Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Simon-Admin at 2015-01-19 20:09:00
Running from C:\Users\Simon-Admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version: - )
AIVIA GHOST (HKLM-x32\...\{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}) (Version: 1.08.0000 - GIGABYTE)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
Dropbox (HKU\S-1-5-21-3157635539-2998892254-425246051-1001\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Evolve [Closed Beta] (HKLM-x32\...\Steam App 203190) (Version: - Turtle Rock Studios)
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3157635539-2998892254-425246051-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3157635539-2998892254-425246051-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3157635539-2998892254-425246051-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simon-Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-01-2015 23:52:46 DirectX wurde installiert
10-01-2015 13:32:48 Geplanter Prüfpunkt
13-01-2015 22:55:28 Windows Update
17-01-2015 10:08:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05575429-CA0B-480B-9644-880911CA1211} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-13] (Microsoft Corporation)
Task: {2F02E36B-5961-4551-A458-3049B14C2F5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-25] (Google Inc.)
Task: {6803C5DB-BE47-4828-B806-C5E700D9EB1B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3157635539-2998892254-425246051-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {7D346E7D-2943-4AFA-9E4B-03DCAFAC6FDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {FB717DAC-A857-443C-95E9-42942D00F533} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-25 22:50 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-12-25 22:50 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-12-25 22:51 - 2014-11-19 20:28 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-12-25 22:51 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-12-25 22:50 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2014-12-25 22:50 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2014-12-25 22:50 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2014-12-25 22:50 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2014-12-26 01:56 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-03 21:30 - 2015-01-03 21:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-25 21:55 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-06-28 17:56 - 2013-06-28 17:56 - 00733184 _____ () C:\Users\Simon-Admin\Documents\GIGABYTE\AIVIA GHOST\Tilt.exe
2012-09-18 15:41 - 2012-09-18 15:41 - 00191488 _____ () C:\Users\Simon-Admin\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
2014-06-25 16:20 - 2014-06-25 16:20 - 07892992 _____ () C:\Users\Simon-Admin\Documents\GIGABYTE\AIVIA GHOST\Macro.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 14:43 - 2014-08-04 14:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 14:43 - 2014-08-04 14:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 14:46 - 2014-08-04 14:46 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 14:46 - 2014-08-04 14:46 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-16 17:00 - 2015-01-09 00:44 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 17:00 - 2015-01-09 00:44 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-16 17:00 - 2015-01-09 00:44 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 17:00 - 2015-01-09 00:44 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2014-12-25 21:53 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Simon-Admin\Desktop\AdwCleaner_4.107.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Desktop\FRST64 (1).exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Desktop\putty_0.63.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\7z935.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\AdwCleaner_4.106.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\AdwCleaner_4.107.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\battlelog-web-plugins_2.6.2_154 (1).exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\battlelog-web-plugins_2.6.2_154 (2).exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\battlelog-web-plugins_2.6.2_154.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\CrystalDiskInfo6_3_0-en.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\DropboxInstaller.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\EmsisoftEmergencyKit.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\FileZilla_3.9.0.6_win32-setup.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\FRST64 (1).exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\FTB_Launcher.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\jre-8u25-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\npp.6.7.1.Installer.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\putty_0.63.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\Setup.X86.de-DE_HomeStudentRetail_ecdae667-8dc7-4672-80a4-10b38dfd1a47_TX_DB_.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\SteamSetup.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\tdsskiller.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\TeamSpeak3-Client-win64-3.0.16.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\TechnicLauncher (1).exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\TechnicLauncher.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\vlc-2.1.2-win64.exe:BDU
AlternateDataStreams: C:\Users\Simon-Admin\Downloads\winscp556setup.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3157635539-2998892254-425246051-500 - Administrator - Disabled)
Gast (S-1-5-21-3157635539-2998892254-425246051-501 - Limited - Disabled)
Simon-Admin (S-1-5-21-3157635539-2998892254-425246051-1001 - Administrator - Enabled) => C:\Users\Simon-Admin
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/16/2015 04:50:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/10/2015 01:23:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/09/2015 08:51:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b8554
ID des fehlerhaften Prozesses: 0x1118
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3
Vollständiger Name des fehlerhaften Pakets: rads_user_kernel.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rads_user_kernel.exe5
Error: (01/09/2015 08:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428, Zeitstempel: 0x520b1060
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1130
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3
Vollständiger Name des fehlerhaften Pakets: rads_user_kernel.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rads_user_kernel.exe5
Error: (01/09/2015 08:49:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428, Zeitstempel: 0x520b1060
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3
Vollständiger Name des fehlerhaften Pakets: rads_user_kernel.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rads_user_kernel.exe5
Error: (01/02/2015 05:25:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/02/2015 04:28:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/02/2015 01:13:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/01/2015 02:24:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/01/2015 02:20:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ba0
Startzeit: 01d0256111eb1fef
Endzeit: 2
Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: 53f531ba-9154-11e4-8250-94de80b1ef45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (01/19/2015 02:01:44 PM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/19/2015 02:01:14 PM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/18/2015 03:57:54 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12
Error: (01/18/2015 10:13:20 AM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/18/2015 10:12:50 AM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/18/2015 09:37:06 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (01/17/2015 10:07:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/17/2015 10:07:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/17/2015 03:20:21 AM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/17/2015 03:19:51 AM) (Source: DCOM) (EventID: 10010) (User: Simon-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (01/16/2015 04:50:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/10/2015 01:23:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/09/2015 08:51:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b8554111801d02c45b54737f5C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exef32285c3-9838-11e4-8253-94de80b1ef45
Error: (01/09/2015 08:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acMSVCR80.dll8.0.50727.8428520b1060c000000500012f4b113001d02c457351d6fbC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeC:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dllb108fb3d-9838-11e4-8253-94de80b1ef45
Error: (01/09/2015 08:49:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acMSVCR80.dll8.0.50727.8428520b1060c000000500012f4b190801d02c456fd21f0cC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeC:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dllad8fa056-9838-11e4-8253-94de80b1ef45
Error: (01/02/2015 05:25:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/02/2015 04:28:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/02/2015 01:13:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/01/2015 02:24:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/01/2015 02:20:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rads_user_kernel.exe0.0.0.01ba001d0256111eb1fef2C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe53f531ba-9154-11e4-8250-94de80b1ef45
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8073.04 MB
Available physical RAM: 4432.7 MB
Total Pagefile: 9353.04 MB
Available Pagefile: 4965.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.05 GB) (Free:121 GB) NTFS
Drive d: (2. Festplatte) (Fixed) (Total:931.51 GB) (Free:865.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8163D52A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: AB6CCD9D)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
