft=1 fh=5aa015384f09b3cc vn="Variante von Win32/Amonetize.BI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\She S Out Of My League P1 1 Av Downloader__3687_i1087644581_il2343677.exe"
sh=40C85E1CFE456374562E3699CB720FFDF2F8D724 ft=1 fh=2fd2f52668ea1d31 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Durdelschön\Downloads\The Sims 3 (E).exe"
sh=E0D69AA8A393FD98AC9899EF3A143C90DF1503F1 ft=1 fh=47978917b33c8b08 vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\Durdelschön\Downloads\vlc-2.1.2-win32 (1).exe"
sh=819F34DFA8341F878BEBCD6DB670DC563CF7CC68 ft=1 fh=e1366a5592db4952 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Windows.old\Users\Durdelschön\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=5E8AA35E52FA6EE0DCDBEA79E79DC36F72D959D5 ft=1 fh=eb3d7c8b3c91213d vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Durdelschön\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBUHQSQ\ism[1].exe"
sh=2A2FD5B25E29CEAB0D0DCD079AB97B50E87C27DA ft=1 fh=e7d1ed22d2bc6bdf vn="Win32/Toolbar.Conduit.AO evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Durdelschön\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9333963\checktbexist[1].exe"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Durdelschön\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNZD3V95\mism[1].exe"
sh=5E8AA35E52FA6EE0DCDBEA79E79DC36F72D959D5 ft=1 fh=eb3d7c8b3c91213d vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Durdelschön\AppData\Local\Temp\ct3297265\ism.exe"
sh=34DCF4AB606C6A1B656DDEC7C7971EBCC65F6CA5 ft=1 fh=f23a3999bb88f751 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="F:\$Recycle.Bin\S-1-5-21-631645926-2448768943-2501434708-1000\$R98LHN2.exe"
sh=1F2C0A5D4CB1B47D1DDC86E3516F06B3ECA63A56 ft=1 fh=94049be6457143fb vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe"
sh=3917147823A758100906ED7D8A3EDB4D11E1F8E9 ft=1 fh=d91bac54e55f9c19 vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\escortShld.dll"
sh=8F74EFE480046FE6E203BE9A311B958F66F22F08 ft=1 fh=e5ed2092366c160f vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicApp.dll"
sh=F4993FA40CF8BEA4D8891DE0D8D72FA257279F97 ft=1 fh=e26e53f8b46b0a54 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicEng.dll"
sh=ADD45A79D905D2D89CE12C54763096F0E6491BC9 ft=1 fh=9d39e6669352d342 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonicsrv.exe"
sh=DF1389D116C8B91DF36BD9121C2E9EC455C9A459 ft=1 fh=60d511d36736ef50 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll"
sh=E1A63F66A02312BF6470BF4EF902D471CDC35841 ft=1 fh=8248559014ea4021 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\uninstall.exe"
sh=54480E6AF73EC89F3FBC7A95D685688D5C7EDD7A ft=1 fh=78d9d64ce1151729 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="F:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll"
sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="F:\Program Files (x86)\Yontoo\YontooIEClient.dll"
sh=AD15BC27674A9060340B300566903EBDFF47EFD9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="F:\Program Files (x86)\Yontoo\YontooLayers.crx"
sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="F:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=2C5B0CC8BA394200310E3485FCA8208D0CC42921 ft=1 fh=defbb31c72c80659 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H18CPR7T\kmplayer_downloader[1].exe"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\conduitinstaller.exe"
sh=AE917E9A53C6606575B3E579D0BCDE355721DE7E ft=1 fh=357de0b51d23de6e vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.3.0.33.exe"
sh=263C23674BB206E37E62C70ACBF836D65EEB0C4F ft=1 fh=9cc8d540d83c9999 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.4.0.59.exe"
sh=5C1740A732A76893C2B6B07D036B1E5EC31154C7 ft=1 fh=3509b20048ef0d72 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.5.0.77.exe"
sh=473A73D9F8848F90F8C5D68B1EDE5A260D9CBF75 ft=1 fh=5a4ca58560fed85f vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.6.0.87.exe"
sh=2C5B0CC8BA394200310E3485FCA8208D0CC42921 ft=1 fh=defbb31c72c80659 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.7.0.109.exe"
sh=2C5B0CC8BA394200310E3485FCA8208D0CC42921 ft=1 fh=defbb31c72c80659 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\KMP_3.7.0.113.exe"
sh=6094F860267514989C42208C1C16FDB41B708783 ft=1 fh=fc2ea652bec368d8 vn="Variante von MSIL/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\SmartbarExeInstaller.exe"
sh=93384EECA6F412B277C9772D96467586723A7E00 ft=1 fh=16a1fce420fc8bf0 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe"
sh=9588275FF7803065136FC9EAF31BDFC74C97A5E3 ft=1 fh=17c2405dd0893139 vn="Mehrere Bedrohungen" ac=I fn="F:\Users\Kuchen\AppData\Local\Temp\YontooSetup-S.exe"
sh=495ADA4EE9CA2DC352A81211D32F1314E46F2D72 ft=1 fh=53d6f5fcee269c1b vn="Win32/Toolbar.Condui