Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   2 Trojaner in der Avira Quarantäne, Was tun ? (https://www.trojaner-board.de/162570-2-trojaner-avira-quarantaene-tun.html)

flotschi 08.01.2015 14:56
2 Trojaner in der Avira Quarantäne, Was tun ?
 
Hallo,

Ich hab mich nie so wirklich um Viren sorgen gemacht da die meisten Seiten auf denen ich unterwegs bin eigentlich relativ "vertrauenswürdig" sind und ich was PC´s betrifft nicht komplett ahnungslos und unvorsichtig bin.
Nur kam vor 10 Minuten dann die "tolle" Meldung von Avira das er den Trojaner TR/Dropper.gen auf meinem Pc gefunden hat und mich dazu aufgefordert hat auf entfernen zu klicken. nach der automatischen Systemüberprüfung durch Avira hat es mich dann intressiert was noch so alles auf meinem PC ist/war und da bin ich dann drauf gekommen das sich in der Quarantäne noch ein weiter Trojaner und 2 Exploits befinden.

Habt ihr eine Hilfestellung für mich wie ich diese komplett entfernen kann ?

Lg und danke im vorraus,

Felix

Warlord711 08.01.2015 16:15
Hast du entsprechende Avira Logs bitte ?

Warlord711 08.01.2015 16:16
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

flotschi 08.01.2015 16:22
Ich hoffe das Stimmt so.
Ist jetzt der Bericht des Suchlaufes

Code:


Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 08. Jänner 2015  14:09


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Avira Antivirus Free
Seriennummer  : 0000149996-AVHOE-0000001
Plattform      : Windows 8.1 Pro
Windowsversion : (plain)  [6.2.9200]
Boot Modus    : Normal gebootet
Benutzername  : SYSTEM
Computername  : FELIX-LAPTOP

Versionsinformationen:
BUILD.DAT      : 14.0.7.468    91859 Bytes  24.11.2014 10:23:00
AVSCAN.EXE    : 14.0.7.462  1015544 Bytes  18.12.2014 00:35:02
AVSCANRC.DLL  : 14.0.7.308    64304 Bytes  23.10.2014 13:02:09
LUKE.DLL      : 14.0.7.462    60664 Bytes  18.12.2014 00:35:25
AVSCPLR.DLL    : 14.0.7.440    93488 Bytes  18.12.2014 00:35:02
REPAIR.DLL    : 14.0.7.412    366328 Bytes  18.12.2014 00:35:01
REPAIR.RDF    : 1.0.3.62      641413 Bytes  07.01.2015 16:22:01
AVREG.DLL      : 14.0.7.310    264952 Bytes  23.10.2014 13:02:05
AVLODE.DLL    : 14.0.7.440    561456 Bytes  18.12.2014 00:35:00
AVLODE.RDF    : 14.0.4.54      78895 Bytes  05.12.2014 18:15:50
XBV00013.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00014.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00015.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00016.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00017.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00018.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00019.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00020.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00021.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00022.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00023.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00024.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00025.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00026.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00027.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00028.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00029.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00030.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00031.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00032.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00033.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00034.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00035.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00036.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00037.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00038.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00039.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00040.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00041.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 13:02:30
XBV00192.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00193.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00194.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00195.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00196.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00197.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:02
XBV00198.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00199.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00200.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00201.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00202.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00203.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:03
XBV00204.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:04
XBV00205.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:04
XBV00206.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:04
XBV00207.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:04
XBV00208.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:04
XBV00209.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00210.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00211.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00212.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00213.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00214.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00215.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00216.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00217.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00218.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00219.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:05
XBV00220.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:06
XBV00221.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:06
XBV00222.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:06
XBV00223.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:06
XBV00224.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:07
XBV00225.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:07
XBV00226.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:07
XBV00227.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:07
XBV00228.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:07
XBV00229.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:08
XBV00230.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:08
XBV00231.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:08
XBV00232.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:08
XBV00233.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00234.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00235.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00236.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00237.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00238.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00239.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00240.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:09
XBV00241.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:10
XBV00242.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:10
XBV00243.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:10
XBV00244.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:10
XBV00245.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00246.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00247.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00248.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00249.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00250.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:11
XBV00251.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:12
XBV00252.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:12
XBV00253.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:12
XBV00254.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:12
XBV00255.VDF  : 8.11.197.100    2048 Bytes  23.12.2014 21:27:12
XBV00000.VDF  : 7.11.70.0  66736640 Bytes  04.04.2013 13:02:30
XBV00001.VDF  : 7.11.74.226  2201600 Bytes  30.04.2013 13:02:30
XBV00002.VDF  : 7.11.80.60  2751488 Bytes  28.05.2013 13:02:30
XBV00003.VDF  : 7.11.85.214  2162688 Bytes  21.06.2013 13:02:30
XBV00004.VDF  : 7.11.91.176  3903488 Bytes  23.07.2013 13:02:30
XBV00005.VDF  : 7.11.98.186  6822912 Bytes  29.08.2013 13:02:30
XBV00006.VDF  : 7.11.139.38 15708672 Bytes  27.03.2014 13:02:30
XBV00007.VDF  : 7.11.152.100  4193792 Bytes  02.06.2014 13:02:30
XBV00008.VDF  : 8.11.165.192  4251136 Bytes  07.08.2014 13:02:30
XBV00009.VDF  : 8.11.172.30  2094080 Bytes  15.09.2014 13:02:30
XBV00010.VDF  : 8.11.178.32  1581056 Bytes  14.10.2014 13:02:30
XBV00011.VDF  : 8.11.184.50  2178560 Bytes  11.11.2014 10:18:05
XBV00012.VDF  : 8.11.190.32  1876992 Bytes  03.12.2014 23:43:47
XBV00042.VDF  : 8.11.190.56    35840 Bytes  03.12.2014 23:43:48
XBV00043.VDF  : 8.11.192.58    2048 Bytes  03.12.2014 23:43:48
XBV00044.VDF  : 8.11.192.86    18944 Bytes  03.12.2014 23:43:49
XBV00045.VDF  : 8.11.192.110    7680 Bytes  03.12.2014 23:43:49
XBV00046.VDF  : 8.11.192.134    5120 Bytes  03.12.2014 23:43:49
XBV00047.VDF  : 8.11.192.138    9216 Bytes  03.12.2014 23:43:49
XBV00048.VDF  : 8.11.192.140    4608 Bytes  04.12.2014 17:18:48
XBV00049.VDF  : 8.11.192.144    8192 Bytes  04.12.2014 17:18:48
XBV00050.VDF  : 8.11.192.146    20480 Bytes  04.12.2014 17:18:48
XBV00051.VDF  : 8.11.192.148    19456 Bytes  04.12.2014 17:18:48
XBV00052.VDF  : 8.11.192.152    12800 Bytes  04.12.2014 17:18:49
XBV00053.VDF  : 8.11.192.154    5120 Bytes  04.12.2014 17:18:49
XBV00054.VDF  : 8.11.192.158    2048 Bytes  04.12.2014 23:18:50
XBV00055.VDF  : 8.11.192.160    2048 Bytes  04.12.2014 23:18:50
XBV00056.VDF  : 8.11.192.162    2048 Bytes  04.12.2014 23:18:50
XBV00057.VDF  : 8.11.192.166    8192 Bytes  04.12.2014 23:18:50
XBV00058.VDF  : 8.11.192.168    6144 Bytes  05.12.2014 18:15:50
XBV00059.VDF  : 8.11.192.172    6144 Bytes  05.12.2014 18:15:50
XBV00060.VDF  : 8.11.192.236    24064 Bytes  05.12.2014 18:15:50
XBV00061.VDF  : 8.11.192.238    2048 Bytes  05.12.2014 18:15:50
XBV00062.VDF  : 8.11.193.22    11776 Bytes  05.12.2014 18:15:50
XBV00063.VDF  : 8.11.193.42    29696 Bytes  06.12.2014 13:39:22
XBV00064.VDF  : 8.11.193.66    41472 Bytes  06.12.2014 19:39:31
XBV00065.VDF  : 8.11.193.68    2048 Bytes  06.12.2014 19:39:31
XBV00066.VDF  : 8.11.193.70    37888 Bytes  07.12.2014 12:34:47
XBV00067.VDF  : 8.11.193.76    13824 Bytes  07.12.2014 18:34:57
XBV00068.VDF  : 8.11.193.78    31744 Bytes  08.12.2014 20:13:59
XBV00069.VDF  : 8.11.193.98    2048 Bytes  08.12.2014 20:13:59
XBV00070.VDF  : 8.11.193.118    7680 Bytes  08.12.2014 20:13:59
XBV00071.VDF  : 8.11.193.138    3584 Bytes  08.12.2014 20:13:59
XBV00072.VDF  : 8.11.193.158    24064 Bytes  08.12.2014 20:13:59
XBV00073.VDF  : 8.11.193.160    2048 Bytes  08.12.2014 20:13:59
XBV00074.VDF  : 8.11.193.162    2048 Bytes  08.12.2014 20:13:59
XBV00075.VDF  : 8.11.193.168    2560 Bytes  08.12.2014 20:13:59
XBV00076.VDF  : 8.11.193.170    2048 Bytes  08.12.2014 20:13:59
XBV00077.VDF  : 8.11.193.172    2048 Bytes  08.12.2014 20:13:59
XBV00078.VDF  : 8.11.193.174    31232 Bytes  08.12.2014 21:09:39
XBV00079.VDF  : 8.11.193.176    2048 Bytes  08.12.2014 21:09:39
XBV00080.VDF  : 8.11.193.180    14336 Bytes  09.12.2014 21:09:39
XBV00081.VDF  : 8.11.193.184    8192 Bytes  09.12.2014 21:09:39
XBV00082.VDF  : 8.11.193.188    10240 Bytes  09.12.2014 21:09:39
XBV00083.VDF  : 8.11.193.190    4096 Bytes  09.12.2014 21:09:39
XBV00084.VDF  : 8.11.193.192    5120 Bytes  09.12.2014 21:09:39
XBV00085.VDF  : 8.11.193.194    7680 Bytes  09.12.2014 21:09:40
XBV00086.VDF  : 8.11.193.196    9216 Bytes  09.12.2014 21:09:40
XBV00087.VDF  : 8.11.193.198    2048 Bytes  09.12.2014 21:09:40
XBV00088.VDF  : 8.11.193.202    25088 Bytes  09.12.2014 21:09:40
XBV00089.VDF  : 8.11.193.208    63488 Bytes  09.12.2014 21:09:40
XBV00090.VDF  : 8.11.197.100  1426944 Bytes  23.12.2014 21:26:48
XBV00091.VDF  : 8.11.197.116    5120 Bytes  23.12.2014 21:26:48
XBV00092.VDF  : 8.11.197.134    22016 Bytes  23.12.2014 21:26:48
XBV00093.VDF  : 8.11.197.152    21504 Bytes  23.12.2014 21:26:48
XBV00094.VDF  : 8.11.197.154    2048 Bytes  23.12.2014 21:26:48
XBV00095.VDF  : 8.11.197.156    12288 Bytes  23.12.2014 21:26:48
XBV00096.VDF  : 8.11.197.158    8192 Bytes  23.12.2014 21:26:48
XBV00097.VDF  : 8.11.197.160    26112 Bytes  24.12.2014 21:26:49
XBV00098.VDF  : 8.11.197.162    8192 Bytes  24.12.2014 21:26:49
XBV00099.VDF  : 8.11.197.164    20480 Bytes  24.12.2014 21:26:49
XBV00100.VDF  : 8.11.197.166    7680 Bytes  24.12.2014 21:26:49
XBV00101.VDF  : 8.11.197.170    22016 Bytes  24.12.2014 21:26:50
XBV00102.VDF  : 8.11.197.172    6144 Bytes  24.12.2014 21:26:50
XBV00103.VDF  : 8.11.197.174    6144 Bytes  24.12.2014 21:26:50
XBV00104.VDF  : 8.11.197.190    44032 Bytes  25.12.2014 21:26:51
XBV00105.VDF  : 8.11.197.204    2048 Bytes  25.12.2014 21:26:51
XBV00106.VDF  : 8.11.197.218    16896 Bytes  25.12.2014 21:26:51
XBV00107.VDF  : 8.11.197.232    6656 Bytes  25.12.2014 21:26:51
XBV00108.VDF  : 8.11.197.248    94208 Bytes  26.12.2014 21:26:53
XBV00109.VDF  : 8.11.198.6    12288 Bytes  26.12.2014 21:26:53
XBV00110.VDF  : 8.11.198.20    13824 Bytes  26.12.2014 21:26:53
XBV00111.VDF  : 8.11.198.36    10752 Bytes  26.12.2014 21:26:53
XBV00112.VDF  : 8.11.198.38    2048 Bytes  26.12.2014 21:26:54
XBV00113.VDF  : 8.11.198.40    2048 Bytes  26.12.2014 21:26:54
XBV00114.VDF  : 8.11.198.54  108544 Bytes  27.12.2014 21:26:55
XBV00115.VDF  : 8.11.198.56    2048 Bytes  27.12.2014 21:26:55
XBV00116.VDF  : 8.11.198.70    23552 Bytes  27.12.2014 21:26:55
XBV00117.VDF  : 8.11.198.88    94208 Bytes  28.12.2014 21:26:56
XBV00118.VDF  : 8.11.198.100    18432 Bytes  28.12.2014 21:26:57
XBV00119.VDF  : 8.11.198.112    85504 Bytes  29.12.2014 22:14:57
XBV00120.VDF  : 8.11.198.114    2048 Bytes  29.12.2014 22:14:57
XBV00121.VDF  : 8.11.198.126    13824 Bytes  29.12.2014 22:14:58
XBV00122.VDF  : 8.11.198.138    4096 Bytes  29.12.2014 22:14:58
XBV00123.VDF  : 8.11.198.150    9216 Bytes  29.12.2014 22:14:58
XBV00124.VDF  : 8.11.198.162    12288 Bytes  29.12.2014 22:14:58
XBV00125.VDF  : 8.11.198.176    23040 Bytes  29.12.2014 22:14:58
XBV00126.VDF  : 8.11.198.178    12800 Bytes  29.12.2014 22:14:58
XBV00127.VDF  : 8.11.198.180  109056 Bytes  30.12.2014 21:09:55
XBV00128.VDF  : 8.11.198.182    9728 Bytes  30.12.2014 21:09:56
XBV00129.VDF  : 8.11.198.184    11264 Bytes  30.12.2014 21:09:56
XBV00130.VDF  : 8.11.198.186    12800 Bytes  30.12.2014 21:09:56
XBV00131.VDF  : 8.11.198.188    7680 Bytes  30.12.2014 21:09:56
XBV00132.VDF  : 8.11.198.192    14848 Bytes  30.12.2014 21:09:57
XBV00133.VDF  : 8.11.198.194    12800 Bytes  30.12.2014 18:53:01
XBV00134.VDF  : 8.11.198.198    86016 Bytes  31.12.2014 18:53:02
XBV00135.VDF  : 8.11.198.210    7680 Bytes  31.12.2014 18:53:02
XBV00136.VDF  : 8.11.198.220    12288 Bytes  31.12.2014 18:53:02
XBV00137.VDF  : 8.11.198.230    2048 Bytes  31.12.2014 18:53:02
XBV00138.VDF  : 8.11.198.240    28160 Bytes  31.12.2014 13:11:34
XBV00139.VDF  : 8.11.198.242  107520 Bytes  01.01.2015 13:11:34
XBV00140.VDF  : 8.11.198.252    16384 Bytes  01.01.2015 05:28:00
XBV00141.VDF  : 8.11.199.6    43008 Bytes  02.01.2015 05:28:00
XBV00142.VDF  : 8.11.199.16    20992 Bytes  02.01.2015 05:28:00
XBV00143.VDF  : 8.11.199.28    35840 Bytes  02.01.2015 05:28:01
XBV00144.VDF  : 8.11.199.38    4608 Bytes  02.01.2015 05:28:01
XBV00145.VDF  : 8.11.199.40    22528 Bytes  02.01.2015 05:28:01
XBV00146.VDF  : 8.11.199.42    2048 Bytes  02.01.2015 05:28:01
XBV00147.VDF  : 8.11.199.44    6656 Bytes  02.01.2015 03:27:08
XBV00148.VDF  : 8.11.199.46    6656 Bytes  02.01.2015 03:27:08
XBV00149.VDF  : 8.11.199.48    86528 Bytes  03.01.2015 03:27:08
XBV00150.VDF  : 8.11.199.58    2048 Bytes  03.01.2015 03:27:08
XBV00151.VDF  : 8.11.199.66    27648 Bytes  03.01.2015 03:27:08
XBV00152.VDF  : 8.11.199.74    2048 Bytes  03.01.2015 03:27:08
XBV00153.VDF  : 8.11.199.82    11264 Bytes  03.01.2015 03:27:08
XBV00154.VDF  : 8.11.199.90    13824 Bytes  03.01.2015 03:27:08
XBV00155.VDF  : 8.11.199.92    9728 Bytes  03.01.2015 03:27:08
XBV00156.VDF  : 8.11.199.94    85504 Bytes  04.01.2015 19:46:50
XBV00157.VDF  : 8.11.199.102    11776 Bytes  04.01.2015 19:46:50
XBV00158.VDF  : 8.11.199.110    9216 Bytes  04.01.2015 19:46:50
XBV00159.VDF  : 8.11.199.118    10240 Bytes  04.01.2015 19:46:50
XBV00160.VDF  : 8.11.199.126    12288 Bytes  04.01.2015 14:32:58
XBV00161.VDF  : 8.11.199.128    29696 Bytes  05.01.2015 14:32:58
XBV00162.VDF  : 8.11.199.130    2048 Bytes  05.01.2015 14:32:58
XBV00163.VDF  : 8.11.199.132    2048 Bytes  05.01.2015 14:32:59
XBV00164.VDF  : 8.11.199.134    17408 Bytes  05.01.2015 14:32:59
XBV00165.VDF  : 8.11.199.136    9216 Bytes  05.01.2015 14:32:59
XBV00166.VDF  : 8.11.199.138    12288 Bytes  05.01.2015 14:32:59
XBV00167.VDF  : 8.11.199.142    19968 Bytes  05.01.2015 20:44:02
XBV00168.VDF  : 8.11.199.144    2048 Bytes  05.01.2015 20:44:02
XBV00169.VDF  : 8.11.199.146    2048 Bytes  05.01.2015 20:44:02
XBV00170.VDF  : 8.11.199.148    2048 Bytes  05.01.2015 20:44:03
XBV00171.VDF  : 8.11.199.158    43520 Bytes  05.01.2015 08:43:55
XBV00172.VDF  : 8.11.199.164    12288 Bytes  05.01.2015 08:43:55
XBV00173.VDF  : 8.11.199.172    22528 Bytes  06.01.2015 08:43:55
XBV00174.VDF  : 8.11.199.178    9216 Bytes  06.01.2015 08:43:55
XBV00175.VDF  : 8.11.199.180    3584 Bytes  06.01.2015 08:43:55
XBV00176.VDF  : 8.11.199.182    13824 Bytes  06.01.2015 16:21:59
XBV00177.VDF  : 8.11.199.184    13312 Bytes  06.01.2015 16:21:59
XBV00178.VDF  : 8.11.199.186    17920 Bytes  06.01.2015 16:21:59
XBV00179.VDF  : 8.11.199.188    18432 Bytes  06.01.2015 16:22:00
XBV00180.VDF  : 8.11.199.192    94720 Bytes  06.01.2015 16:22:00
XBV00181.VDF  : 8.11.199.196    56832 Bytes  06.01.2015 16:22:00
XBV00182.VDF  : 8.11.199.198    28672 Bytes  06.01.2015 16:22:00
XBV00183.VDF  : 8.11.199.200    19456 Bytes  06.01.2015 16:22:00
XBV00184.VDF  : 8.11.199.202    3584 Bytes  06.01.2015 16:22:00
XBV00185.VDF  : 8.11.199.206    3584 Bytes  07.01.2015 16:22:00
XBV00186.VDF  : 8.11.199.210  102400 Bytes  07.01.2015 16:22:00
XBV00187.VDF  : 8.11.199.216    3584 Bytes  07.01.2015 16:22:00
XBV00188.VDF  : 8.11.199.222    2048 Bytes  07.01.2015 16:22:00
XBV00189.VDF  : 8.11.199.228    23552 Bytes  07.01.2015 16:22:00
XBV00190.VDF  : 8.11.199.234    19968 Bytes  07.01.2015 16:22:00
XBV00191.VDF  : 8.11.199.240    30208 Bytes  07.01.2015 16:22:00
LOCAL001.VDF  : 8.11.199.240 119618048 Bytes  07.01.2015 16:22:45
Engineversion  : 8.3.28.4 
AEVDF.DLL      : 8.3.1.6      133992 Bytes  23.10.2014 13:01:55
AESCRIPT.DLL  : 8.2.2.40      546728 Bytes  19.12.2014 15:28:03
AESCN.DLL      : 8.3.2.2      139456 Bytes  23.10.2014 13:01:55
AESBX.DLL      : 8.2.20.24    1409224 Bytes  23.10.2014 13:01:55
AERDL.DLL      : 8.2.1.16      743328 Bytes  15.11.2014 10:18:02
AEPACK.DLL    : 8.4.0.56      789360 Bytes  28.11.2014 18:41:00
AEOFFICE.DLL  : 8.3.1.8      350120 Bytes  28.11.2014 18:40:59
AEMOBILE.DLL  : 8.1.2.0      277360 Bytes  18.12.2014 00:34:56
AEHEUR.DLL    : 8.1.4.1454  7940008 Bytes  19.12.2014 15:28:03
AEHELP.DLL    : 8.3.1.0      278728 Bytes  23.10.2014 13:01:55
AEGEN.DLL      : 8.1.7.40      456608 Bytes  19.12.2014 15:27:57
AEEXP.DLL      : 8.4.2.48      252776 Bytes  26.11.2014 14:33:37
AEEMU.DLL      : 8.1.3.4      399264 Bytes  23.10.2014 13:01:55
AEDROID.DLL    : 8.4.3.6      850800 Bytes  18.12.2014 00:34:56
AECORE.DLL    : 8.3.4.0      243624 Bytes  18.12.2014 00:34:55
AEBB.DLL      : 8.1.2.0        60448 Bytes  23.10.2014 13:01:55
AVWINLL.DLL    : 14.0.7.308    25904 Bytes  23.10.2014 13:02:19
AVPREF.DLL    : 14.0.7.308    52016 Bytes  23.10.2014 13:02:05
AVREP.DLL      : 14.0.7.308    220976 Bytes  23.10.2014 13:02:05
AVARKT.DLL    : 14.0.7.308    227632 Bytes  23.10.2014 13:01:55
AVEVTLOG.DLL  : 14.0.7.440    184112 Bytes  18.12.2014 00:34:59
SQLITE3.DLL    : 14.0.7.308    453936 Bytes  23.10.2014 13:02:29
AVSMTP.DLL    : 14.0.7.308    79096 Bytes  23.10.2014 13:02:12
NETNT.DLL      : 14.0.7.308    15152 Bytes  23.10.2014 13:02:27
RCIMAGE.DLL    : 14.0.7.308  4865328 Bytes  23.10.2014 13:02:27
RCTEXT.DLL    : 14.0.7.318    77048 Bytes  23.10.2014 13:02:28

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_54a7286d\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig

Beginn des Suchlaufs: Donnerstag, 08. Jänner 2015  14:09

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '206' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxCUIService.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'CxAudMsg64.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ath_CoexAgent.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '250' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxEM.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxHK.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxTray.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrl.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'ActivateDesktop.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTFTrack.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrlHelper.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDIntelligent.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'CAudioFilterAgent64.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'fmapp.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'Energy Manager.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'utility.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hid.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'javaw.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'java.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'Taskmgr.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'WerFault.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinLogon.exe' - '33' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Felix\AppData\Local\Temp\WAX5B95.tmp'
C:\Users\Felix\AppData\Local\Temp\WAX5B95.tmp
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen

Beginne mit der Desinfektion:
C:\Users\Felix\AppData\Local\Temp\WAX5B95.tmp
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '509c2ba5.qua' verschoben!


Ende des Suchlaufs: Donnerstag, 08. Jänner 2015  14:14
Benötigte Zeit: 01:42 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
  1032 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
  1031 Dateien ohne Befall
      0 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise


Die Suchergebnisse werden an den Guard übermittelt.

Warlord711 08.01.2015 16:38
Ok.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


flotschi 08.01.2015 16:46
Hier die FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Felix (administrator) on FELIX-LAPTOP on 08-01-2015 16:41:27
Running from C:\Users\Felix\Downloads
Loaded Profile: Felix (Available profiles: Felix)
Platform: Windows 8.1 Pro (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2013-03-12] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-29] ( (Atheros Communications))
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Spotify] => C:\Users\Felix\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Spotify Web Helper] => C:\Users\Felix\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2014-12-29] (Overwolf LTD)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3670780423-1031280291-4147856401-1001] => 172.16.2.253:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416317467&from=cvs2&uid=WDCXWD5000LPCX-24C6HT0_WD-WX71A34E2289E2289
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1416317467&from=cvs2&uid=WDCXWD5000LPCX-24C6HT0_WD-WX71A34E2289E2289
SearchScopes: HKLM -> DefaultScope {39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001 -> DefaultScope {39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0F768157-0EAA-47DC-8931-D8B5630E158B&SearchSource=58&CUI=&UM=6&UP=SP8D148B4E-030F-4A40-A6B8-D55A4D2637EF&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001 -> {39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\GoU8BUpy.default
FF Homepage: hxxp://www.startfenster.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3670780423-1031280291-4147856401-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Avira Browser Safety - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\GoU8BUpy.default\Extensions\abs@avira.com [2014-11-13]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-13]
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-13]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-13]
CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-13]
CHR Extension: (Google-Suche) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-13]
CHR Extension: (Avira SafeSearch) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2014-12-16]
CHR Extension: (Pixlr-o-matic) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2014-11-13]
CHR Extension: (Google Tabellen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-13]
CHR Extension: (Avira Browserschutz) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-13]
CHR Extension: (Striped thighhighs 1920*1080) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaaiajglalmollndfaehkpihhehljgbb [2014-12-02]
CHR Extension: (AdBlock) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-13]
CHR Extension: (Psykopaint) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2014-11-13]
CHR Extension: (Google Mail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2014-12-29] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
S3 Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [76408 2015-01-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-14] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 16:41 - 2015-01-08 16:42 - 00021553 _____ () C:\Users\Felix\Downloads\FRST.txt
2015-01-08 16:41 - 2015-01-08 16:41 - 00000000 ____D () C:\FRST
2015-01-08 16:40 - 2015-01-08 16:40 - 02124288 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2015-01-08 16:39 - 2015-01-08 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.1.0
2015-01-08 16:38 - 2015-01-08 16:39 - 00000000 ____D () C:\Program Files\LMMS
2015-01-08 16:19 - 2015-01-08 16:19 - 00056048 _____ () C:\Users\Felix\Desktop\AVSCAN-20150108-140837-C4B501FB.LOG
2015-01-08 16:13 - 2015-01-08 16:15 - 31081825 _____ () C:\Users\Felix\Downloads\lmms-1.1.0-win64.exe
2015-01-07 11:26 - 2015-01-07 11:26 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-07 11:26 - 2015-01-07 11:26 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-06 20:37 - 2015-01-06 20:40 - 00000000 ____D () C:\Users\Felix\Documents\ArmA 2
2015-01-06 20:37 - 2015-01-06 20:38 - 00000000 ____D () C:\Users\Felix\AppData\Local\ArmA 2
2015-01-06 20:37 - 2015-01-06 20:37 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-01-06 20:37 - 2015-01-06 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-01-06 05:51 - 2015-01-06 05:52 - 00000000 ____D () C:\Users\Felix\Documents\Survarium
2015-01-06 05:51 - 2015-01-06 05:51 - 00002324 _____ () C:\Users\Public\Desktop\Play Survarium.lnk
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ____D () C:\Program Files (x86)\Survarium
2015-01-06 05:49 - 2015-01-06 05:49 - 01901696 _____ ( ) C:\Users\Felix\Downloads\survarium-web-installer-026f0.exe
2015-01-05 19:25 - 2015-01-05 19:25 - 00000221 _____ () C:\Users\Felix\Desktop\Arma 2.url
2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\TuneUp Software
2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Users\Felix\AppData\Local\TuneUp Software
2015-01-05 18:16 - 2015-01-05 18:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-05 18:16 - 2015-01-05 18:16 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-05 15:34 - 2015-01-05 15:34 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-05 03:08 - 2015-01-05 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts-Simulator 2009
2015-01-05 03:08 - 2015-01-05 03:08 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts-Simulator 2009
2015-01-03 01:01 - 2015-01-03 01:01 - 03090909 _____ () C:\Users\Felix\Downloads\forge-1.7.10-10.13.2.1277-installer.jar
2015-01-01 13:37 - 2015-01-01 13:37 - 00000000 ____D () C:\Users\Felix\Documents\Thief
2014-12-30 23:47 - 2014-12-30 23:47 - 00000000 ____D () C:\ProgramData\APN
2014-12-30 23:46 - 2015-01-08 14:25 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\uTorrent
2014-12-30 23:45 - 2014-12-30 23:45 - 01688656 _____ (BitTorrent Inc.) C:\Users\Felix\Downloads\uTorrent.exe
2014-12-30 16:20 - 2014-12-30 16:20 - 00000220 _____ () C:\Users\Felix\Desktop\Company of Heroes.url
2014-12-30 01:07 - 2014-12-30 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-30 01:05 - 2014-12-30 01:05 - 00000222 _____ () C:\Users\Felix\Desktop\The Forest.url
2014-12-30 00:42 - 2014-12-30 00:42 - 00000222 _____ () C:\Users\Felix\Desktop\Terraria.url
2014-12-29 14:48 - 2014-12-29 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2014-12-29 14:44 - 2014-12-29 14:48 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2014-12-28 21:26 - 2014-12-28 21:26 - 00000222 _____ () C:\Users\Felix\Desktop\Thief.url
2014-12-28 20:34 - 2014-12-28 20:34 - 00000222 _____ () C:\Users\Felix\Desktop\The Long Dark.url
2014-12-28 20:14 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-28 20:14 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-28 20:12 - 2014-12-28 20:16 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-28 20:12 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-28 20:12 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-19 16:36 - 2014-12-19 16:36 - 00003178 _____ () C:\WINDOWS\System32\Tasks\{39601E7A-02A2-4AAB-9489-A66FB8DAA331}
2014-12-18 20:10 - 2014-12-18 20:10 - 12270280 _____ (IObit ) C:\Users\Felix\Downloads\smart-defrag-setup_3.3.0.exe
2014-12-12 02:52 - 2014-12-12 02:52 - 00000000 ____D () C:\Users\Felix\AppData\Local\Conexant
2014-12-10 21:46 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 21:46 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 21:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 21:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 21:39 - 2014-12-10 21:39 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 21:39 - 2014-12-10 21:39 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-12-10 21:38 - 2014-12-11 15:13 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-10 21:38 - 2014-12-10 21:38 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-10 21:29 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 21:29 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:06 - 2014-12-17 20:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\PapDesigner
2014-12-10 18:06 - 2014-12-10 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PapDesigner
2014-12-10 18:06 - 2014-12-10 18:06 - 00000000 ____D () C:\Program Files (x86)\PapDesigner
2014-12-10 18:04 - 2014-12-10 18:04 - 00477643 _____ (friedrich folkmann) C:\Users\Felix\Downloads\papdesigner-setup.exe
2014-12-10 17:09 - 2014-12-10 17:09 - 00109691 _____ () C:\Users\Felix\Downloads\2.Bericht.odt
2014-12-10 14:00 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 14:00 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 11:35 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 11:35 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 11:35 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 11:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 11:35 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 11:35 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 11:35 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 11:35 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 11:35 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 11:35 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 11:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 11:35 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 11:35 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 11:35 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 11:35 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 11:35 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 11:35 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 11:35 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 11:35 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 11:35 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 11:35 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 11:35 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 11:35 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 11:35 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 11:35 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 11:35 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 11:35 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 11:35 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 11:35 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 11:35 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 11:35 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 11:35 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 11:35 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 11:35 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 11:35 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 11:35 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 11:35 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 11:35 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 11:35 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 11:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-10 11:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 16:39 - 2014-11-13 18:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3670780423-1031280291-4147856401-1001
2015-01-08 16:38 - 2014-11-14 08:35 - 01479307 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-08 16:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 16:03 - 2014-12-01 18:04 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-08 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-08 15:52 - 2014-11-13 20:47 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 14:15 - 2014-11-13 23:23 - 00000000 ____D () C:\Users\Felix\AppData\Local\CrashDumps
2015-01-08 14:07 - 2014-11-16 19:32 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2D79969-F193-4CA2-B985-3789168FBE4B}
2015-01-07 17:32 - 2014-12-01 17:30 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-07 17:28 - 2014-11-13 23:22 - 00000000 ____D () C:\Users\Felix\AppData\Local\ftblauncher
2015-01-07 17:27 - 2014-11-24 20:51 - 00000000 ____D () C:\Users\Felix\Desktop\FTB
2015-01-07 17:27 - 2014-11-13 19:26 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\TS3Client
2015-01-07 16:16 - 2014-11-14 18:07 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\.minecraft
2015-01-07 15:48 - 2014-11-13 20:47 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 15:07 - 2014-11-13 21:05 - 06978846 _____ () C:\Users\Public\CAFADEBUG.log
2015-01-07 15:02 - 2014-11-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-06 23:41 - 2014-11-20 00:17 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\vlc
2015-01-06 06:54 - 2014-11-13 22:32 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2015-01-06 05:51 - 2014-11-15 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-01-05 21:45 - 2014-11-30 15:55 - 06619057 _____ () C:\Users\Felix\Desktop\FTB_Launcher.exe
2015-01-05 21:45 - 2014-11-13 23:22 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\ftblauncher
2015-01-05 19:25 - 2014-12-01 21:16 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-05 18:26 - 2014-11-13 18:01 - 00000000 ____D () C:\Users\Felix\AppData\Local\VirtualStore
2015-01-05 18:20 - 2014-11-20 00:33 - 00001259 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-01-05 18:20 - 2014-11-20 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-05 18:20 - 2014-11-20 00:31 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-05 18:15 - 2014-11-20 00:31 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\RHEng
2015-01-05 18:15 - 2014-11-20 00:31 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-01-05 18:15 - 2014-11-20 00:30 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\DVDVideoSoft
2015-01-05 15:29 - 2014-11-14 08:42 - 00000000 ____D () C:\Users\Felix
2015-01-05 03:28 - 2014-11-16 13:48 - 00000000 ____D () C:\Users\Felix\Documents\My Games
2015-01-04 19:56 - 2014-11-13 22:00 - 00926692 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-04 19:56 - 2014-11-13 22:00 - 00201148 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-04 19:56 - 2014-09-24 08:17 - 01986426 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-03 00:22 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-31 20:24 - 2014-11-24 11:09 - 00000000 ____D () C:\Users\Felix\Desktop\9gag
2014-12-31 13:43 - 2014-11-18 00:37 - 00000000 ___RD () C:\Users\Felix\Desktop\Musik
2014-12-29 14:34 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-28 20:52 - 2014-12-03 06:58 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-28 20:52 - 2014-12-03 06:34 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-28 20:43 - 2014-12-03 06:34 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-28 20:17 - 2014-12-02 15:10 - 00000000 ____D () C:\TEMP
2014-12-28 20:17 - 2014-11-14 08:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-19 14:56 - 2014-11-14 16:37 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Spotify
2014-12-19 14:55 - 2014-11-14 16:38 - 00000000 ____D () C:\Users\Felix\AppData\Local\Spotify
2014-12-18 16:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 15:04 - 2014-11-18 00:22 - 00000000 ____D () C:\Users\Felix\Desktop\Schule
2014-12-13 18:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-13 14:03 - 2014-11-20 13:39 - 00000000 ____D () C:\Users\Felix\AppData\Local\Adobe
2014-12-13 14:02 - 2014-12-01 18:04 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-13 13:59 - 2014-11-14 14:54 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-13 13:59 - 2014-11-13 22:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 13:59 - 2014-11-13 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-13 13:59 - 2014-11-13 22:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-13 13:54 - 2014-11-13 19:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-13 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 13:51 - 2014-11-13 19:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 13:32 - 2014-11-15 03:03 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-13 11:08 - 2014-11-20 13:35 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-11-14 08:35 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 01097360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-11-14 08:35 - 00628040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 00:11 - 2014-11-14 08:35 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 22:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-12 02:52 - 2014-11-14 08:35 - 00000000 ____D () C:\ProgramData\Conexant
2014-12-11 15:12 - 2014-11-13 18:01 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Adobe
2014-12-10 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 02:08 - 2014-11-13 22:17 - 00007613 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2014-12-09 17:37 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-12-09 10:18 - 2014-11-13 21:24 - 00000000 ____D () C:\Users\Felix\Documents\Bluetooth Folder

Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-01 06:44

==================== End Of Log ============================
--- --- ---


Hier die Addition
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Felix at 2015-01-08 16:43:14
Running from C:\Users\Felix\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic Entertainment)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
DAO 3.5 (HKLM-x32\...\DAO 3.5) (Version:  - )
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.33 - Lenovo)
Energy Manager (x32 Version: 1.0.0.33 - Lenovo) Hidden
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free Studio version 6.4.1.1215 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.1.1215 - DVDVideoSoft Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.0 - GIANTS Software)
Landwirtschafts-Simulator 2009 (HKLM-x32\...\FarmingSimulator2009DE_is1) (Version:  - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
LibreOffice 4.3.4.1 (HKLM-x32\...\{7D983A32-F645-48AB-8E38-4ACD234F40BC}) (Version: 4.3.4.1 - The Document Foundation)
LMMS 1.1.0 (HKLM-x32\...\LMMS) (Version: 1.1.0 - LMMS Developers)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Works 2003-Setup-Start (HKLM-x32\...\Works2003Setup) (Version:  - )
Microsoft Works 7.0  (HKLM-x32\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Multisim 7 (HKLM-x32\...\Multisim 7) (Version:  - )
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.103.0 - Overwolf Ltd.)
PIC18 Simulator IDE (HKLM-x32\...\PIC18 Simulator IDE) (Version:  - )
PicoScope 6 (HKLM-x32\...\{5daa86b7-478a-4b7e-935f-27851f5503e6}) (Version: 6.5.84 - Ihr Firmenname)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SEE Electrical Schulversion V5R1 (HKLM-x32\...\SEE Electrical Schulversion V5R1) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.26f0 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Telegram Desktop version 0.6.15 (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.6.15 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.465 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Works Suite-Betriebssystem-Pack (x32 Version: 3.0.0.0000 - Microsoft Corporation) Hidden
World of Tanks (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

15-12-2014 23:35:10 DirectX wurde installiert
25-12-2014 00:49:06 Scheduled Checkpoint
28-12-2014 15:34:00 DirectX wurde installiert
30-12-2014 01:06:18 Installed Microsoft XNA Framework Redistributable 4.0
05-01-2015 18:33:57 TuneUp Utilities 2014 wird entfernt
06-01-2015 20:36:02 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {097947BF-A7A7-4BD4-8AAA-109D48321674} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {367642C7-F151-4234-A0C1-BBFF7E1EA8A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {4538F798-E2C4-4AC2-A684-76C51E245B3C} - System32\Tasks\{39601E7A-02A2-4AAB-9489-A66FB8DAA331} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {480F5DCE-EB3A-4596-BD92-345E5A4D63A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {545342E1-34D9-4351-AB96-2D1BA9491771} - System32\Tasks\{50BD3826-AB86-427B-B28A-87562A0AD4B4} => pcalua.exe -a D:\AUTORUN\AUTORUN.EXE -d D:\
Task: {59F11C48-6742-4643-B359-CAB7E2283999} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5AE73B76-5E1F-4C06-94C3-23F75429F427} - System32\Tasks\{15F73C64-7F0C-4671-8C2F-D6B6920CD7F7} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {6269E6D2-022A-444D-816E-FB41EC22F2B6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-13] (Microsoft Corporation)
Task: {A870ADBF-0423-48AB-970F-AF8690624955} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-12-29] (Overwolf LTD)
Task: {E012AB8A-F5B7-4836-A097-1FB88FF956E0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13] (Adobe Systems Incorporated)
Task: {E0F27EDE-FAB1-4C0F-9B93-03B37B9A7C1F} - System32\Tasks\{F4615502-948E-4E28-947A-556B71DC15B5} => pcalua.exe -a C:\Users\Felix\Desktop\Multisim7\multisim.exe -d C:\Users\Felix\Desktop\Multisim7
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-22 17:48 - 2014-09-11 07:06 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2014-12-03 06:34 - 2014-12-03 06:34 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-11-14 08:35 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-10-29 22:22 - 2013-10-29 22:22 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-10-29 22:19 - 2013-10-29 22:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-10-29 22:26 - 2013-10-29 22:26 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-11-13 21:06 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-11-14 15:14 - 2013-03-12 10:06 - 00246784 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-11-13 20:55 - 2013-09-16 20:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-14 15:14 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Overwolf"

========================= Accounts: ==========================

Administrator (S-1-5-21-3670780423-1031280291-4147856401-500 - Administrator - Disabled)
Felix (S-1-5-21-3670780423-1031280291-4147856401-1001 - Administrator - Enabled) => C:\Users\Felix
Guest (S-1-5-21-3670780423-1031280291-4147856401-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Philips SHG7980
Description: USB-Audiogerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-USB-Audio)
Service: usbaudio
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 02:10:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13ec

Startzeit: 01d02a96dcc78c69

Endzeit: 687

Anwendungspfad: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe

Berichts-ID: ba8fb544-9737-11e4-be95-28d2448d10cd

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/08/2015 02:10:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm java.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fac

Startzeit: 01d02a9771b6b8cf

Endzeit: 619

Anwendungspfad: C:\Program Files\Java\jre1.8.0_25\bin\java.exe

Berichts-ID: a2f8cc13-9737-11e4-be95-28d2448d10cd

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/08/2015 01:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FreeYTVDownloader.exe, Version: 3.2.51.1215, Zeitstempel: 0x548f33c9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000edae2
ID des fehlerhaften Prozesses: 0xe1c
Startzeit der fehlerhaften Anwendung: 0xFreeYTVDownloader.exe0
Pfad der fehlerhaften Anwendung: FreeYTVDownloader.exe1
Pfad des fehlerhaften Moduls: FreeYTVDownloader.exe2
Berichtskennung: FreeYTVDownloader.exe3
Vollständiger Name des fehlerhaften Pakets: FreeYTVDownloader.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FreeYTVDownloader.exe5

Error: (01/07/2015 05:33:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (01/07/2015 05:33:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (01/07/2015 05:33:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


System errors:
=============
Error: (01/08/2015 04:34:13 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/08/2015 04:33:43 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/07/2015 03:07:24 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/07/2015 03:07:24 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/06/2015 07:31:58 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/06/2015 07:31:28 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/06/2015 07:26:11 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/06/2015 07:25:41 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/06/2015 07:22:07 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/06/2015 07:21:37 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (01/08/2015 02:10:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.1813ec01d02a96dcc78c69687C:\Program Files\Java\jre1.8.0_25\bin\javaw.exeba8fb544-9737-11e4-be95-28d2448d10cd

Error: (01/08/2015 02:10:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: java.exe8.0.25.18fac01d02a9771b6b8cf619C:\Program Files\Java\jre1.8.0_25\bin\java.exea2f8cc13-9737-11e4-be95-28d2448d10cd

Error: (01/08/2015 01:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreeYTVDownloader.exe3.2.51.1215548f33c9ntdll.dll6.3.9600.1727853eeb4a3c000000d000edae2e1c01d02a9795afc7abC:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exeC:\WINDOWS\SYSTEM32\ntdll.dllc94103db-9733-11e4-be95-28d2448d10cd

Error: (01/07/2015 05:33:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (01/07/2015 05:33:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (01/07/2015 05:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (01/07/2015 05:33:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


CodeIntegrity Errors:
===================================
  Date: 2014-11-15 03:16:01.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 3992.36 MB
Available physical RAM: 1652.53 MB
Total Pagefile: 8088.36 MB
Available Pagefile: 4605.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:297.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Warlord711 08.01.2015 16:57
Dein Java 8 Update 25 spinnt etwas rum lt. Ereignisprotokollauszug.

Am besten 32+64bit Versionen nochmal deinstallieren und neu installieren.

Ansonsten so weitermachen:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

flotschi 09.01.2015 06:40
AdwCleaner Logfile:
Code:
# AdwCleaner v4.107 - Report created 09/01/2015 at 06:04:18
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Felix - FELIX-LAPTOP
# Running from : C:\Users\Felix\Downloads\AdwCleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\SecTaskMan
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Users\Felix\AppData\Roaming\RHEng
File Deleted : C:\Users\Felix\Favorites\Startfenster.lnk
File Deleted : C:\Users\Felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
File Deleted : C:\Users\Felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
File Deleted : C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{39DE7A9E-A227-4E4E-A9A4-9D6F23C29EA7}
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v

[GoU8BUpy.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.startfenster.de");

-\\ Google Chrome v39.0.2171.95

[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0F768157-0EAA-47DC-8931-D8B5630E158B&SearchSource=58&CUI=&UM=6&UP=SP8D148B4E-030F-4A40-A6B8-D55A4D2637EF&q={searchTerms}&SSPV=
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0F768157-0EAA-47DC-8931-D8B5630E158B&SearchSource=58&CUI=&UM=6&UP=SP8D148B4E-030F-4A40-A6B8-D55A4D2637EF&q={searchTerms}&SSPV=
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [4867 octets] - [09/01/2015 06:02:05]
AdwCleaner[S0].txt - [4041 octets] - [09/01/2015 06:04:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4101 octets] ##########
--- --- ---



JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro x64
Ran by Felix on 09.01.2015 at  6:12:23,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Felix\favorites\links\startfenster.lnk"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2015 at  6:14:56,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

Warlord711 09.01.2015 08:42
Ok, fehlt noch Malwarebytes und neues FRST Log ;-)

flotschi 09.01.2015 16:06
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 09.01.2015
Suchlauf-Zeit: 06:37:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.09.04
Rootkit Datenbank: v2015.01.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Felix

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 334189
Verstrichene Zeit: 9 Std, 12 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Felix (administrator) on FELIX-LAPTOP on 09-01-2015 16:02:31
Running from C:\Users\Felix\Downloads
Loaded Profiles: Felix &  (Available profiles: Felix)
Platform: Windows 8.1 Pro (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\LMMS\lmms.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2013-03-12] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-29] ( (Atheros Communications))
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Spotify] => C:\Users\Felix\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Spotify Web Helper] => C:\Users\Felix\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2014-12-29] (Overwolf LTD)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Felix\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Felix\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-19] (Spotify Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2014-12-29] (Overwolf LTD)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3670780423-1031280291-4147856401-1001] => 172.16.2.253:8080
ProxyServer: [S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 172.16.2.253:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\GoU8BUpy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3670780423-1031280291-4147856401-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Avira Browser Safety - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\GoU8BUpy.default\Extensions\abs@avira.com [2014-11-13]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-13]
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-13]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-13]
CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-13]
CHR Extension: (Google-Suche) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-13]
CHR Extension: (Avira SafeSearch) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2014-12-16]
CHR Extension: (Pixlr-o-matic) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2014-11-13]
CHR Extension: (Google Tabellen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-13]
CHR Extension: (Avira Browserschutz) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-13]
CHR Extension: (Striped thighhighs 1920*1080) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaaiajglalmollndfaehkpihhehljgbb [2014-12-02]
CHR Extension: (AdBlock) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-13]
CHR Extension: (Psykopaint) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2014-11-13]
CHR Extension: (Google Mail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2014-12-29] (Overwolf LTD)
S3 Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [76408 2015-01-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-14] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-09] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 16:02 - 2015-01-09 16:03 - 00021013 _____ () C:\Users\Felix\Downloads\FRST.txt
2015-01-09 16:02 - 2015-01-09 16:02 - 00001196 _____ () C:\Users\Felix\Desktop\mbam.txt
2015-01-09 15:42 - 2015-01-09 16:01 - 00002352 _____ () C:\Users\Felix\.lmmsrc.xml
2015-01-09 15:41 - 2015-01-09 15:41 - 00000000 ____D () C:\Users\Felix\lmms
2015-01-09 06:36 - 2015-01-09 06:37 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 06:36 - 2015-01-09 06:36 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-09 06:36 - 2015-01-09 06:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-09 06:36 - 2015-01-09 06:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-09 06:36 - 2015-01-09 06:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-09 06:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-09 06:36 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-09 06:36 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-09 06:14 - 2015-01-09 06:14 - 00000700 _____ () C:\Users\Felix\Desktop\JRT.txt
2015-01-09 06:11 - 2015-01-09 06:11 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-09 06:05 - 2015-01-09 06:06 - 00002654 _____ () C:\WINDOWS\PFRO.log
2015-01-09 06:01 - 2015-01-09 06:04 - 00000000 ____D () C:\AdwCleaner
2015-01-09 06:00 - 2015-01-09 06:01 - 02191360 _____ () C:\Users\Felix\Downloads\AdwCleaner_4.107.exe
2015-01-09 05:51 - 2015-01-09 05:51 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-09 05:40 - 2015-01-09 05:40 - 01707939 _____ (Thisisu) C:\Users\Felix\Downloads\JRT.exe
2015-01-09 05:40 - 2015-01-09 05:40 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-01-09 05:39 - 2015-01-09 05:40 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Felix\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-08 16:41 - 2015-01-09 16:02 - 00000000 ____D () C:\FRST
2015-01-08 16:40 - 2015-01-08 16:40 - 02124288 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2015-01-08 16:39 - 2015-01-08 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.1.0
2015-01-08 16:38 - 2015-01-08 16:39 - 00000000 ____D () C:\Program Files\LMMS
2015-01-08 16:19 - 2015-01-08 16:19 - 00056048 _____ () C:\Users\Felix\Desktop\AVSCAN-20150108-140837-C4B501FB.LOG
2015-01-08 16:13 - 2015-01-08 16:15 - 31081825 _____ () C:\Users\Felix\Downloads\lmms-1.1.0-win64.exe
2015-01-07 11:26 - 2015-01-07 11:26 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-07 11:26 - 2015-01-07 11:26 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-06 20:37 - 2015-01-06 20:40 - 00000000 ____D () C:\Users\Felix\Documents\ArmA 2
2015-01-06 20:37 - 2015-01-06 20:38 - 00000000 ____D () C:\Users\Felix\AppData\Local\ArmA 2
2015-01-06 20:37 - 2015-01-06 20:37 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-01-06 20:37 - 2015-01-06 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-01-06 05:51 - 2015-01-06 05:52 - 00000000 ____D () C:\Users\Felix\Documents\Survarium
2015-01-06 05:51 - 2015-01-06 05:51 - 00002324 _____ () C:\Users\Public\Desktop\Play Survarium.lnk
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium
2015-01-06 05:51 - 2015-01-06 05:51 - 00000000 ____D () C:\Program Files (x86)\Survarium
2015-01-06 05:49 - 2015-01-06 05:49 - 01901696 _____ ( ) C:\Users\Felix\Downloads\survarium-web-installer-026f0.exe
2015-01-05 19:25 - 2015-01-05 19:25 - 00000221 _____ () C:\Users\Felix\Desktop\Arma 2.url
2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\TuneUp Software
2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Users\Felix\AppData\Local\TuneUp Software
2015-01-05 18:16 - 2015-01-05 18:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-05 18:16 - 2015-01-05 18:16 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-05 15:34 - 2015-01-05 15:34 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-05 03:08 - 2015-01-05 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts-Simulator 2009
2015-01-05 03:08 - 2015-01-05 03:08 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts-Simulator 2009
2015-01-01 13:37 - 2015-01-01 13:37 - 00000000 ____D () C:\Users\Felix\Documents\Thief
2014-12-30 23:46 - 2015-01-08 14:25 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\uTorrent
2014-12-30 16:20 - 2014-12-30 16:20 - 00000220 _____ () C:\Users\Felix\Desktop\Company of Heroes.url
2014-12-30 01:07 - 2014-12-30 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-30 01:05 - 2014-12-30 01:05 - 00000222 _____ () C:\Users\Felix\Desktop\The Forest.url
2014-12-30 00:42 - 2014-12-30 00:42 - 00000222 _____ () C:\Users\Felix\Desktop\Terraria.url
2014-12-29 14:48 - 2014-12-29 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2014-12-29 14:44 - 2014-12-29 14:48 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2014-12-28 21:26 - 2014-12-28 21:26 - 00000222 _____ () C:\Users\Felix\Desktop\Thief.url
2014-12-28 20:34 - 2014-12-28 20:34 - 00000222 _____ () C:\Users\Felix\Desktop\The Long Dark.url
2014-12-28 20:14 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-28 20:14 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-28 20:14 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-28 20:12 - 2014-12-28 20:16 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-28 20:12 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-28 20:12 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-19 16:36 - 2014-12-19 16:36 - 00003178 _____ () C:\WINDOWS\System32\Tasks\{39601E7A-02A2-4AAB-9489-A66FB8DAA331}
2014-12-12 02:52 - 2014-12-12 02:52 - 00000000 ____D () C:\Users\Felix\AppData\Local\Conexant
2014-12-10 21:46 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 21:46 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 21:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 21:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 21:39 - 2014-12-10 21:39 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 21:39 - 2014-12-10 21:39 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-12-10 21:38 - 2014-12-11 15:13 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-10 21:38 - 2014-12-10 21:38 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-10 21:29 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 21:29 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:06 - 2014-12-17 20:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\PapDesigner
2014-12-10 18:06 - 2014-12-10 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PapDesigner
2014-12-10 18:06 - 2014-12-10 18:06 - 00000000 ____D () C:\Program Files (x86)\PapDesigner
2014-12-10 17:09 - 2014-12-10 17:09 - 00109691 _____ () C:\Users\Felix\Downloads\2.Bericht.odt
2014-12-10 14:00 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 14:00 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 11:35 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 11:35 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 11:35 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 11:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 11:35 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 11:35 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 11:35 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 11:35 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 11:35 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 11:35 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 11:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 11:35 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 11:35 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 11:35 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 11:35 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 11:35 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 11:35 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 11:35 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 11:35 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 11:35 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 11:35 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 11:35 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 11:35 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 11:35 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 11:35 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 11:35 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 11:35 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 11:35 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 11:35 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 11:35 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 11:35 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 11:35 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 11:35 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 11:35 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 11:35 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 11:35 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 11:35 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 11:35 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 11:35 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 11:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-10 11:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 16:03 - 2014-12-01 18:04 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-09 15:59 - 2014-11-14 08:35 - 01574791 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 15:52 - 2014-11-13 20:47 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 15:46 - 2014-11-16 19:32 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2D79969-F193-4CA2-B985-3789168FBE4B}
2015-01-09 15:42 - 2014-11-14 08:42 - 00000000 ____D () C:\Users\Felix
2015-01-09 06:18 - 2014-11-13 18:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3670780423-1031280291-4147856401-1001
2015-01-09 06:06 - 2014-11-13 20:47 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 06:06 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-09 06:05 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-09 06:04 - 2014-11-13 21:05 - 07024428 _____ () C:\Users\Public\CAFADEBUG.log
2015-01-09 05:51 - 2014-11-13 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-09 05:46 - 2014-11-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 05:40 - 2014-11-14 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-01-09 05:40 - 2014-11-14 00:08 - 00000000 ____D () C:\Program Files\Java
2015-01-08 23:19 - 2014-11-24 20:51 - 00000000 ____D () C:\Users\Felix\Desktop\FTB
2015-01-08 16:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 14:15 - 2014-11-13 23:23 - 00000000 ____D () C:\Users\Felix\AppData\Local\CrashDumps
2015-01-07 17:32 - 2014-12-01 17:30 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-07 17:28 - 2014-11-13 23:22 - 00000000 ____D () C:\Users\Felix\AppData\Local\ftblauncher
2015-01-07 17:27 - 2014-11-13 19:26 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\TS3Client
2015-01-07 16:16 - 2014-11-14 18:07 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\.minecraft
2015-01-06 23:41 - 2014-11-20 00:17 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\vlc
2015-01-06 06:54 - 2014-11-13 22:32 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2015-01-06 05:51 - 2014-11-15 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-01-05 21:45 - 2014-11-30 15:55 - 06619057 _____ () C:\Users\Felix\Desktop\FTB_Launcher.exe
2015-01-05 21:45 - 2014-11-13 23:22 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\ftblauncher
2015-01-05 19:25 - 2014-12-01 21:16 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-05 18:26 - 2014-11-13 18:01 - 00000000 ____D () C:\Users\Felix\AppData\Local\VirtualStore
2015-01-05 18:20 - 2014-11-20 00:33 - 00001259 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-01-05 18:20 - 2014-11-20 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-05 18:20 - 2014-11-20 00:31 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-05 18:15 - 2014-11-20 00:31 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-01-05 18:15 - 2014-11-20 00:30 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\DVDVideoSoft
2015-01-05 03:28 - 2014-11-16 13:48 - 00000000 ____D () C:\Users\Felix\Documents\My Games
2015-01-04 19:56 - 2014-11-13 22:00 - 00926692 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-04 19:56 - 2014-11-13 22:00 - 00201148 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-04 19:56 - 2014-09-24 08:17 - 01986426 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-31 20:24 - 2014-11-24 11:09 - 00000000 ____D () C:\Users\Felix\Desktop\9gag
2014-12-31 13:43 - 2014-11-18 00:37 - 00000000 ___RD () C:\Users\Felix\Desktop\Musik
2014-12-28 20:52 - 2014-12-03 06:58 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-28 20:43 - 2014-12-03 06:34 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-28 20:17 - 2014-12-02 15:10 - 00000000 ____D () C:\TEMP
2014-12-28 20:17 - 2014-11-14 08:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-19 14:56 - 2014-11-14 16:37 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Spotify
2014-12-19 14:55 - 2014-11-14 16:38 - 00000000 ____D () C:\Users\Felix\AppData\Local\Spotify
2014-12-18 16:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 15:04 - 2014-11-18 00:22 - 00000000 ____D () C:\Users\Felix\Desktop\Schule
2014-12-13 18:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-13 14:03 - 2014-11-20 13:39 - 00000000 ____D () C:\Users\Felix\AppData\Local\Adobe
2014-12-13 14:02 - 2014-12-01 18:04 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-13 13:59 - 2014-11-14 14:54 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-13 13:59 - 2014-11-13 22:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 13:59 - 2014-11-13 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-13 13:59 - 2014-11-13 22:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-13 13:54 - 2014-11-13 19:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-13 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 13:51 - 2014-11-13 19:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 13:32 - 2014-11-15 03:03 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-13 11:08 - 2014-11-20 13:35 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-13 11:08 - 2014-11-13 23:19 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-11-14 08:35 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 01097360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-11-14 08:35 - 00628040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-12-13 09:03 - 2014-11-14 08:35 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-11-13 22:37 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 00:11 - 2014-11-14 08:35 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 22:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-12 02:52 - 2014-11-14 08:35 - 00000000 ____D () C:\ProgramData\Conexant
2014-12-11 15:12 - 2014-11-13 18:01 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Adobe
2014-12-10 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 02:08 - 2014-11-13 22:17 - 00007613 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-01 06:44

==================== End Of Log ============================
--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Felix at 2015-01-09 16:03:38
Running from C:\Users\Felix\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic Entertainment)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
DAO 3.5 (HKLM-x32\...\DAO 3.5) (Version:  - )
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.33 - Lenovo)
Energy Manager (x32 Version: 1.0.0.33 - Lenovo) Hidden
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free Studio version 6.4.1.1215 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.1.1215 - DVDVideoSoft Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.0 - GIANTS Software)
Landwirtschafts-Simulator 2009 (HKLM-x32\...\FarmingSimulator2009DE_is1) (Version:  - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
LibreOffice 4.3.4.1 (HKLM-x32\...\{7D983A32-F645-48AB-8E38-4ACD234F40BC}) (Version: 4.3.4.1 - The Document Foundation)
LMMS 1.1.0 (HKLM-x32\...\LMMS) (Version: 1.1.0 - LMMS Developers)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Works 2003-Setup-Start (HKLM-x32\...\Works2003Setup) (Version:  - )
Microsoft Works 7.0  (HKLM-x32\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Multisim 7 (HKLM-x32\...\Multisim 7) (Version:  - )
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.103.0 - Overwolf Ltd.)
PIC18 Simulator IDE (HKLM-x32\...\PIC18 Simulator IDE) (Version:  - )
PicoScope 6 (HKLM-x32\...\{5daa86b7-478a-4b7e-935f-27851f5503e6}) (Version: 6.5.84 - Ihr Firmenname)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SEE Electrical Schulversion V5R1 (HKLM-x32\...\SEE Electrical Schulversion V5R1) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.26f0 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Telegram Desktop version 0.6.15 (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.6.15 - Telegram Messenger LLP)
Telegram Desktop version 0.6.15 (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.6.15 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.465 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Works Suite-Betriebssystem-Pack (x32 Version: 3.0.0.0000 - Microsoft Corporation) Hidden
World of Tanks (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3670780423-1031280291-4147856401-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

15-12-2014 23:35:10 DirectX wurde installiert
25-12-2014 00:49:06 Scheduled Checkpoint
28-12-2014 15:34:00 DirectX wurde installiert
30-12-2014 01:06:18 Installed Microsoft XNA Framework Redistributable 4.0
05-01-2015 18:33:57 TuneUp Utilities 2014 wird entfernt
06-01-2015 20:36:02 DirectX wurde installiert
09-01-2015 05:38:49 Removed Java SE Development Kit 8 Update 25 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {097947BF-A7A7-4BD4-8AAA-109D48321674} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {367642C7-F151-4234-A0C1-BBFF7E1EA8A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {4538F798-E2C4-4AC2-A684-76C51E245B3C} - System32\Tasks\{39601E7A-02A2-4AAB-9489-A66FB8DAA331} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {480F5DCE-EB3A-4596-BD92-345E5A4D63A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {545342E1-34D9-4351-AB96-2D1BA9491771} - System32\Tasks\{50BD3826-AB86-427B-B28A-87562A0AD4B4} => pcalua.exe -a D:\AUTORUN\AUTORUN.EXE -d D:\
Task: {59F11C48-6742-4643-B359-CAB7E2283999} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5AE73B76-5E1F-4C06-94C3-23F75429F427} - System32\Tasks\{15F73C64-7F0C-4671-8C2F-D6B6920CD7F7} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {6269E6D2-022A-444D-816E-FB41EC22F2B6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-13] (Microsoft Corporation)
Task: {A870ADBF-0423-48AB-970F-AF8690624955} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-12-29] (Overwolf LTD)
Task: {E012AB8A-F5B7-4836-A097-1FB88FF956E0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13] (Adobe Systems Incorporated)
Task: {E0F27EDE-FAB1-4C0F-9B93-03B37B9A7C1F} - System32\Tasks\{F4615502-948E-4E28-947A-556B71DC15B5} => pcalua.exe -a C:\Users\Felix\Desktop\Multisim7\multisim.exe -d C:\Users\Felix\Desktop\Multisim7
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-14 08:35 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-22 17:48 - 2014-09-11 07:06 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-10-29 22:22 - 2013-10-29 22:22 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-10-29 22:19 - 2013-10-29 22:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-10-29 22:26 - 2013-10-29 22:26 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-11-13 21:06 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-11-14 15:14 - 2013-03-12 10:06 - 00246784 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-11-14 15:14 - 2013-03-01 16:43 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2014-12-23 19:09 - 2014-12-23 19:09 - 02329600 _____ () C:\Program Files\LMMS\lmms.exe
2014-03-18 22:32 - 2014-03-18 22:32 - 00706365 _____ () C:\Program Files\LMMS\SDL.dll
2014-07-06 12:22 - 2014-07-06 12:22 - 00168585 _____ () C:\Program Files\LMMS\libogg-0.dll
2014-03-18 10:45 - 2014-03-18 10:45 - 01187610 _____ () C:\Program Files\LMMS\libportaudio-2.dll
2014-03-21 11:40 - 2014-03-21 11:40 - 01664724 _____ () C:\Program Files\LMMS\libsamplerate-0.dll
2014-03-21 11:45 - 2014-03-21 11:45 - 02885278 _____ () C:\Program Files\LMMS\libsndfile-1.dll
2014-03-21 11:40 - 2014-03-21 11:40 - 00746727 _____ () C:\Program Files\LMMS\libvorbis-0.dll
2014-03-21 11:40 - 2014-03-21 11:40 - 00918297 _____ () C:\Program Files\LMMS\libvorbisenc-2.dll
2014-03-21 11:40 - 2014-03-21 11:40 - 00214245 _____ () C:\Program Files\LMMS\libvorbisfile-3.dll
2014-03-18 10:49 - 2014-03-18 10:49 - 00106496 _____ () C:\Program Files\LMMS\zlib1.dll
2014-07-06 12:23 - 2014-07-06 12:23 - 01177574 _____ () C:\Program Files\LMMS\libpng16-16.dll
2014-03-21 11:44 - 2014-03-21 11:44 - 01126708 _____ () C:\Program Files\LMMS\libFLAC-8.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00196608 _____ () C:\Program Files\LMMS\plugins\amplifier.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00487424 _____ () C:\Program Files\LMMS\plugins\audiofileprocessor.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00196608 _____ () C:\Program Files\LMMS\plugins\bassbooster.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00304640 _____ () C:\Program Files\LMMS\plugins\bitinvader.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00192512 _____ () C:\Program Files\LMMS\plugins\delay.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00248832 _____ () C:\Program Files\LMMS\plugins\dualfilter.dll
2014-12-23 19:09 - 2014-12-23 19:09 - 00328192 _____ () C:\Program Files\LMMS\plugins\dynamicsprocessor.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00295424 _____ () C:\Program Files\LMMS\plugins\flpimport.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00627712 _____ () C:\Program Files\LMMS\plugins\hydrogenimport.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00311296 _____ () C:\Program Files\LMMS\plugins\kicker.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00195584 _____ () C:\Program Files\LMMS\plugins\ladspabrowser.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00212480 _____ () C:\Program Files\LMMS\plugins\ladspaeffect.dll
2014-12-23 19:12 - 2014-12-23 19:12 - 00307712 _____ () C:\Program Files\LMMS\plugins\lb302.dll
2014-12-23 19:16 - 2014-12-23 19:16 - 01089024 _____ () C:\Program Files\LMMS\plugins\libZynAddSubFxCore.dll
2014-07-06 12:26 - 2014-07-06 12:26 - 02204672 _____ () C:\Program Files\LMMS\libfftw3f-3.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00845824 _____ () C:\Program Files\LMMS\plugins\malletsstk.dll
2014-12-23 19:12 - 2014-12-23 19:12 - 00684544 _____ () C:\Program Files\LMMS\plugins\midiimport.dll
2014-12-23 19:12 - 2014-12-23 19:12 - 00453120 _____ () C:\Program Files\LMMS\plugins\monstro.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00324096 _____ () C:\Program Files\LMMS\plugins\nes.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00377344 _____ () C:\Program Files\LMMS\plugins\OPL2.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00256512 _____ () C:\Program Files\LMMS\plugins\organic.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00308224 _____ () C:\Program Files\LMMS\plugins\papu.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00251904 _____ () C:\Program Files\LMMS\plugins\patman.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00213504 _____ () C:\Program Files\LMMS\plugins\peakcontrollereffect.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00322560 _____ () C:\Program Files\LMMS\plugins\sf2player.dll
2014-03-21 11:42 - 2014-03-21 11:42 - 02043685 _____ () C:\Program Files\LMMS\libfluidsynth.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00328192 _____ () C:\Program Files\LMMS\plugins\sfxr.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00510464 _____ () C:\Program Files\LMMS\plugins\sid.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00202752 _____ () C:\Program Files\LMMS\plugins\spectrumanalyzer.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00178176 _____ () C:\Program Files\LMMS\plugins\stereoenhancer.dll
2014-12-23 19:13 - 2014-12-23 19:13 - 00188928 _____ () C:\Program Files\LMMS\plugins\stereomatrix.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00279552 _____ () C:\Program Files\LMMS\plugins\tripleoscillator.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00261120 _____ () C:\Program Files\LMMS\plugins\vibedstrings.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00246272 _____ () C:\Program Files\LMMS\plugins\vstbase.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00235008 _____ () C:\Program Files\LMMS\plugins\vsteffect.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00365056 _____ () C:\Program Files\LMMS\plugins\watsyn.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00303104 _____ () C:\Program Files\LMMS\plugins\waveshaper.dll
2014-12-23 19:16 - 2014-12-23 19:16 - 00328192 _____ () C:\Program Files\LMMS\plugins\zynaddsubfx.dll
2014-12-23 19:14 - 2014-12-23 19:14 - 00274432 _____ () C:\Program Files\LMMS\plugins\vestige.dll
2014-03-21 11:49 - 2014-03-21 11:49 - 06663342 _____ () C:\Program Files\LMMS\libfltk.dll
2014-03-18 22:32 - 2014-03-18 22:32 - 01446312 _____ () C:\Program Files\LMMS\libjpeg-9.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\alias_1407.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00034816 _____ () C:\Program Files\LMMS\plugins\ladspa\allpass_1895.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00020480 _____ () C:\Program Files\LMMS\plugins\ladspa\am_pitchshift_1433.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00023552 _____ () C:\Program Files\LMMS\plugins\ladspa\amp_1181.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\bandpass_a_iir_1893.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00025088 _____ () C:\Program Files\LMMS\plugins\ladspa\bandpass_iir_1892.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00021504 _____ () C:\Program Files\LMMS\plugins\ladspa\bode_shifter_1431.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00022016 _____ () C:\Program Files\LMMS\plugins\ladspa\bode_shifter_cv_1432.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00031232 _____ () C:\Program Files\LMMS\plugins\ladspa\butterworth_1902.dll
2014-12-23 19:12 - 2014-12-23 19:12 - 03222016 _____ () C:\Program Files\LMMS\plugins\ladspa\calf.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 01160192 _____ () C:\Program Files\LMMS\plugins\ladspa\caps.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00020480 _____ () C:\Program Files\LMMS\plugins\ladspa\chebstortion_1430.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00276480 _____ () C:\Program Files\LMMS\plugins\ladspa\cmt.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\comb_1190.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00034304 _____ () C:\Program Files\LMMS\plugins\ladspa\comb_1887.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\comb_splitter_1411.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00017408 _____ () C:\Program Files\LMMS\plugins\ladspa\const_1909.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\crossover_dist_1404.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00016896 _____ () C:\Program Files\LMMS\plugins\ladspa\dc_remove_1207.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00021504 _____ () C:\Program Files\LMMS\plugins\ladspa\decay_1886.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023552 _____ () C:\Program Files\LMMS\plugins\ladspa\decimator_1202.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\declip_1195.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00028672 _____ () C:\Program Files\LMMS\plugins\ladspa\delay_1898.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00029696 _____ () C:\Program Files\LMMS\plugins\ladspa\delayorama_1402.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026112 _____ () C:\Program Files\LMMS\plugins\ladspa\diode_1185.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023040 _____ () C:\Program Files\LMMS\plugins\ladspa\divider_1186.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00034304 _____ () C:\Program Files\LMMS\plugins\ladspa\dj_eq_1901.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00019456 _____ () C:\Program Files\LMMS\plugins\ladspa\dj_flanger_1438.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00028672 _____ () C:\Program Files\LMMS\plugins\ladspa\dyson_compress_1403.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023040 _____ () C:\Program Files\LMMS\plugins\ladspa\fad_delay_1192.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026112 _____ () C:\Program Files\LMMS\plugins\ladspa\fast_lookahead_limiter_1913.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00020992 _____ () C:\Program Files\LMMS\plugins\ladspa\flanger_1191.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\foldover_1213.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\foverdrive_1196.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00019456 _____ () C:\Program Files\LMMS\plugins\ladspa\freq_tracker_1418.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026624 _____ () C:\Program Files\LMMS\plugins\ladspa\gate_1410.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00020480 _____ () C:\Program Files\LMMS\plugins\ladspa\giant_flange_1437.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00031744 _____ () C:\Program Files\LMMS\plugins\ladspa\gong_1424.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\gong_beater_1439.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00065024 _____ () C:\Program Files\LMMS\plugins\ladspa\gsm_1215.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00033280 _____ () C:\Program Files\LMMS\plugins\ladspa\gverb_1216.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\hard_limiter_1413.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00020992 _____ () C:\Program Files\LMMS\plugins\ladspa\harmonic_gen_1220.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00049152 _____ () C:\Program Files\LMMS\plugins\ladspa\hermes_filter_1200.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\highpass_iir_1890.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00017408 _____ () C:\Program Files\LMMS\plugins\ladspa\hilbert_1440.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00323072 _____ () C:\Program Files\LMMS\plugins\ladspa\imp_1199.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00017408 _____ () C:\Program Files\LMMS\plugins\ladspa\impulse_1885.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\inv_1429.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\karaoke_1409.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00014848 _____ () C:\Program Files\LMMS\plugins\ladspa\ladspa-util.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\latency_1914.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00028160 _____ () C:\Program Files\LMMS\plugins\ladspa\lcr_delay_1436.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\lowpass_iir_1891.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023040 _____ () C:\Program Files\LMMS\plugins\ladspa\ls_filter_1908.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00019456 _____ () C:\Program Files\LMMS\plugins\ladspa\matrix_ms_st_1421.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\matrix_spatialiser_1422.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\matrix_st_ms_1420.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00032256 _____ () C:\Program Files\LMMS\plugins\ladspa\mbeq_1197.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\mod_delay_1419.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00027136 _____ () C:\Program Files\LMMS\plugins\ladspa\multivoice_chorus_1201.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026112 _____ () C:\Program Files\LMMS\plugins\ladspa\notch_iir_1894.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00028672 _____ () C:\Program Files\LMMS\plugins\ladspa\phasers_1217.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\pitch_scale_1193.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\pitch_scale_1194.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00031232 _____ () C:\Program Files\LMMS\plugins\ladspa\plate_1423.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00021504 _____ () C:\Program Files\LMMS\plugins\ladspa\pointer_cast_1910.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00017920 _____ () C:\Program Files\LMMS\plugins\ladspa\rate_shifter_1417.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00022016 _____ () C:\Program Files\LMMS\plugins\ladspa\retro_flange_1208.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026624 _____ () C:\Program Files\LMMS\plugins\ladspa\revdelay_1605.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00025600 _____ () C:\Program Files\LMMS\plugins\ladspa\ringmod_1188.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023552 _____ () C:\Program Files\LMMS\plugins\ladspa\satan_maximiser_1408.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00027136 _____ () C:\Program Files\LMMS\plugins\ladspa\sc1_1425.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00027136 _____ () C:\Program Files\LMMS\plugins\ladspa\sc2_1426.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00028160 _____ () C:\Program Files\LMMS\plugins\ladspa\sc3_1427.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00030208 _____ () C:\Program Files\LMMS\plugins\ladspa\sc4_1882.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00029696 _____ () C:\Program Files\LMMS\plugins\ladspa\sc4m_1916.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00029696 _____ () C:\Program Files\LMMS\plugins\ladspa\se4_1883.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023552 _____ () C:\Program Files\LMMS\plugins\ladspa\shaper_1187.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00045568 _____ () C:\Program Files\LMMS\plugins\ladspa\sifter_1210.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\sin_cos_1881.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\single_para_1203.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00019456 _____ () C:\Program Files\LMMS\plugins\ladspa\sinus_wavewrapper_1198.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00017920 _____ () C:\Program Files\LMMS\plugins\ladspa\smooth_decimate_1414.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\split_1406.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\step_muxer_1212.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018432 _____ () C:\Program Files\LMMS\plugins\ladspa\surround_encoder_1401.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\svf_1214.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00023552 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_autopan.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00027648 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_chorusflanger.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00026624 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_deesser.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00034816 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_doubler.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00030208 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_dynamics_m.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00034816 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_dynamics_st.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00025088 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_echo.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00036352 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_eq.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00039424 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_eqbw.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_limiter.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00024064 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_pinknoise.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00027136 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_pitch.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00025088 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_reflector.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00050688 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_reverb.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00029696 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_rotspeak.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00025600 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_sigmoid.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00023040 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_tremolo.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00020480 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_tubewarmth.dll
2014-12-23 19:10 - 2014-12-23 19:10 - 00024576 _____ () C:\Program Files\LMMS\plugins\ladspa\tap_vibrato.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00025600 _____ () C:\Program Files\LMMS\plugins\ladspa\tape_delay_1211.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\transient_1206.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00030720 _____ () C:\Program Files\LMMS\plugins\ladspa\triple_para_1204.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\valve_1209.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\valve_rect_1405.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00026112 _____ () C:\Program Files\LMMS\plugins\ladspa\vocoder_1337.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00029696 _____ () C:\Program Files\LMMS\plugins\ladspa\vynil_1905.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00018944 _____ () C:\Program Files\LMMS\plugins\ladspa\wave_terrain_1412.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00023040 _____ () C:\Program Files\LMMS\plugins\ladspa\xfade_1915.dll
2014-12-23 19:11 - 2014-12-23 19:11 - 00016896 _____ () C:\Program Files\LMMS\plugins\ladspa\zm1_1428.dll
2014-11-14 15:14 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-11-14 15:14 - 2011-11-22 14:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2014-11-13 20:55 - 2013-09-16 20:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 15:54 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3670780423-1031280291-4147856401-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Overwolf"

========================= Accounts: ==========================

Administrator (S-1-5-21-3670780423-1031280291-4147856401-500 - Administrator - Disabled)
Felix (S-1-5-21-3670780423-1031280291-4147856401-1001 - Administrator - Enabled) => C:\Users\Felix
Guest (S-1-5-21-3670780423-1031280291-4147856401-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/09/2015 04:04:05 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 04:03:29 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 04:02:59 PM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 06:38:27 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 06:37:57 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 06:37:26 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 06:36:56 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/09/2015 06:36:26 AM) (Source: DCOM) (EventID: 10010) (User: Felix-Laptop)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-15 03:16:01.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 3992.36 MB
Available physical RAM: 1533.05 MB
Total Pagefile: 6168.36 MB
Available Pagefile: 3117.36 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:299.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Warlord711 12.01.2015 08:38
Ja, sieht sehr gut aus.
Dann kurz SecurityCheck + temporäre Dateien löschen und dann den ESET Online Scanner, der braucht länger, gerne auch mal ein paar Stunden.

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 12:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131