Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Avira Updates werden blockiert (https://www.trojaner-board.de/167177-windows-7-avira-updates-blockiert.html)

MrMicrosoft 22.05.2015 14:33
Windows 7: Avira Updates werden blockiert
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo liebe Trojaner-Board Helfer,

ich habe seit einiger Zeit irgendeine Software auf dem Rechner, die meine Avira Updates blockiert und andere Dinge verursacht. Das Problem ist, dass sie komplett im Hintergrund arbeitet und ich daher keinen Schimmer habe, um was es sich handelt und wie schädlich es ist.

Seit dem Befall habe ich diese Veränderungen bemerkt: Computer ist langsamer, Avira Updated nicht mehr, Firefox funktioniert nur noch mit deaktivierter Hardwarebeschleunigung, gelegentliche Fehlermeldungen (zu atbroker.exe, longui.exe, explorer.exe, gdiplus.dll, ...) oder Blackscreens beim Start.
Um diese Dinge zu beheben habe ich schon versucht Avira über die Website zu downloaden, allerdings wurde die Installation blockiert. Ein Suchlauf ergab keine Ergebnisse, da jener aufgrund einer Fehlermeldung abgebrochen wurde. Auch ein Suchlauf mit Avast ergab keine Ergebnisse.

Die Textdateien von Defogger und FRST befinden sich im Anhang, allerdings konnte ich Avira für den Gmer-Scan nicht deaktivieren. Deswegen weiß nicht, ob er aufschlussreich ist, aber die Datei ist leider sowieso zu groß, um sie als Anhang zu posten.

Viele Grüße und ich hoffe ihr könnt mir helfen :)

cosinus 22.05.2015 14:46
Hi und :hallo:

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

MrMicrosoft 22.05.2015 15:13
Okay, danke schonmal für die schnelle Antwort!

Defogger:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:00 on 22/05/2015 (Carl)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Carl (administrator) on CARL-TOWER on 22-05-2015 14:03:29
Running from C:\Users\Carl\Desktop
Loaded Profiles: Carl (Available profiles: UpdatusUser & Carl)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files (x86)\BLUBB\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Salfeld Computer) C:\Windows\SysWOW64\cchservice.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
() C:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Failed to access process -> WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Salfeld Computer) C:\Windows\tray\wintmr.exe
(Spotify Ltd) C:\Users\Carl\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Avast Software s.r.o.) C:\Program Files (x86)\BLUBB\avastui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
Failed to access process -> dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Failed to access process -> taskhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [167960 2010-12-20] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [391704 2010-12-20] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [418328 2010-12-20] (Intel Corporation)
HKLM-x32\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613024 2010-09-27] (Atheros Communications)
HKLM-x32\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [ChicoSys] => C:\Windows\SysWOW64\cc32\webtmr.exe [6484352 2009-07-14] (Salfeld Computer)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\BLUBB\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Run: [Spotify Web Helper] => C:\Users\Carl\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-05-21] (Spotify Ltd)
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Policies\system: [DisableClock] 1
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)
IFEO\taskmgr.exe: [Debugger] "C:\USERS\CARL\DOCUMENTS\TOOLS\PROCESSEXPLORER_15.30\PROCEXP.EXE"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-01-08]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-05]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk [2013-06-30]
ShortcutTarget: Product Registration.lnk -> C:\Users\Carl\AppData\Local\Temp\is-J078O.tmp\ATR1.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\BLUBB\ashShA64.dll [2015-05-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2260964575-2753946872-1401531445-1001] => http=198.52.217.44:3127
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {438CB363-A94D-4AE3-8F99-E93393D46036} URL = hxxp://www.bing.com/?cc=de
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {50742086-32D3-4D7F-A73C-DDB2FBE0C4B3} URL = hxxp://www.bing.com/?cc=de
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\BLUBB\aswWebRepIE64.dll [2015-05-21] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\BLUBB\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2012-12-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2260964575-2753946872-1401531445-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carl\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2260964575-2753946872-1401531445-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-03-31] ()
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\searchplugins\google-maps.xml [2014-12-17]
FF Extension: Avira Browser Safety - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\Extensions\abs@avira.com [2015-04-04]
FF Extension: Battlefield Heroes Updater - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\Extensions\battlefieldheroespatcher@ea.com [2013-01-18]
FF Extension: HTTPS Finder - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi [2012-12-26]
FF Extension: NoScript - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-26]
FF Extension: Adblock Plus - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\BLUBB\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files (x86)\BLUBB\WebRep\FF [2015-05-21]
FF HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\1oemjo7o.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\BLUBB\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21]

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems) [File not signed]
R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-23] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-09-27] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files (x86)\BLUBB\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-21] () [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S2 ksupmgr; C:\Windows\SysWOW64\ksupmgr.exe [765592 2010-08-25] (Salfeld Computer)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-21] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-28] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-21] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-06] (Avira Operations GmbH & Co. KG)
S3 Logi_Headset_DFU; C:\Windows\System32\Drivers\lhusbdfuamd64.sys [44136 2014-04-18] (CSR plc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 14:03 - 2015-05-22 14:03 - 00022002 _____ () C:\Users\Carl\Desktop\FRST.txt
2015-05-22 14:02 - 2015-05-22 14:03 - 00000000 ____D () C:\FRST
2015-05-22 14:01 - 2015-05-22 14:01 - 02108416 _____ (Farbar) C:\Users\Carl\Desktop\FRST64.exe
2015-05-22 13:59 - 2015-05-22 14:00 - 00000470 _____ () C:\Users\Carl\Desktop\defogger_disable.log
2015-05-22 13:59 - 2015-05-22 13:59 - 00000000 _____ () C:\Users\Carl\defogger_reenable
2015-05-22 13:58 - 2015-05-22 13:58 - 00050477 _____ () C:\Users\Carl\Desktop\Defogger.exe
2015-05-22 13:24 - 2015-05-22 13:45 - 00000224 _____ () C:\Windows\setupact.log
2015-05-22 13:24 - 2015-05-22 13:24 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 23:43 - 2015-05-21 23:43 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-21 20:26 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-21 20:26 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-21 19:53 - 2015-05-21 19:53 - 00000000 ____D () C:\Users\Carl\AppData\Local\openvr
2015-05-21 18:55 - 2015-05-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-21 14:09 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-21 14:09 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-21 14:09 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-21 14:09 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-21 14:09 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-21 14:09 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-21 14:09 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-21 14:09 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-21 14:09 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-21 14:09 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-21 14:09 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-21 14:09 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-21 14:09 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-21 14:09 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-21 14:09 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-21 14:09 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-21 14:09 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-21 14:09 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-21 14:09 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-21 14:08 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-21 14:08 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-21 14:08 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-21 14:08 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-21 14:08 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-21 14:08 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-21 14:08 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-21 14:08 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-21 14:08 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-21 14:08 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-21 14:08 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-21 14:08 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-21 14:08 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-21 14:08 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-21 14:08 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-21 14:08 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-21 14:08 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-21 14:08 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-21 14:08 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-21 14:08 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-21 14:08 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-21 14:08 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-21 14:08 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-21 14:08 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-21 14:08 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-21 14:08 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-21 14:08 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-21 14:08 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-21 14:08 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-21 14:08 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-21 14:08 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-21 14:08 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-21 14:08 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-21 14:08 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-21 14:08 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-21 14:08 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-21 14:08 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-21 14:08 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-21 14:08 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-21 14:08 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-21 14:08 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-21 14:08 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-21 14:08 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-21 14:08 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-21 14:08 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-21 14:08 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-21 14:08 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-21 14:08 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-21 14:08 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-21 14:08 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-21 14:08 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-21 14:08 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-21 14:08 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-21 14:08 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-21 14:08 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-21 14:08 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-21 14:08 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-21 14:08 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-21 14:08 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-21 14:08 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-21 14:07 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-21 14:07 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-21 14:07 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-21 14:07 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-21 14:07 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-21 14:07 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-21 14:07 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-21 14:07 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-21 14:07 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-21 14:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-21 14:01 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-21 14:01 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-21 14:00 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-21 14:00 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-21 14:00 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-21 14:00 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-21 14:00 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-21 14:00 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-21 14:00 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-21 13:49 - 2015-05-21 13:49 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\AVAST Software
2015-05-21 13:47 - 2015-05-22 13:28 - 00004164 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-21 13:47 - 2015-05-21 13:47 - 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-21 13:47 - 2015-05-21 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-21 13:46 - 2015-05-21 13:45 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-21 13:46 - 2015-05-21 13:45 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-21 13:46 - 2015-05-21 13:45 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-21 13:45 - 2015-05-21 13:45 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-21 13:43 - 2015-05-21 23:31 - 00000000 ____D () C:\Program Files (x86)\BLUBB
2015-05-21 13:42 - 2015-05-21 13:42 - 00000000 ____D () C:\Users\Carl\Documents\Versteckt
2015-05-21 13:39 - 2015-05-21 13:41 - 152642224 _____ (Avast Software s.r.o.) C:\Users\Carl\Downloads\avast_free_antivirus_setup_10.2.2218.exe
2015-05-21 12:13 - 2015-05-21 12:13 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\Carl\Downloads\avira_de_av_553a177f695f4__ws(1).exe
2015-04-24 12:17 - 2015-04-24 12:17 - 04636584 _____ (Avira Operations GmbH & Co. KG) C:\Users\Carl\Downloads\avira_de_av_553a177f695f4__ws.exe
2015-04-24 11:50 - 2015-04-24 11:50 - 00053492 _____ () C:\Users\Carl\Downloads\Politik 2. Semester.odt
2015-04-24 11:50 - 2015-04-24 11:50 - 00027959 _____ () C:\Users\Carl\Downloads\Politik 1. Semester.odt
2015-04-23 23:43 - 2015-04-24 01:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 13:59 - 2012-12-25 20:46 - 00000000 ____D () C:\Users\Carl
2015-05-22 13:57 - 2013-03-27 15:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 13:55 - 2013-03-30 14:45 - 00000016 _____ () C:\Windows\SysWOW64\excltmp~.dat
2015-05-22 13:55 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 13:55 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 13:52 - 2011-05-07 01:46 - 01690318 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 13:47 - 2014-04-17 20:23 - 00000000 ___RD () C:\Users\Carl\Dropbox
2015-05-22 13:47 - 2014-04-17 20:19 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Dropbox
2015-05-22 13:45 - 2011-06-25 22:53 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-05-22 13:45 - 2011-05-16 01:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-22 13:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 02:35 - 2014-08-24 18:28 - 00000000 ____D () C:\Users\Carl\AppData\Local\Spotify
2015-05-22 02:10 - 2014-08-24 18:28 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Spotify
2015-05-22 02:04 - 2012-12-25 23:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-21 23:46 - 2014-10-22 15:04 - 00000000 ____D () C:\Users\Carl\AppData\Local\Adobe
2015-05-21 23:44 - 2012-12-25 23:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-21 23:43 - 2013-03-27 15:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 23:43 - 2012-12-25 23:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 23:43 - 2012-12-25 23:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 23:38 - 2009-07-14 06:45 - 00341896 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-21 23:34 - 2015-04-04 17:48 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 23:34 - 2015-04-04 17:48 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 23:34 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-21 23:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-21 23:31 - 2013-08-04 14:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-21 23:31 - 2013-08-04 14:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-21 23:31 - 2012-12-25 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-21 20:38 - 2015-04-21 13:14 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-21 20:38 - 2014-06-01 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-21 20:29 - 2015-04-21 13:14 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-21 20:26 - 2013-08-04 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-21 13:41 - 2012-12-25 23:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-21 13:32 - 2014-04-17 20:23 - 00001024 _____ () C:\Users\Carl\Desktop\Dropbox.lnk
2015-05-21 13:32 - 2014-04-17 20:20 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-21 13:23 - 2014-05-10 13:09 - 00004796 _____ () C:\Windows\SysWOW64\cchservice.err
2015-05-21 12:14 - 2014-08-05 12:32 - 00000000 ____D () C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2015-03-15 23:44 - 2015-03-15 23:44 - 0030983 _____ () C:\Users\Carl\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Carl\AppData\Local\Temp\avgnt.exe
C:\Users\Carl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph50mli.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-22 01:51

==================== End of log ============================
Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Carl at 2015-05-22 14:04:18
Running from C:\Users\Carl\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2260964575-2753946872-1401531445-500 - Administrator - Disabled)
Carl (S-1-5-21-2260964575-2753946872-1401531445-1001 - Administrator - Enabled) => C:\Users\Carl
Gast (S-1-5-21-2260964575-2753946872-1401531445-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2260964575-2753946872-1401531445-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2260964575-2753946872-1401531445-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version:  - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - )
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version:  - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version:  - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - )
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft Montreal)
ATI Catalyst Install Manager (HKLM\...\{47B188E2-2447-5C40-15B6-9D49DC90BF5B}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios Ltd.)
Batman: Arkham City™ (HKLM-x32\...\Steam App 57400) (Version:  - Rocksteady)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
Burnout(TM) Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.0.0.0 - Electronic Arts)
calibre 64bit (HKLM\...\{EA927D74-9D01-4436-89AE-ACF7C893C845}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DayZ Commander (HKLM-x32\...\{0170930E-68D6-4E85-88B2-82761CDE1F94}) (Version: 0.92.69 - Dotjosh Studios)
Die Sims Deluxe  (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DS4Windows (HKLM-x32\...\{97A3474F-1266-4B4B-B594-2EFE353FDEC0}) (Version: 1.5.6 - DSDCS)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Free Studio version 6.4.2.113 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.2.113 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Haunt 1.0 64bit (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Haunt 1.0 64bit) (Version:  - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Lone Survivor (HKLM-x32\...\Steam App 209830) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-53cc58da-3be5-4ac2-b0b6-2a48785ecdcf) (Version:  - Epic Games, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA 3D Vision Controller-Treiber 305.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.27 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.12 (HKLM\...\Opera 12.12.1707) (Version: 12.12.1707 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Perspective 1.0 (HKLM-x32\...\Perspective) (Version: 1.0 - Widdershins)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Psychonauts (HKLM-x32\...\Steam App 3830) (Version:  - Double Fine Productions)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Spotify (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE BOOM Update-Assistent (HKLM-x32\...\{E0426B93-AA36-4A2C-9BBD-9096BB9908F3}) (Version: 1.3.58 - Logitech, Inc.)
Unity Web Player (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2260964575-2753946872-1401531445-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-04-2015 02:04:38 Windows Update
19-04-2015 00:48:43 Windows Update
21-04-2015 13:13:50 Windows Update
23-04-2015 03:00:15 Windows Update
21-05-2015 13:43:34 avast! antivirus system restore point
21-05-2015 13:51:47 Windows Update
21-05-2015 20:24:23 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {290092FE-96C2-4C23-8A8F-ED3EC987BE53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {2E38A1CC-7C94-4107-9793-0A23728C1E40} - System32\Tasks\{711F45A0-B949-45E3-B328-681705C5A57E} => C:\Program Files (x86)\Steam\Steam.exe [2015-05-15] (Valve Corporation)
Task: {3F295ED3-EFAC-4BA6-8BA6-C06B8C1DEB11} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {622AF6F4-CC34-48F4-AFCB-D0C33DCAB01B} - System32\Tasks\{8400C865-3349-4A75-9DC6-5D90D33630C4} => C:\Program Files (x86)\Steam\Steam.exe [2015-05-15] (Valve Corporation)
Task: {7B263A21-476B-4CEA-B060-F295E82ECCC4} - System32\Tasks\{95DCBDA1-EF05-4D86-B90A-4CB85AECA28F} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/15100
Task: {B150591A-2F29-4C0B-BFE4-B574B160E380} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C104A4C6-2487-47EC-932B-EFA28C547BCB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D3617187-DA96-4A5D-9A56-514C582756B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {D5961B7C-E23E-4307-9EF1-3032D5DDFB6A} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\BLUBB\AvastEmUpdate.exe [2015-05-21] (Avast Software s.r.o.)
Task: {DD345102-FCE3-4A64-97F8-CBBAECE78A5E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-07 02:06 - 2010-05-24 11:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2011-05-07 02:06 - 2010-05-24 11:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-05-07 02:06 - 2010-05-24 11:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2011-05-07 02:06 - 2010-05-24 11:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2015-05-22 13:46 - 2015-05-22 13:46 - 00043008 _____ () c:\users\carl\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph50mli.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-08-24 20:07 - 2010-11-04 11:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2015-05-21 13:45 - 2015-05-21 13:45 - 40540672 _____ () C:\Program Files (x86)\BLUBB\libcef.dll
2015-05-21 13:45 - 2015-05-21 13:45 - 00104400 _____ () C:\Program Files (x86)\BLUBB\log.dll
2015-05-21 13:45 - 2015-05-21 13:45 - 00081728 _____ () C:\Program Files (x86)\BLUBB\JsonRpcServer.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0059C705-2E1B-4F44-90D1-588010390056}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B4961396-A144-4C1F-B2FB-7FC8447B5726}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{839ED981-8DE2-47BB-8EDC-CE9F140BF958}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{3BA90AF6-69F4-42F8-B03E-9C03142B2647}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{40C0D428-E35C-4DA3-926A-5D70D8D23D5F}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{A6ED7BF9-FE3B-4C39-8168-699440F74E8D}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{780E5915-4C82-45EB-83BC-B78D8BA6AEF0}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [{F7363BBB-69A8-4C93-AF4B-4AC123C0B3EA}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [{8998DB0E-8CD8-4ED6-9893-47A9222ABBD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1DFBB6A2-7738-416A-8D3F-C7EBF20FD002}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B3D9C325-C74A-4BBE-8706-0C22B0242AC6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6F73174-040F-4CE1-B17A-1C1A891780EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9DB56C25-0BE9-4595-98EC-44EE9999FFED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE7AFB0E-D531-413D-AB8C-69C2AD67885B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{408C8996-B57F-426F-AA48-D321492B5650}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CAE996CE-D9E6-45CE-998F-2AE2E00BAE9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{C95A5DD6-3572-47FF-963D-F28814DCF056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [TCP Query User{E3A8445B-4144-4510-B0E0-C86B32E11125}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D481A45D-2747-499A-97F6-02797309BD0F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{8D1A9348-2FED-4C9E-995E-11F93197AFD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman2\Binaries\Win32\BatmanAC.exe
FirewallRules: [{849357D4-9FF8-4399-A4C4-1CA15F74710C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman2\Binaries\Win32\BatmanAC.exe
FirewallRules: [{170C1065-20B2-46A9-BFB3-2A42C7023B35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman2\RunLauncher.bat
FirewallRules: [{3AEC8811-4D88-4C66-AA0F-6ECAAECD9051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman2\RunLauncher.bat
FirewallRules: [{52D3EF47-C8E1-4E46-AF29-26F8F307F94C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{7BE86568-43BE-44A1-976E-385AEF9F78CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{A03105AD-0E25-4103-93DE-DCE712CB3089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{AF20D60C-895D-4B38-898E-D145C1303308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{281E7288-7926-4FFA-AE15-E339815D1068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{BD1F2389-6DE5-4975-A182-E24357DDC8BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{F302C6DC-FA1D-41F5-BF6D-F716A45EAA2A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{7E97E91F-CC61-451B-AA2F-BF2CC5E8CD27}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D35E8D65-9C72-4F13-B5BD-894F5C147046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe
FirewallRules: [{E36A2E17-89A5-455D-8D44-7822A193DC9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe
FirewallRules: [{907E81B4-5916-4B2C-963B-8DD828EA4CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{B48FD59C-EFD3-4ECE-BF4A-6E3F1BF40C8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [TCP Query User{D8334B0B-ACF3-4915-A4E7-420D936471CB}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{6ADCDAAB-3AEF-4179-9E08-37066AA5D15E}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{CA6E8A0E-D34F-434A-9370-E37AAF122757}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{4B657A33-590B-4E70-B247-D79D681FEB1B}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{F0997AE1-67DB-4C28-96A4-65E3F646CAC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{CB0C9590-E71D-44F1-811C-15DD9A4EDE03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{2A28541D-F225-468E-89F1-B8BA9BCEC908}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{5A069D5A-E4F8-41F3-928C-4B1266679EE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{28F8BB7F-5BDD-4B05-8DCB-75F6552204E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{CACAE702-7258-46EF-941B-5934A6B32173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{7DC26E3A-7786-4F46-98F8-9BCB5B3FD762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{5B5156FB-F99F-436A-B961-BFDC4A5983A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{0FC4D4B7-9EA4-4D91-AC91-0AF79F6BA589}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{FB337390-0E06-4AA7-95E9-1EC8B624E88C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{B0D066AD-AD02-4EAA-B2EB-D48A23268BA8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F643A890-0C97-4AEA-BE2E-E57B16933EC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F8B147CB-3726-467B-B8CF-DEE5E9F55BFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mr_microsoft96\source sdk base 2007\hl2.exe
FirewallRules: [{D5ED83B0-5417-4E69-91E3-723A008CA41F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\mr_microsoft96\source sdk base 2007\hl2.exe
FirewallRules: [{4D59FCD4-993C-45E8-BF1D-F72279735468}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{16EEAC2A-BF25-492C-8245-11EF3BB1A26C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{ECABEDB9-6424-4759-9A94-8AA937F102CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Superbrothers Sword & Sworcery EP\swordandsworcery_pc.exe
FirewallRules: [{F3D96B07-EEBF-4A40-925C-E35AFEACA56B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Superbrothers Sword & Sworcery EP\swordandsworcery_pc.exe
FirewallRules: [{03856E58-9318-4022-B032-64DE3BF1284D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{8DFD66EE-65A6-4C66-93B1-B35F657D9BEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{B89415AF-1708-4A7E-8BF4-C770D27C86E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{C50487D8-A2FB-418A-B0E6-50C3710DF22F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{48C16509-6965-4DBC-943E-D6AC8AE7A128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe
FirewallRules: [{580B658D-4215-4678-A24E-0E4448A90A7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe
FirewallRules: [{C37C8A07-1C6F-4A37-A044-790E8A8E0A92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{848BDA00-1559-405F-898F-DD0D3CF4F0A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{984A2EF8-B708-4092-B49C-DD73B57778C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{2BE8140B-33D1-4E6C-831B-B383EB99E2B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{1C6EE48A-EAAF-4948-AFE5-AC4B63A2835F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{5941DDA8-1706-4237-9B4F-7CEC9CC75D2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{7B36EE59-0DDF-4753-BB79-68AB2C5E632A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{788E8E6D-9510-413C-825E-0D01C5E9B0D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4CAF22B8-4CCE-40A9-96FB-E46632F326E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{7C8FE2B8-7F3B-455A-956B-5FB44E725F74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{21BCCC51-A7BE-4647-8780-E99CC505082B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{EE6BB331-B9AC-4C5A-ADF0-6322818F4184}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{F6774203-CF54-4FA1-9F4F-E1887D95B342}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{2B4244AB-4856-42D8-AE51-831085923172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C187E5E8-68E5-4D89-8E7E-8C46056178E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{C1FFC26F-1433-4140-89D6-ED9261D0BC80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{45B5AAE4-C443-4F1E-B7C7-6F606511FDA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{464975DD-55FE-4419-9F09-62F2BE5F9CE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{9666CB17-22B5-467D-B521-39F72904307D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{655240A0-22F4-40CC-805B-5B3183BFC3DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5E62124E-3BAA-4C4B-8FE2-75582C9C96E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{09366345-E199-4910-A591-1284D53DE60C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{61B7A472-8217-4BA9-8E15-A003E6F25B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F9DBFE92-FB90-471C-B8F5-6CEEDF65CA24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{BE022F57-CAB5-4979-9707-8F1290769CB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{55C6B6B6-F6D2-4453-AC4E-2ECB44CB37F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E9EF0462-EDBD-49B7-962F-11542BF0C697}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FFD121-A87C-4B9A-ABB6-7DDF58C0F281}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B27C7F14-5D9D-4E7E-AE95-5C77B9E85693}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{A3DE7FA8-56BC-4DF0-871C-A2C190859B17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{81A00C3F-18D5-468A-816B-754F2695F5CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5913FF08-913D-493F-AB0E-B26F73C6690D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B385865E-BCD4-443D-88D5-1072D688245C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CF1A0200-E329-49A2-B6A0-2CA72C5041E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{351A03B6-7389-4B11-9B3E-32DA8A3DB5E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DA281282-F8C0-48A9-95CB-E8BA16C291F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6E5B9752-4651-42F4-8CE0-FC696D9D8AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0558EDA0-D905-4073-9E3F-CF1B660AC5AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{F6985D76-221A-477A-A88A-D59135DF7F3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{ECE5A044-2CB6-4130-AFFE-79C17D66DC51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{83536B8D-0DAA-4AFD-95AE-6989AC1C1CB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EF9D4848-8AF9-4AF9-ADEF-F3C9D84B3C5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{292107B8-BFC3-472A-90D5-0ADAD78138DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{3CB5D3D8-158A-41A0-89A1-5746B5D45048}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{53838923-323A-40A9-A9F5-15DE226145A2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{DF34461C-20DD-4E1B-BEE3-F0E9552BCCC4}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{D6944ECB-2F78-4C78-9D9C-A83CBF41D711}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{6ABECA54-884B-4266-9ACE-16894BA5676F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{C34C5CDB-C026-401C-90DA-18E85764DE56}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{EDC6E0F4-58B6-40D9-8CCD-A93F92415FED}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{DACD714F-9601-41FA-BBB7-966A384B2F77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{9E8E2A00-4E20-49A0-AB17-B76BF0245331}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{91C47DF3-B06D-485E-9752-31A526366E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{A4EFE717-9683-496A-9033-21093533DEE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{1BF40585-6800-45BC-A404-AA5E0FE2FF9C}] => (Allow) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A8FE5776-F075-49EF-86E2-B66813A0F7D3}] => (Allow) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ED5FF0DB-D7AE-4EB0-BC52-928710B06696}] => (Allow) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DC5E0923-5344-46A6-AACB-1BBBE2B72BEC}] => (Allow) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{05AC5EB7-0492-4DD4-8074-3AB3A5FADFEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{2140BF9F-63D6-48ED-B40A-3CF0F851458C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{E25B807E-8ABB-4781-8F26-5E807F7687AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{22B19BE7-DC49-45E7-9033-C511816F2639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{2FE53725-E772-4239-9480-4E43DEFEF7AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{71102090-ED51-4A04-AA75-7A386908EE9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{3E26CD9B-B0D8-4BCB-B5D5-A42814D80F43}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{7259546D-0784-45C1-A320-ABF2EA0E9C15}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{BED1D8CB-9CEE-4B6E-9D78-13B62DC44295}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D6AF1E4-255E-4A72-A0DD-12FBEF3C2E0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A7E6E95B-A404-4091-ABCD-9E651DD31950}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{970FBC94-116B-449C-AEF4-53631A2193CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{98DEB0E3-C497-46AE-B48F-FA738314C88C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{27DDFE88-D23F-4E6E-B5BC-0FA9ACD57E5C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CCFD970E-5F0B-4097-A21E-E108A7E32813}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{B9FF6D3B-6BF1-4418-919E-629CB3E8CCA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{447C768F-E01A-4B3E-AE89-C315BCE07C69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{83ADD865-9A91-421B-A14C-FAD945D274BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{6122968F-EA20-4A5E-91AE-74F37970F867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{816DCBC2-6009-4E7D-A717-D6B8565B551D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{6C6A7A33-5D93-48F3-8F38-C01F60EA23CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{7F8E14FC-3A60-4C1B-9BAB-8840C8BDEDC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B40237ED-717C-4830-A216-6B212C3A961B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7234B5A3-C2B3-4324-8858-BB5170E445EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{9CC66AB0-CA40-4829-8A13-09D786A43963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E525E42D-4D8B-4AF4-9D2F-C110CC44AC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{5A3A9E9E-6A7C-44A8-BFA2-B100D6221B42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C02066D2-B748-4E66-8086-001829817F35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C0179E93-39E8-4EF2-B588-A7D97BD35403}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{B563A85A-BECF-4F44-8170-BACB5631551F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{546CB942-D1CD-4FB7-A481-94F82E89C18D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E37BEB41-19E0-4565-A739-098246A0F517}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D6D4BCC9-813B-4682-B154-A1E11ED183A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{EF2128F9-6BF1-46A6-A0AE-5AC024A15065}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{ACB69940-11F9-43C1-B67A-B6DBA8322670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{DFD26DBC-D4AD-4080-9087-21C2F4BA3C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{E0F9FA2B-AB63-428A-B454-BB28A8D8EADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{4396AAAB-BE36-4B6D-B285-1D562E025FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{AFCF13B6-ED73-458E-B5E0-00D47B3272BD}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{1FABA30D-0E7C-4453-B634-46ECB0EF2982}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{7F2CAE5B-A2A2-48F3-8D7F-97AFDA3D0A68}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{F459B77C-569B-4E90-9AD2-B0B11678F779}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{A2C2120E-D1E3-4B76-8F68-C0751F16D926}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{E68A7740-8F5F-4467-AE0A-2BA189F7CCA3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{B6818E6D-D974-48E9-ADC1-FE064D062176}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{1F9BA586-CFE6-4D7B-826B-B3745B61E6E2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{7B88C715-EE89-4A08-8493-A62A54FB8506}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D723ED94-0EC8-447C-8F10-1B3B6E405755}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A755D394-3F89-4E69-92A4-5F7D5E23E785}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{0977D01E-F0D2-437E-9A74-DC0763B88F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{D5C71790-5CF6-4908-81BD-345549DE24C3}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{FCA9B469-884E-4A65-A14C-DA65D7BC0913}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{56C62EC8-7EDA-4196-B5C2-E5847737A192}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{10D6549B-4743-41F6-A0A0-5E055AA592F3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{D47E15F6-01AC-4DF4-AF8F-550D601F9E93}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{C832DB59-0F2C-4372-B270-E4886B1E190F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{AEEC35E5-F68B-4E13-8043-1B8B29419122}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{2423A83A-0FF2-4171-BA2F-3C35EA9FEE3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{B072C8A7-66D1-4D28-89B6-63A671F26EEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{EA257AE1-FD79-4F02-8816-CE8A0F2ACE53}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{40BD8E46-61EE-4C09-BF84-EC28D64B452A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{843195CC-C893-4552-9215-A287B5B67A22}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{D297E262-4B6B-430B-BF76-3CDA3E9F2A93}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 01:46:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 01:45:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  18 114.2.168.192.in-addr.arpa. PTR Carl-Tower.local.

Error: (05/22/2015 01:45:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.114:5353  20 114.2.168.192.in-addr.arpa. PTR Carl-Tower-2.local.

Error: (05/22/2015 01:42:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 01:42:44 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÄT)
Description: Die Datei AvShadow konnte nicht geladen werden.
Fehlercode: 0x3e5

Error: (05/22/2015 01:36:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 01:36:48 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÄT)
Description: Die Datei AvShadow konnte nicht geladen werden.
Fehlercode: 0x3e5

Error: (05/22/2015 01:36:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  18 114.2.168.192.in-addr.arpa. PTR Carl-Tower.local.

Error: (05/22/2015 01:36:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.114:5353  20 114.2.168.192.in-addr.arpa. PTR Carl-Tower-2.local.

Error: (05/22/2015 01:27:41 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (05/22/2015 01:49:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/22/2015 01:49:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/22/2015 01:43:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1C749B87-568C-4865-8E73-6413F8372CE6}

Error: (05/22/2015 01:43:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (05/22/2015 01:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/22/2015 01:42:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.

Error: (05/22/2015 01:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/22/2015 01:42:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.

Error: (05/22/2015 01:42:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/22/2015 01:42:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 16366.12 MB
Available physical RAM: 13303.66 MB
Total Pagefile: 32730.43 MB
Available Pagefile: 29527.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:1397.17 GB) (Free:901.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: C2152866)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of log ============================

cosinus 22.05.2015 21:27
Zitat:
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
Bitte nicht Avast und Avira gleichzeitig verwenden

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

MrMicrosoft 24.05.2015 12:55
Nein, habe keine weiteren Logs. Avira meldet nichts außer den Update-Fehlern.
Normalerweise verwende ich auch nur Avira, habe Avast nur geladen, weil ich dachte ich könnte das Problem damit möglicherweise beheben.

cosinus 24.05.2015 14:37
Deinstalliere bitte umgehend einen der beiden. Zwei solcher Programme sind kontraproduktiv. Da wir Avira hier schon länger nicht mehr empfehlen, würde ich vorschlagen Avira zu deinstallieren. Sag Bescheid wenn das erledigt ist.

MrMicrosoft 25.05.2015 00:06
Wenn ich versuche Avira über Systemsteuerung -> Programme -> Programme und Funktionen zu deinstallieren erscheint diese Fehlermeldung:
"Programme und Funktionen
Bei der Deinstallation von Avira ist ein Fehler aufgetreten Möglicherweise wurde es bereits deinstalliert.
Möchten Sie Avira aus der Liste der Programme und Funktionen entfernen?"
Egal ob ich Ja oder Nein wähle, es verändert sich (auch nach Aktualisierung) nichts.
Gibt es noch eine andere Möglichkeit Avira zu deaktivieren?

cosinus 25.05.2015 11:16
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Avira
    Avira Free Antivirus

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

MrMicrosoft 25.05.2015 12:26
Nachdem ich Avira angewählt und deinstalliert habe, erschien Avira Free Antivirus (auch nach Aktualisierung) nicht mehr in der Liste des Uninstallers.

Außerdem war Avira nach dem Neustart, um die übrigen Dateien und Ordner (23 Stück) loszuwerden, nicht deinstalliert, sondern tauchte wieder in der Liste des Revo Uninstallers auf. Am linken unteren Bildschirmrand tauchten Meldungen von Avira OE.Systray.exe und Setup.Bundle auf, die dem Autostart hizugefügt oder entfernt wurden.

Nach erneuter Deistallation Aviras und wiederholtem Neustart sind Avira und die Fehlermeldungen verschwunden, das Avira Control Center und Avira Free Antivirus sind allerdings immer noch vorhanden.

cosinus 25.05.2015 12:31
Ich werd aus deinem Posting nicht schlau. Ist Avira nun runter oder nicht?

Um etwaige Reste zu entfernen gibt es von Avira noch das hier => http://dlpro.antivir.com/package/reg...cleaner_de.exe

MrMicrosoft 25.05.2015 13:01
So, habe es nun mit dem Avira Registry Cleaner versucht. Dieser funktioniert allerdings nur im abgesicherten Modus, also habe ich ihn auch dort ausgeführt. Eigentlich hätte Avira nun deinstallliert sein müssen.

Nach dem Neustart des PCs ist Avira zwar aus der Taskleiste verschwunden, das sich auf dem Desktop befindende Control Center ist jedoch immer noch vorhanden und lässt sich auch starten. Es ist also nicht deinstalliert.

Avira Registry Cleaner und Revo Uninstaller zeigen jetzt allerdings Dateisystemfehler an und lassen sich nicht mehr starten. Zudem wurden direkt nach dem Neustart diverse Anwendungsfehler (0xc0000018) zu hkcmd.exe ; igfxpers.exe ; Btv.Stack.exe ; AthBtTray.exe ; rundll32.exe ; XboxStat.exe ; iTunesHelper.exe und VDeck.exe angezeigt.

cosinus 25.05.2015 13:30
Bitte neue FRST-Logs.

MrMicrosoft 25.05.2015 14:16
FRST lässt sich nicht mehr starten und zeigt den Dateisystemfehler (-1073741800). Auch ein erneuter Download verändert nichts.
Das Problem tritt auch noch bei anderen Anwendungen auf. Explorer startet auch nicht mehr über die Taskleiste, nur noch über direkte Anwahl von z.B. Ordnern.

cosinus 25.05.2015 14:23
Probier mal bitte CF:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

MrMicrosoft 25.05.2015 14:27
Funktioniert auch nicht, zeigt den gleichen Dateisystemfehler.

cosinus 25.05.2015 14:32
Probier mal rKill. Wenn das auch nicht geht, hilft wahrscheinlich nur noch komplette Neuinstallation des Systems.

Suchlauf mit rKill

Bitte lade dir rKill von Grinler auf deinen Desktop von einem der folgenden Links: RKill oder http://www.trojaner-board.de/85629-rkill-download.html
  • Starte nun das Programm durch einen Doppelklick.
  • Wenn sich jetzt kein schwarzes Fenster öffnet, dann versuche einen der anderen Downloadlinks.
  • Das Tool wird jetzt einige Minuten lang laufen und verschiedene Einstellungen prüfen und neu setzen.
  • Nach dem Ende der Abarbeitung öffnet sich automatisch die Logdatei rkill.txt.
  • Bitte poste sie in deinen Thread in CODE-Tags (Anleitung).


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22