Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Internet auf einmal extrem langsam

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8 und 8.1 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 15.07.2016, 09:36   #1
luke9440
 
Internet auf einmal extrem langsam - Standard

Problem: Internet auf einmal extrem langsam



Hey Leute,

seit gestern abend ist mein Internet extrem langsam. Seiten wie facebook oder web.de brauchen schon ungewohnt lange, Seiten wie twitch oder youtube laden kaum bis garnicht. Auf dem Handy, Laptop und beim Mitbewohner funktioniert alles tadellos. Auch in Spielen wird mir ein Ping/latenz von 8000 ausgeworfen. Jedoch wird bei Downloads wieder der volle Speed genutzt, also in der Hinsicht keine Einschränkung. Habe schon Avast, Spybot und Malwarebytes drüberlaufen lassen. Malwarebytes hat einiges gefunden, wurde behoben, jedoch ohne Veränderung. Router wurde neugestartet. Was könnte das sein?

mfg luke

Alt 15.07.2016, 10:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam Anleitung / Hilfe



Zitat:
Was könnte das sein?
Das sollen wir die sagen, indem du einfach die Logs von Malwarebytes mit den Funden nicht postest? Also Hellseher sind wir hier noch nicht.
__________________

__________________

Alt 15.07.2016, 10:24   #3
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam Details



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 14.07.2016
Suchlaufzeit: 23:26
Protokolldatei: malware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.07.14.11
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 297224
Abgelaufene Zeit: 3 Min., 49 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.SearchManager.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bahkljhhdeciiaodlkppoonappfnheoi, In Quarantäne, [f4ffc95ad0cac076324136be7390e21e], 
PUP.Optional.InstallCore, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\csastats, In Quarantäne, [8d669f84a3f75adcd52f7586976c25db], 
PUP.Optional.DriverAgentPlus, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\ESUPPORT.COM\DriverAgent, In Quarantäne, [688bdc47b3e792a400cae31c6a992ed2], 
PUP.Optional.SearchManager.ChrPRST, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bahkljhhdeciiaodlkppoonappfnheoi, In Quarantäne, [0ee5bc6762387db94810a654c83bd12f], 
PUP.Optional.ProductSetup, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [bb384cd7efab0a2ce9394869719237c9], 
PUP.Optional.SearchManager.ChrPRST, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bahkljhhdeciiaodlkppoonappfnheoi, In Quarantäne, [9c578f941a803ef88ccc42b8c43f0af6], 

Registrierungswerte: 1
PUP.Optional.ProductSetup, HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\PRODUCTSETUP|tb, 0N0U0L1F, In Quarantäne, [bb384cd7efab0a2ce9394869719237c9]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 16
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\external, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\_metadata, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 

Dateien: 81
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}\tila, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}\info.dat, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}\install.log, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}\Sqlite3.dll, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.Cassiopesa, C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}\uninst.dat, In Quarantäne, [c0339390dac00e28719e8b10fc07768a], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_bahkljhhdeciiaodlkppoonappfnheoi_0.localstorage, In Quarantäne, [bd360b188317ba7cb3bff1031ae938c8], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bahkljhhdeciiaodlkppoonappfnheoi_0.localstorage, In Quarantäne, [28cb948fcad073c3b6f03dbaa75c8a76], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\manifest.json, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\background.html, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\favicon.ico, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\newtab.html, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\common.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\lifecycle.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\settings.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\setup.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\utils.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\abtest.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\conf-sys.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\conf.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\nt_ptr.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\prefs-sys.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\prefs.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\settings-dev.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\udata.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\jquery-2.1.1.min.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\md5.min.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\string.min.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\underscore-min.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\AutoSuggest.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\contentscript.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\newtab-base.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-engines.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-form.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-redirect.js, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\newtab.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\search.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\search2.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\styles.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\white_bg.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\external\normalize.css, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\HelveticaNeue-Thin.otf, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\neue-bold.woff, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\neue.woff, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\128.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\16.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\48.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\close.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\01d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\01n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\02d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\02n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\03d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\03n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\04d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\04n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\09d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\09n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\10d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\10n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\11d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\11n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\13d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\13n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\50d.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\50n.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bing.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bluesky-bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\brush.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\clock.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\cloud.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\cupcake-bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\desk-bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\doodle.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\down.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\google.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\mountain-bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\sea-bg.jpg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\yahoo.png, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\yahoo.svg, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 
PUP.Optional.SearchManager.ChrPRST, C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\_metadata\verified_contents.json, In Quarantäne, [25ce081bb6e4d660e25ae1e61ee443bd], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
chromium hat sich wohl mit irgendeiner programminstallation eingeschlichen, achja und sorry
__________________

Alt 15.07.2016, 10:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Lösung: Internet auf einmal extrem langsam



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.07.2016, 10:37   #5
luke9440
 
Internet auf einmal extrem langsam - Standard

Wie Internet auf einmal extrem langsam




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by Lukas (administrator) on LUKAS-PC (15-07-2016 10:35:06)
Running from C:\Users\Lukas\Downloads
Loaded Profiles: Lukas (Available Profiles: Lukas)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) D:\Programme\CCleaner64.exe
() D:\Programme\Drakonia Configurator\hid.exe
(Advanced Micro Devices Inc.) D:\Programme\Catalyst\ATI.ACE\Core-Static\MOM.exe
() D:\Programme\Drakonia Configurator\trayicon.exe
(ATI Technologies Inc.) D:\Programme\Catalyst\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) D:\Games\Steam\Steam.exe
(Valve Corporation) D:\Games\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Games\Steam\bin\steamwebhelper.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [246504 2010-01-11] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GamingMouse] => D:\Programme\Drakonia Configurator\hid.exe [246784 2012-06-07] ()
HKLM-x32\...\Run: [StartCCC] => D:\Programme\Catalyst\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Run: [CCleaner Monitoring] => D:\Programme\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\MountPoints2: {1b7e47d2-0946-11e6-9cb0-bc5ff438f084} - I:\autorun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-15] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /A:"* " /L:"1031" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:5 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2460A66E-28A9-48BB-92BE-EF6A65E574CF}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3131D63C-78B8-4B71-9115-737930D57C48}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{93C2AB2B-FBA6-4461-9A35-C0125F03301B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EB544BE8-8EE4-47CF-A33D-AAA6132185EC}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-764526889-93497828-4280948729-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
HKU\S-1-5-21-764526889-93497828-4280948729-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-32b9a2ed
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKU\S-1-5-21-764526889-93497828-4280948729-1000 -> DefaultScope {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKU\S-1-5-21-764526889-93497828-4280948729-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-15] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-15] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-12-08] (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - D:\Programme\Terratec\ThcDeskBand.dll [2011-06-24] (TerraTec Electronic GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Bing
FF SelectedSearchEngine: Search Provided by Bing
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF user.js: detected! => C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\user.js [2016-03-04]
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\searchplugins\Search Provided by Bing.xml [2016-07-07]
FF Extension: YouTube Unblocker Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\Extensions\addon@ytunblocker.com.xpi [2016-07-08]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-06-10] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome: 
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
CHR Extension: (Google Docs) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
CHR Extension: (Google Drive) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Google Search) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-25]
CHR Extension: (Google Sheets) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-15] (AVAST Software)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-15] (AVAST Software)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [98080 2015-04-01] (<Turtle Entertainment>)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-03-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-16] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTSBDA; C:\Windows\System32\DRIVERS\TerraTecPCI.sys [360568 2010-11-19] (TerraTec Provide)
R3 MtsHID; C:\Windows\System32\DRIVERS\TerraTecPciHid.sys [24696 2010-11-19] (TerraTec Electronic GmbH.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1968-04-08] () [File not signed]
R3 SPC630; C:\Windows\System32\drivers\SPC630.sys [587264 2008-07-07] (                                                            )
R3 SPC630m; C:\Windows\System32\drivers\SPC630m.sys [8192 2008-07-07] (                                                            )
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 10:30 - 2016-07-15 10:35 - 00021735 _____ C:\Users\Lukas\Downloads\FRST.txt
2016-07-15 10:30 - 2016-07-15 10:31 - 00058706 _____ C:\Users\Lukas\Downloads\Addition.txt
2016-07-15 10:29 - 2016-07-15 10:35 - 00000000 ____D C:\FRST
2016-07-15 10:29 - 2016-07-15 10:29 - 02390528 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2016-07-15 10:20 - 2016-07-15 10:20 - 00023598 _____ C:\Users\Lukas\Desktop\malware.txt
2016-07-15 09:26 - 2016-07-15 09:26 - 03712064 _____ C:\Users\Lukas\Downloads\AdwCleaner_5.201.exe
2016-07-15 09:22 - 2016-07-15 09:22 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468317518
2016-07-15 09:22 - 2016-07-15 09:22 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-15 09:21 - 2016-07-15 09:21 - 00145144 _____ C:\Users\Lukas\Documents\cc_20160715_092100.reg
2016-07-15 09:17 - 2016-07-15 09:17 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUKAS-PC-Windows-7-Ultimate-(64-bit).dat
2016-07-15 09:17 - 2016-07-15 09:17 - 00000000 ____D C:\RegBackup
2016-07-15 09:15 - 2016-07-15 09:15 - 00000000 ____D C:\Users\Lukas\Downloads\tweaking.com_windows_repair_aio
2016-07-15 09:11 - 2016-07-15 09:12 - 19731263 _____ C:\Users\Lukas\Downloads\tweaking.com_windows_repair_aio.zip
2016-07-15 08:51 - 2016-07-15 08:51 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-15 08:51 - 2016-07-15 08:51 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-15 08:51 - 2016-07-15 08:50 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-15 07:44 - 2016-07-15 07:44 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-15 07:37 - 2016-07-15 07:37 - 00000984 _____ C:\Users\Lukas\Desktop\Adobe Lightroom.lnk
2016-07-15 07:37 - 2016-07-15 07:37 - 00000984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-07-15 06:12 - 2016-07-15 06:12 - 00000000 ____D C:\Users\Lukas\Downloads\backups
2016-07-14 12:19 - 2016-07-14 12:19 - 07511515 _____ C:\Users\Lukas\Downloads\Fragenkatalog FOBF29.pdf
2016-07-12 15:41 - 2016-07-12 15:42 - 04004197 _____ C:\Users\Lukas\Downloads\karteikarten laubba_ume.pdf
2016-07-12 15:41 - 2016-07-12 15:41 - 01273822 _____ C:\Users\Lukas\Downloads\karteikarten nadelba_ume.pdf
2016-07-11 17:13 - 2016-07-15 07:25 - 00000000 ____D C:\Users\Lukas\Downloads\Removewat Final
2016-07-11 15:54 - 2016-07-11 15:55 - 05165056 _____ C:\Users\Lukas\Downloads\Removewat Final.iso
2016-07-11 15:42 - 2016-07-15 07:25 - 00000000 ____D C:\Program Files\Darktable-2.0
2016-07-11 15:42 - 2016-07-11 15:43 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Darktable2.0
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Darktable-2.0
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Darktable
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\AppData\Local\lensfun
2016-07-11 15:42 - 2016-07-11 15:42 - 00000000 ____D C:\Users\Lukas\.dbus-keyrings
2016-07-11 15:35 - 2016-07-11 15:36 - 49038149 _____ C:\Users\Lukas\Downloads\darktable-2.0.4.dmg
2016-07-07 11:10 - 2016-07-07 11:10 - 00000000 ____D C:\Users\Lukas\Documents\Adobe
2016-07-07 10:55 - 2016-07-07 10:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-07-07 10:54 - 2016-07-15 07:38 - 00000000 ____D C:\Program Files\Adobe
2016-07-07 10:54 - 2016-07-15 07:35 - 00001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-07-07 10:54 - 2016-07-15 07:35 - 00001514 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-07-07 10:51 - 2016-07-07 10:51 - 00000000 ____D C:\Users\Lukas\Desktop\Adobe
2016-07-07 10:36 - 2016-07-07 10:36 - 02113584 _____ C:\Users\Lukas\Downloads\winrar-x64-531d.exe
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-07 10:36 - 2016-07-07 10:36 - 00000000 ____D C:\Program Files\WinRAR
2016-07-07 09:34 - 2016-07-07 10:37 - 00000000 ____D C:\Users\Lukas\Downloads\Adobe Photoshop Lightroom CC 2015 6.6
2016-07-07 09:34 - 2016-07-07 09:34 - 00002031 _____ C:\Users\Lukas\Desktop\JDownloader 2.lnk
2016-07-07 09:34 - 2016-07-07 09:34 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-07-07 09:33 - 2016-07-07 10:33 - 00000000 ____D C:\Users\Lukas\AppData\Local\JDownloader 2.0
2016-07-07 09:31 - 2016-07-07 09:31 - 00076504 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_adfree_2016_1.exe
2016-07-07 09:10 - 2016-07-07 09:09 - 00112128 _____ C:\dmg2img.exe
2016-07-07 09:10 - 2016-07-07 09:09 - 00018011 _____ C:\COPYING
2016-07-07 09:10 - 2016-07-07 09:09 - 00003996 _____ C:\README
2016-07-07 09:10 - 2015-04-21 20:40 - 764907520 _____ C:\lightroom.dmg
2016-07-07 09:09 - 2016-07-07 09:09 - 00000000 ____D C:\Users\Lukas\Downloads\dmg2img-1.6.5-win32
2016-07-07 09:08 - 2016-07-07 09:09 - 00065546 _____ C:\Users\Lukas\Downloads\dmg2img-1.6.5-win32.zip
2016-07-07 08:59 - 2016-07-07 08:59 - 00001003 _____ C:\Users\Lukas\Desktop\AnyToISO.lnk
2016-07-07 08:59 - 2016-07-07 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyToISO
2016-07-07 08:59 - 2016-07-07 08:59 - 00000000 ____D C:\Program Files (x86)\AnyToISO
2016-07-07 08:47 - 2016-07-07 08:47 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\PowerISO
2016-07-07 08:32 - 2016-07-07 08:32 - 00002207 _____ C:\Users\Lukas\Desktop\Chromium.lnk
2016-07-07 08:32 - 2016-07-07 08:32 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-07-07 08:31 - 2016-07-15 07:25 - 00000000 ____D C:\Users\Lukas\AppData\Local\{7C044A58-58AC-26E0-3534-0308115CFF90}
2016-07-07 08:30 - 2016-07-15 07:25 - 00000000 ____D C:\Program Files\PowerISO
2016-07-07 08:19 - 2016-07-07 08:19 - 03589456 _____ (Power Software Ltd) C:\Users\Lukas\Downloads\PowerISO6-x64.exe
2016-07-07 07:39 - 2015-04-22 10:58 - 00000000 ____D C:\Users\Lukas\Downloads\Lightroom 6.0 MAC
2016-07-07 07:37 - 2016-07-07 03:31 - 240619916 _____ C:\Users\Lukas\Desktop\01424.part3(1).rar
2016-07-07 07:37 - 2016-07-06 22:44 - 262144000 _____ C:\Users\Lukas\Desktop\01424.part2.rar
2016-07-07 07:37 - 2016-07-06 22:15 - 262144000 _____ C:\Users\Lukas\Desktop\01424.part1.rar
2016-07-07 07:37 - 2015-04-22 10:58 - 00000000 ____D C:\Users\Lukas\Desktop\Lightroom 6.0 MAC
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Sn_L - Str F
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Rd. H. C. Pp. - T_G
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\F_V & Grx-Oxn(1)
2016-06-25 16:00 - 2016-06-25 16:00 - 00000000 ____D C:\Users\Lukas\Downloads\Ds - Mg_F_v
2016-06-25 15:56 - 2016-06-25 15:57 - 23374808 _____ C:\Users\Lukas\Downloads\Ds - Mg_F_v.zip
2016-06-25 15:54 - 2016-06-25 16:00 - 130564557 _____ C:\Users\Lukas\Downloads\Rd. H. C. Pp. - T_G.zip
2016-06-25 15:53 - 2016-06-25 15:56 - 54821505 _____ C:\Users\Lukas\Downloads\Sn_L - Str F.zip
2016-06-25 15:43 - 2016-06-25 15:50 - 165580240 _____ C:\Users\Lukas\Downloads\F_V & Grx-Oxn(1).zip
2016-06-17 15:19 - 2016-06-17 15:19 - 00000561 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 15:18 - 2016-06-17 15:18 - 06893008 _____ (Piriform Ltd) C:\Users\Lukas\Downloads\ccsetup518.exe
2016-06-17 14:12 - 2016-06-17 14:12 - 00000000 ____D C:\Users\Lukas\Documents\Ashampoo Burning Studio FREE
2016-06-17 14:12 - 2016-06-17 14:12 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Ashampoo
2016-06-16 17:33 - 2016-06-16 17:33 - 00000000 ____D C:\Users\Lukas\Downloads\WinXP
2016-06-16 16:32 - 2016-06-16 16:37 - 00000000 ____D C:\Users\Lukas\AppData\Local\Ubisoft Game Launcher
2016-06-16 16:32 - 2016-06-16 16:32 - 00001197 _____ C:\Users\Lukas\Desktop\Uplay.lnk
2016-06-16 16:32 - 2016-06-16 16:32 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-16 16:32 - 2016-06-16 16:32 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-15 20:01 - 2016-06-15 23:56 - 00000000 ____D C:\Users\Lukas\AppData\Local\CallofDuty4MW
2016-06-15 20:00 - 2016-06-15 20:00 - 00000000 ____D C:\Users\Lukas\Documents\cod4x_client
2016-06-15 00:13 - 2016-06-10 19:37 - 201261009 ____N C:\Users\Lukas\Desktop\20160610_193658.mp4
2016-06-15 00:13 - 2016-06-10 19:31 - 221967038 ____N C:\Users\Lukas\Desktop\20160610_193038.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 10:34 - 2015-10-27 22:04 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\NetSpeedMonitor
2016-07-15 10:15 - 2015-02-25 23:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-15 10:12 - 2015-09-09 17:07 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA.job
2016-07-15 09:55 - 2014-12-08 05:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-15 09:36 - 2015-10-28 21:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-15 09:30 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-15 09:30 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-15 09:28 - 2014-12-08 04:13 - 00697968 _____ C:\Windows\system32\perfh007.dat
2016-07-15 09:28 - 2014-12-08 04:13 - 00149434 _____ C:\Windows\system32\perfc007.dat
2016-07-15 09:28 - 2009-07-14 07:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-15 09:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-15 09:22 - 2015-10-28 21:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-15 09:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-15 09:20 - 2009-07-14 04:34 - 00000541 _____ C:\Windows\win.ini
2016-07-15 09:07 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-07-15 09:07 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-07-15 08:52 - 2014-12-08 04:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146856552194705
2016-07-15 08:51 - 2014-12-08 04:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146856550183702
2016-07-15 08:51 - 2014-12-08 04:53 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-15 08:51 - 2014-12-08 04:53 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-15 08:50 - 2014-12-08 04:53 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-15 08:35 - 2015-03-25 10:39 - 00000000 ____D C:\Users\Lukas\AppData\Local\Spotify
2016-07-15 08:35 - 2015-03-25 10:38 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Spotify
2016-07-15 07:57 - 2016-01-23 22:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-15 07:57 - 2015-08-04 18:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-15 07:55 - 2014-12-08 05:10 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 07:55 - 2014-12-08 05:10 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-15 07:55 - 2014-12-08 05:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 07:44 - 2014-12-08 05:37 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2016-07-15 07:37 - 2014-12-08 14:57 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-07-15 07:37 - 2014-12-08 05:10 - 00000000 ____D C:\Users\Lukas\AppData\Local\Adobe
2016-07-15 07:31 - 2014-12-08 04:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-15 07:31 - 2014-12-08 03:44 - 00000000 ____D C:\Users\Lukas
2016-07-15 07:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-15 07:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-07-15 07:26 - 2014-12-08 04:00 - 00066976 _____ C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-15 07:26 - 2009-07-14 06:45 - 00303472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-15 07:25 - 2015-12-03 18:48 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-15 07:25 - 2015-12-02 17:01 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Battle.net
2016-07-15 07:25 - 2015-09-09 17:07 - 00000000 ____D C:\Users\Lukas\AppData\Local\Dropbox
2016-07-15 07:25 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-15 07:25 - 2015-02-26 00:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-07-15 07:25 - 2015-02-26 00:19 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-15 07:25 - 2014-12-08 05:56 - 00000000 ____D C:\Windows\pss
2016-07-15 07:25 - 2014-12-08 05:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-15 07:25 - 2014-12-08 05:11 - 00000000 ____D C:\ProgramData\Adobe
2016-07-15 07:25 - 2014-12-08 05:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-15 07:25 - 2014-12-08 05:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-15 07:25 - 2014-12-08 04:59 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Adobe
2016-07-15 07:25 - 2014-12-08 04:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-15 07:25 - 2014-12-08 04:53 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-15 07:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-07-15 06:17 - 2014-12-08 05:26 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TeamViewer
2016-07-14 23:36 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-07-10 12:52 - 2014-12-08 05:29 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TS3Client
2016-07-09 06:56 - 2015-12-02 17:01 - 00000000 ____D C:\Users\Lukas\AppData\Local\Battle.net
2016-07-08 23:47 - 2014-12-08 15:05 - 00000000 ____D C:\Users\Lukas\AppData\Local\ElevatedDiagnostics
2016-07-07 09:43 - 2015-12-02 17:00 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-07 09:12 - 2014-12-08 03:44 - 00000000 ____D C:\Users\Lukas\AppData\Local\VirtualStore
2016-07-07 08:32 - 2015-03-30 20:38 - 00000000 ____D C:\Users\Lukas\AppData\Local\Chromium
2016-07-07 08:08 - 2014-12-08 05:18 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2016-07-07 02:16 - 2014-12-11 22:58 - 00282472 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-07-06 19:49 - 2015-09-09 17:07 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core.job
2016-07-05 12:34 - 2014-12-08 05:20 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Skype
2016-07-05 12:28 - 2014-12-08 05:20 - 00000000 ____D C:\ProgramData\Skype
2016-06-19 21:39 - 2015-10-28 21:49 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-19 21:39 - 2015-10-28 21:49 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-19 21:37 - 2016-03-05 00:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 15:19 - 2014-12-08 05:16 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-17 15:07 - 2014-12-08 05:42 - 00000000 ____D C:\Users\Lukas\Desktop\Uni
2016-06-15 00:18 - 2014-12-08 18:34 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-02-24 00:07 - 2015-02-25 15:14 - 0000124 _____ () C:\Users\Lukas\AppData\Roaming\WB.CFG
2015-02-25 15:13 - 2015-02-25 15:13 - 0274045 _____ () C:\Users\Lukas\AppData\Local\dsi1.dat
2015-02-25 15:13 - 2015-02-25 15:13 - 0161916 _____ () C:\Users\Lukas\AppData\Local\dsi2.dat

Files to move or delete:
====================
C:\Users\Lukas\laZagne.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-01 06:59

==================== End of FRST.txt ============================
         
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by Lukas (2016-07-15 10:35:59)
Running from C:\Users\Lukas\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-08 01:44:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-764526889-93497828-4280948729-500 - Administrator - Disabled)
Guest (S-1-5-21-764526889-93497828-4280948729-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-764526889-93497828-4280948729-1002 - Limited - Enabled)
Lukas (S-1-5-21-764526889-93497828-4280948729-1000 - Administrator - Enabled) => C:\Users\Lukas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Amazon Music (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.3 - CrystalIdea Software, Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Borderlands - The Pre-Sequel (HKLM-x32\...\Borderlands - The Pre-Sequel_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Call of Duty Modern Warfare 3 (c) Activision version 1 (HKLM-x32\...\Call of Duty Modern Warfare 3 (c) Activision_is1) (Version: 1 - )
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cinergy C PCI HD Driver Installation (64 Bit) (HKLM-x32\...\{5A775CBD-03A6-4832-820C-20C0DC57E2E5}) (Version: 1.01.02.501 - TERRATEC Electronic GmbH)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Dropbox (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains dotPeek 1.3 Update 1 (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\{ac382b74-501b-5db7-80b9-d3949a5a90e7}) (Version: 1 - JetBrains s.r.o.)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
OpenVPN 2.3.6-I001  (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.8232  - TeamViewer GmbH)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.25.6 - )
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Driver Package - TERRATEC  Cinergy C PCI (11/18/2010 1.01.02.501) (HKLM\...\CB911E83C421B81249FF40C42D1544261A839B84) (Version: 11/18/2010 1.01.02.501 - TERRATEC )
Windows Driver Package - TERRATEC  Cinergy C/S2 PCI Infrared (05/21/2010 1.00.03.201) (HKLM\...\8D0D8EE2347DC7FE9BD534792E76CD8F22681D44) (Version: 05/21/2010 1.00.03.201 - TERRATEC )
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-764526889-93497828-4280948729-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04E2B065-B0A4-49FD-8882-027158F49538} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-09] (Dropbox, Inc.)
Task: {0E378ECB-CA6D-46B5-936D-06A4E79DAAB1} - System32\Tasks\{CF8566FF-9782-4C77-B4DF-41528EAC16F4} => pcalua.exe -a "F:\Spiele\Spiele\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele\Spiele\Call of Duty 4 - Modern Warfare"
Task: {1EB9D489-7E75-4158-9F22-3D3A847F701E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3764B28E-5FFA-4634-A137-E4B1F286B898} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-09] (AVAST Software)
Task: {3CAAE072-C518-41C5-B0E5-3BF4192A5007} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {497FC118-AB17-4745-AC8A-CE7596848B3C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {4A828AA7-AB20-47CD-AC0D-BE3D18557319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {77DD25CB-A505-45A3-B159-CFDB697F2C29} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-15] (AVAST Software)
Task: {7F1CA3A6-D970-41AA-A1C3-59E4E0766D06} - System32\Tasks\SafeZone scheduled Autoupdate 1468317518 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {9E77C808-C2C6-471A-9ABF-F2085FBD684B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {AFDD54C6-6F2F-4293-91A9-DB6404118FF4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {C1B2050A-AF93-4BAB-813F-39C449D131A4} - System32\Tasks\{FF71365C-48A8-4B6D-B5CC-0E32F84912ED} => pcalua.exe -a F:\Seagate\Setup.exe -d F:\Seagate
Task: {C44FE226-95A3-45E3-949D-72E07AAEC1D7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-09] (Dropbox, Inc.)
Task: {C9559BD2-6326-4841-A83B-58617B119608} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DB5C643D-F959-4570-9353-5C9FB7BD98EC} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {EC9AFFC2-5538-44DA-A788-7E346812B9E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {F0BFD3FD-F090-471A-9B75-488871CE0DDF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F6FF1DBB-548F-4545-A0A2-382E95BA6AA2} - System32\Tasks\{52A3A8E2-8D99-4972-AB59-D401CA087447} => pcalua.exe -a C:\Users\Lukas\Downloads\aomwin200ea24us.exe -d C:\Users\Lukas\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000Core.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-764526889-93497828-4280948729-1000UA.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-04-01 17:49 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2015-04-01 17:49 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2015-01-04 21:42 - 2015-01-04 21:42 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () D:\Programme\lang\lang-1031.dll
2014-12-08 15:06 - 2012-06-07 11:24 - 00246784 _____ () D:\Programme\Drakonia Configurator\hid.exe
2014-12-08 15:06 - 2012-03-05 14:46 - 00240640 _____ () D:\Programme\Drakonia Configurator\trayicon.exe
2016-07-15 08:51 - 2016-07-15 08:51 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 03000832 _____ () C:\Program Files\AVAST Software\Avast\defs\16071401\algo.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-02-26 00:19 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-26 00:19 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-26 00:19 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-26 00:19 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-26 00:19 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-07-15 08:51 - 2016-07-15 08:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-08 15:06 - 2011-11-22 15:18 - 00061440 _____ () D:\Programme\Drakonia Configurator\HidDevice.dll
2014-12-08 15:06 - 2011-11-22 15:18 - 00249856 _____ () D:\Programme\Drakonia Configurator\language.dll
2015-03-19 04:57 - 2015-03-19 04:57 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\582f6038931a9b63060e663814d293d0\PSIClient.ni.dll
2014-12-08 03:59 - 2012-07-18 07:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-08 07:02 - 2016-04-29 22:10 - 00785920 _____ () D:\Games\Steam\SDL2.dll
2015-01-20 15:06 - 2015-07-03 18:12 - 04962816 _____ () D:\Games\Steam\v8.dll
2015-01-20 15:06 - 2015-07-03 18:12 - 01556992 _____ () D:\Games\Steam\icui18n.dll
2015-01-20 15:06 - 2015-07-03 18:12 - 01187840 _____ () D:\Games\Steam\icuuc.dll
2014-12-08 07:02 - 2016-07-09 03:06 - 02317904 _____ () D:\Games\Steam\video.dll
2014-12-08 07:02 - 2016-02-09 01:14 - 02549760 _____ () D:\Games\Steam\libavcodec-56.dll
2014-12-08 07:02 - 2016-02-09 01:14 - 00442880 _____ () D:\Games\Steam\libavutil-54.dll
2014-12-08 07:02 - 2016-02-09 01:14 - 00491008 _____ () D:\Games\Steam\libavformat-56.dll
2014-12-08 07:02 - 2016-02-09 01:14 - 00332800 _____ () D:\Games\Steam\libavresample-2.dll
2014-12-08 07:02 - 2016-02-09 01:14 - 00485888 _____ () D:\Games\Steam\libswscale-3.dll
2014-12-08 07:04 - 2016-07-09 03:06 - 00829520 _____ () D:\Games\Steam\bin\chromehtml.DLL
2016-03-10 18:33 - 2016-07-07 00:00 - 00266560 _____ () D:\Games\Steam\openvr_api.dll
2014-12-08 07:04 - 2016-06-14 21:14 - 49826080 _____ () D:\Games\Steam\bin\libcef.dll
2015-01-20 15:06 - 2015-09-25 01:56 - 00119208 _____ () D:\Games\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7871 more sites.

IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-764526889-93497828-4280948729-1000\...\123simsen.com -> www.123simsen.com

There are 7871 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-15 09:20 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-764526889-93497828-4280948729-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Lukas\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "D:\Programme\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F6D2C87DA1C5E1CD04E36E350E087CDA => "C:\Users\Lukas\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Lukas\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lukas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44DB967C-6610-42AA-B55B-650D14881013}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{56950DEA-D48F-4BBD-B2A2-3E3685E463A4}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{052FDF99-F22E-42D8-AA99-0C5388051C93}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{77148A76-AFBB-46BC-ABD3-3965DE46F44A}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{A395AFE8-23FB-4D10-9B6B-E44AC1359173}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2935C15E-EC0B-4BB4-81F3-FAAD774D13CF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{A1C23C7F-CACD-4AD5-807B-77C23CE1A361}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7990AF6A-A639-4D66-8C68-0351E54AF54B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{E468FFAF-AB0F-4078-ACC3-4DDA3F8F7471}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{75E8BAF3-C345-421E-BDD2-F98A2324FC2F}] => (Allow) D:\Programme\Terratec\CinergyDvr.exe
FirewallRules: [{05F4979D-F4B1-493A-A4B8-F669AAC3C397}] => (Allow) D:\Programme\Terratec\CinergyDvr.exe
FirewallRules: [{F83E01FE-A3E7-4C70-88FD-C5683E40F354}] => (Allow) D:\Programme\Terratec\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{E7650AE3-6D10-4BBF-8C19-DB42342A51B1}] => (Allow) D:\Programme\Terratec\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{EA883A98-3B12-4D71-B555-8EE0A801B533}] => (Allow) D:\Programme\Terratec\VersionCheck\VersionCheck.exe
FirewallRules: [{E68D81F0-EB99-4833-8708-13A8FD036E1F}] => (Allow) D:\Programme\Terratec\VersionCheck\VersionCheck.exe
FirewallRules: [{84E974FC-4310-4A81-B1F0-A7DC0B54F108}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A6974DC0-E3D9-45DD-A145-CE461686E649}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{90DB6EED-70B4-4019-B3D9-79CB92803BA7}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{F4F7DE0C-CC50-4E20-AC3E-328F1944B318}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{411B7511-8EA3-4F39-8852-0CE7FEB22D93}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FEC578FB-EA77-4071-A58F-F04375BC217E}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C5911614-43B1-4441-ACC4-82DAD690887F}] => (Allow) D:\Games\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{368FC244-6266-4D46-8AEA-79D38FF80976}] => (Allow) D:\Games\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{25F43864-9031-47CC-9D04-F08466A5F581}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C8E723A1-A044-43D4-89A0-410BBF3146C1}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{83DA8F47-C5FE-483B-A799-E914BBF4CFFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{717C12FF-31C3-451B-B0C2-04BEC3FD713C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8AB6B9EE-A628-40BF-B18D-4931656C9731}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5E20F050-8160-458F-8816-9EEDD109D813}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{11CDE5AF-7230-45CA-9779-9CC284A790C5}] => (Allow) D:\Games\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{AD55BAFF-69F2-40D4-A6C8-1A92C9733407}] => (Allow) D:\Games\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{A8DC4377-0CD0-4781-94F5-7337B9CC4031}] => (Allow) D:\Games\BF4\Battlefield 4\bf4.exe
FirewallRules: [{B80E16E7-7D79-487B-B47F-11510F8532D2}] => (Allow) D:\Games\BF4\Battlefield 4\bf4.exe
FirewallRules: [{A4619CBC-44DE-41A8-9926-0D5E94B7ED55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DD2A46A-D7AB-4AE2-9EA4-2FA29D540EE2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA6F928C-AACA-4399-8FEC-5380FF083CB4}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{7C4AC428-D8BB-4018-8F9E-A00BB152DF0C}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C4535119-50D3-443D-97A2-99D18978AF1B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4856A6CB-BD51-451E-9F9C-FFE8E3EE0979}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C809D949-AB88-4DE9-B3B4-D2BAE58F49E9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3EABBC38-5371-499C-AFD3-FB5CBDB80B09}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{359AF6C6-8367-4727-BAA4-64034537647B}] => (Allow) D:\Games\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{2962AE22-E39C-414F-B9FE-4D8CF4796E39}] => (Allow) D:\Games\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [TCP Query User{C68D481E-EBE1-4829-A303-B4F3C5198A9A}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A41E19EA-FEDA-4594-8A8E-9D7BF015C3BC}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{89299151-2BC0-4C29-B853-2D7D78A7AF57}] => (Allow) D:\Games\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{90F8EDAA-1E6C-40F5-95B4-D6DD820E84AC}] => (Allow) D:\Games\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{D0CFC8CC-4CCF-499D-AFA3-F9BDE82D9263}] => (Allow) D:\Games\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{CA2665CF-A8E1-42D7-AF02-D0D33FAC2F72}] => (Allow) D:\Games\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{4A97858F-1233-4454-8555-7239376E783A}] => (Allow) C:\Users\Lukas\AppData\Local\Temp\{A9BDBA73-AC07-47C0-9A95-2D53315F6A37}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{AC45EBE3-E9B1-4E1D-A227-3CF987726BE1}] => (Allow) C:\Users\Lukas\AppData\Local\Temp\{A9BDBA73-AC07-47C0-9A95-2D53315F6A37}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [TCP Query User{33D91F5C-B98D-4CA9-B97C-3A15168765DE}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1CA44424-7A5F-4097-92DD-EEBC741C94E9}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F0889343-6695-4F6C-99E8-ECF4A56BA367}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1568127-0F94-4BFE-A404-F6C28F073187}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{29F074DE-388D-4AB5-AF74-2F56193E5E57}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EFC36B5C-155F-479F-9DE7-C4EC6BD26A65}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4F809EB2-F531-41BD-A6AE-4CEB0642AC6E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{909E9F74-EDC4-4FB1-A2BA-75760DD9FED9}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{AB9C3771-21E6-464B-94F0-6E4BDD36CD7F}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{17784E5F-AC92-4D33-A4D9-2FC1A1E26BDF}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [TCP Query User{B1B05BCB-D607-445C-BF99-6517217B8415}D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BD781373-9B4F-4911-83BF-4074F19C9631}D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\mine\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2C6BE9E2-67B6-4C9C-86A1-00424692177F}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5CD69650-D53C-48F7-A10D-C442136B62E6}] => (Allow) D:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{DB9791A8-A254-4337-A1A3-37CA68E83153}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E4C49202-6DCD-4B48-B9F8-3C522B57269C}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8B9B81C9-ABCC-43A9-A2CD-A1D6596C26FF}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Block) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{0CE4DAED-A7EF-4610-BB40-967D5B7D596E}D:\games\steam\steamapps\common\counter-strike source\hl2.exe] => (Block) D:\games\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{8C1AAD0E-3B64-40ED-88E2-FEAA4BDBFB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{F9DA5F8D-012D-4ABA-9B08-1678F94544AD}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6644A8DF-A109-4F62-96FA-B0E5AA21BC31}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E192567A-BCFE-4C96-9B18-9290EACA6951}] => (Allow) D:\Games\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [TCP Query User{B6160239-4B08-43A8-99E0-A595BC53A8A7}D:\games\steam\steamapps\common\half-life\hl.exe] => (Block) D:\games\steam\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{0231D583-37C8-4EF2-A6FE-75000090CBA5}D:\games\steam\steamapps\common\half-life\hl.exe] => (Block) D:\games\steam\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{6389019D-EDDD-481E-869A-4EFD994E8D6A}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{9264488E-59A1-4BC5-B70D-17BC32D51937}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{83526243-0025-40C2-9276-93837A6C99B8}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{BECAFFDF-403E-41EA-9AC6-2B9530E43FB6}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{2F10602E-91A2-44D6-A7A4-531EEABD9CA8}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{5961E1D5-1739-4A3A-A1C9-8EB3687A22EA}D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\games\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{810A4EDD-29C6-4553-BD82-082217B251B1}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F20EAE0B-ACC9-44A5-8377-95D7DA394337}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09FB7925-7745-4D47-B773-30940FBF711D}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{491286E2-C919-4CF8-95F0-49061FC04F7F}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{28A4F5C6-6E07-4049-BF1A-2ABC7870CB7F}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{CF32CB95-70FC-44B7-897C-BD5D35505C84}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{84430685-EC57-467C-BD29-B2DBEC942BCD}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{45F61ED1-B471-49A2-9ACE-21708EDF839D}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{6742EEB0-AE7C-4CB0-8A49-1AE1696E5F29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D777D57-142F-41B6-9021-6C3D40F83C22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CBB8FEE2-A4A8-4CB9-98FC-3B5F37F433EC}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{FE8D3252-3EE5-4693-A66E-53859557F27F}D:\games\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) D:\games\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{33960166-2E90-499B-A36F-FBE3D729FF61}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B29216CE-282F-4C42-B144-C3643FAB6889}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{BC1BA297-E805-427C-9B03-C9771D153D8F}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{EA70EF93-ADFE-4F33-B456-6F096D351779}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{980711DA-0546-434E-BB0F-1A298F0E8BCB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F061B973-EA33-4DCB-9699-4855A6B773AD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{A8E343F0-1596-4746-A5E5-388BF2DD50C9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F9DBEBE3-5F79-466D-BD97-C2D07DC14FF8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{2963F8CD-C5C3-4A58-8B12-FC1AA0D734D4}I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{CE278F71-86D6-4735-9938-234BA3CD100F}I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) I:\spiele\spiele\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{1A8A1BAA-5E2C-4750-8AC3-FE27A56454F0}D:\games\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\games\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{38DCE337-3792-42D1-A297-068DF0B07368}D:\games\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\games\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{BE8A200C-FA9B-453A-AD54-E8115A23F1BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FE91EFB-E541-44EB-B177-16A39D718E2C}] => (Allow) D:\Games\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{559A0623-8E09-46B1-BE47-8A73F0B37306}] => (Allow) D:\Games\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{3A3D889E-D283-4400-BC82-AACEBD69EC8A}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{44CF4D80-BD98-494E-AA93-3A214463AAB8}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{CD5E678D-C079-42A3-92FC-008CF48F6C31}] => (Allow) C:\Users\Lukas\AppData\Local\Chromium\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

15-07-2016 07:26:33 avast! antivirus system restore point
15-07-2016 07:30:15 Wiederherstellungsvorgang
15-07-2016 07:35:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
15-07-2016 07:36:02 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2016 09:22:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2016 09:07:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4859a219
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55afd843
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00032973
ID des fehlerhaften Prozesses: 0x143c
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3

Error: (07/15/2016 08:37:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2016 08:35:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2016 07:43:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17923, Zeitstempel: 0x55945dbd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55b02e88
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ac04
ID des fehlerhaften Prozesses: 0x1b18
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3

Error: (07/15/2016 07:32:04 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (avast! antivirus system restore point). Zusätzliche Informationen: 0xc0000022.

Error: (07/15/2016 07:31:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2016 07:31:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl) konnten nicht installiert werden. Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (07/15/2016 07:26:20 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030). Zusätzliche Informationen: 0xc0000022.

Error: (07/15/2016 07:26:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/15/2016 09:20:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5 = Zugriff verweigert


Error: (07/15/2016 09:20:10 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5 = Zugriff verweigert


Error: (07/15/2016 07:41:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (07/15/2016 07:41:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (07/15/2016 07:26:33 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (07/15/2016 07:26:33 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (07/15/2016 07:26:33 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (07/12/2016 12:08:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/11/2016 12:36:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (07/10/2016 06:27:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.


CodeIntegrity:
===================================
  Date: 2016-07-15 09:22:10.982
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-15 09:22:10.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-15 05:55:54.028
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-15 05:55:53.982
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 23:36:55.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 23:36:55.091
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 23:20:38.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 23:20:38.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 22:33:09.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-14 22:33:09.075
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz
Percentage of memory in use: 31%
Total physical RAM: 8087.39 MB
Available physical RAM: 5553.87 MB
Total Virtual: 16172.99 MB
Available Virtual: 13282.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:48.79 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:41.74 GB) NTFS
Drive f: (Transcend) (Fixed) (Total:931.51 GB) (Free:402.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0404ACF5)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FB1493D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0056091B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         
--- --- ---


Alt 15.07.2016, 11:12   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Wo Internet auf einmal extrem langsam Lösung!



Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
--> Internet auf einmal extrem langsam

Alt 15.07.2016, 11:18   #7
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam



okey, hab avast immer als okey eingeschätzt. wurde deinstalliert und rechner wurde rebootet.
achja schon mal großes lob an das board, so schnell wie ihr reagiert

Alt 15.07.2016, 11:21   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.07.2016, 11:36   #9
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam



es wurde keine malware gefunden

Alt 15.07.2016, 11:45   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



Bitte das Log wie in der Anleitung beschrieben posten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.07.2016, 11:55   #11
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.07.15.03
  rootkit: v2016.05.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Lukas :: LUKAS-PC [administrator]

15.07.2016 11:29:29
mbar-log-2016-07-15 (11-29-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 296019
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 15.07.2016, 12:30   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.07.2016, 12:43   #13
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.201 - Logfile created 15/07/2016 at 12:39:49
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-14.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Lukas - LUKAS-PC
# Running from : C:\Users\Lukas\Downloads\AdwCleaner_5.201(1).exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\DownloadManager
[#] Folder Deleted : C:\ProgramData\Application Data\DownloadManager
[-] Folder Deleted : C:\Program Files (x86)\eSupport.com
[-] Folder Deleted : C:\Program Files (x86)\Startfenster
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\eSupport.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[#] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\startfenster.lnk
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[#] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\startfenster.lnk
[-] File Deleted : C:\Users\Lukas\Favorites\Startfenster.lnk
[#] File Deleted : C:\Users\Lukas\Favorites\startfenster.lnk
[-] File Deleted : C:\Users\Lukas\Favorites\Links\Startfenster.lnk
[#] File Deleted : C:\Users\Lukas\Favorites\Links\startfenster.lnk
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
[#] File Deleted : C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\startfenster.lnk
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\searchplugins\Search Provided by Bing.xml

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster

***** [ Web browsers ] *****

[-] [C:\Users\Lukas\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Extension] Deleted : bahkljhhdeciiaodlkppoonappfnheoi

*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2637 bytes] - [15/07/2016 12:39:49]
C:\AdwCleaner\AdwCleaner[S1].txt - [2727 bytes] - [15/07/2016 12:38:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2783 bytes] ##########
         
--- --- ---

[/CODE]

JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Ultimate x64 
Ran by Lukas (Administrator) on 15.07.2016 at 12:42:14,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18 

Successfully deleted: C:\Users\Lukas\AppData\Local\worldoftanks (Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\iw05vkuz.default-1446060891336\user.js (File) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7ZK055 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCALSS7W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OP3S6A5A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4MEZSIF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7ZK055 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCALSS7W (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OP3S6A5A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4MEZSIF (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2016 at 12:43:18,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Geändert von luke9440 (15.07.2016 um 13:02 Uhr)

Alt 15.07.2016, 12:56   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



Log vom adwCleaner ist unvollständig
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.07.2016, 13:03   #15
luke9440
 
Internet auf einmal extrem langsam - Standard

Internet auf einmal extrem langsam [gelöst]



wurde editiert

Antwort

Themen zu Internet auf einmal extrem langsam
abend, avast, brauche, downloads, extrem, funktionier, funktioniert, genutzt, gestern, handy, interne, internet, laden, lange, langsam, laptop, leute, malwarebytes, router, seite, seiten, speed, spiele, spybot, youtube



Ähnliche Themen: Internet auf einmal extrem langsam


  1. Internet auf einmal langsam, hohe Pingzeiten, Verbindungsabbrüche
    Plagegeister aller Art und deren Bekämpfung - 19.02.2015 (11)
  2. Internet auf einmal langsam, niedrige Latenz bei Online-Spiel
    Plagegeister aller Art und deren Bekämpfung - 16.02.2015 (3)
  3. Internet auf einmal sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (25)
  4. Windows 7: PC startet auf einmal extrem langsam
    Log-Analyse und Auswertung - 16.08.2014 (14)
  5. PC auf einmal extrem langsam
    Log-Analyse und Auswertung - 27.12.2013 (17)
  6. PC auf einmal extrem langsam beim Laden von Programmen
    Log-Analyse und Auswertung - 08.10.2013 (5)
  7. Was tun wenn mein internet auf einmal so langsam ist
    Alles rund um Windows - 17.06.2013 (4)
  8. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  9. Virusverdacht (Computer auf einmal extrem langsam)
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (27)
  10. XP alle Browser auf einmal extrem langsam
    Alles rund um Windows - 05.11.2012 (5)
  11. Internet auf einmal sehr langsam...
    Plagegeister aller Art und deren Bekämpfung - 30.09.2012 (13)
  12. PC auf einmal extrem langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 17.05.2012 (1)
  13. Computer auf einmal extrem langsam, windows neuinstallation nicht möglich (vermutlich virus)
    Log-Analyse und Auswertung - 25.04.2011 (1)
  14. Internet geht auf einmal so langsam und bleibt auch öfters stehen!
    Log-Analyse und Auswertung - 09.10.2010 (1)
  15. Internet ist auf einmal langsam obwohl Trojaner gelöscht Iepy.exe
    Log-Analyse und Auswertung - 18.12.2009 (1)
  16. Internet auf einmal sehr langsam
    Log-Analyse und Auswertung - 18.11.2007 (0)
  17. Internet Verbindung auf einmal extrem langsam!!
    Log-Analyse und Auswertung - 01.10.2007 (8)

Zum Thema Internet auf einmal extrem langsam - Hey Leute, seit gestern abend ist mein Internet extrem langsam. Seiten wie facebook oder web.de brauchen schon ungewohnt lange, Seiten wie twitch oder youtube laden kaum bis garnicht. Auf dem - Internet auf einmal extrem langsam...
Archiv
Du betrachtest: Internet auf einmal extrem langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.