Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ich kann keine Programme mehr öffnen (https://www.trojaner-board.de/163281-keine-programme-mehr-oeffnen.html)

Unwissender1 30.01.2015 12:07
Hier die Fix List.

Ja ist installiert und hat mir das nach dem Download angezeigt.


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL =
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---


[CODE][/CO
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL =
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---
DE]

Habe es noch einmal versucht und die txt am Desktop gespeichert. Aber FRST lässt mir keinen Fix mehr machen. No Fixlist found?

[CODE][
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by ar-sports (administrator) on AR-SPORTS-PC on 30-01-2015 09:04:18
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2011-01-18] (Intel(R) Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Media remote] => C:\Program Files (x86)\Media remote\Media remote.exe [1535000 2011-05-18] ()
HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe [443392 2013-02-01] (May Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe [184880 2011-07-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885043606-201990974-2310804300-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ar-sports\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1885043606-201990974-2310804300-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1885043606-201990974-2310804300-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> {0717C853-92C3-0B8F-FF07-6E168161B86D} URL =
BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1885043606-201990974-2310804300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.17.100

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt [2011-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\Acer Bio Protection\FFExt20
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt20 [2011-09-10]
FF HKU\S-1-5-21-1885043606-201990974-2310804300-1001\...\Firefox\Extensions: [{284fed43-2e13-4afe-8aeb-50827d510e20}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Google-Suche) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Google Mail) - C:\Users\ar-sports\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [240112 2011-10-28] (CyberLink)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] () [File not signed]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] () [File not signed]
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [57344 2005-06-09] (IBM Corporation) [File not signed]
R2 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [307760 2011-07-13] (Egis Technology Inc. )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-07] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 09:03 - 2015-01-30 09:03 - 00004051 _____ () C:\Users\ar-sports\Desktop\Fixlist.txt
2015-01-29 23:49 - 2015-01-29 23:50 - 00000000 ____D () C:\13508aa44d652281d0ffe991
2015-01-29 20:30 - 2015-01-29 20:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Bildcomputer
2015-01-29 20:15 - 2015-01-30 09:04 - 00000000 ____D () C:\Users\ar-sports\Downloads\FRST-OlderVersion
2015-01-29 20:15 - 2015-01-29 20:16 - 00039047 _____ () C:\Users\ar-sports\Downloads\FRST.txt
2015-01-29 20:15 - 2015-01-29 20:16 - 00031322 _____ () C:\Users\ar-sports\Downloads\Addition.txt
2015-01-29 20:07 - 2015-01-29 20:07 - 00852573 _____ () C:\Users\ar-sports\Desktop\SecurityCheck.exe
2015-01-29 15:24 - 2015-01-29 15:24 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - ccfcbbb1da5f42e29333bd39eac1e2ab07e06d474b3648d0af4f25925603686c
2015-01-29 08:53 - 2015-01-29 08:53 - 01707939 _____ (Thisisu) C:\Users\ar-sports\Desktop\JRT.exe
2015-01-29 08:40 - 2015-01-29 08:40 - 02194432 _____ () C:\Users\ar-sports\Desktop\AdwCleaner_4.109.exe
2015-01-29 07:49 - 2015-01-30 07:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 07:49 - 2015-01-29 07:49 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2015-01-29 07:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-29 07:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 07:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 07:47 - 2015-01-29 07:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ar-sports\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 23:50 - 2015-01-28 23:51 - 00000000 ____D () C:\e5af0b43c0ead705e8f5a70b8555
2015-01-28 19:15 - 2015-01-28 19:15 - 00033772 _____ () C:\ComboFix.txt
2015-01-28 18:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-28 18:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-28 18:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-28 18:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-28 18:55 - 2015-01-28 19:15 - 00000000 ____D () C:\Qoobox
2015-01-28 18:55 - 2015-01-28 19:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-28 18:54 - 2015-01-28 18:54 - 05610841 ____R (Swearware) C:\Users\ar-sports\Desktop\ComboFix.exe
2015-01-28 18:23 - 2015-01-28 18:23 - 00001268 _____ () C:\Users\ar-sports\Desktop\Revo Uninstaller.lnk
2015-01-28 18:23 - 2015-01-28 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-28 18:22 - 2015-01-28 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ar-sports\Downloads\revosetup95.exe
2015-01-28 13:28 - 2015-01-28 13:29 - 00000000 ____D () C:\9a8479723a599ea3c91ede
2015-01-28 08:42 - 2015-01-28 08:43 - 00000000 ____D () C:\5ec6513707ea3739629bac1bb9e073
2015-01-28 04:09 - 2015-01-30 09:04 - 00000000 ____D () C:\FRST
2015-01-28 00:01 - 2015-01-28 00:01 - 00000000 ____D () C:\8ed94f21db07ead1de5b4b47817232
2015-01-27 18:52 - 2015-01-29 20:15 - 02130432 _____ (Farbar) C:\Users\ar-sports\Downloads\FRST64.exe
2015-01-26 23:45 - 2015-01-26 23:46 - 00000000 ____D () C:\260044cb1e8dfa06e556a3b12f3868
2015-01-25 23:47 - 2015-01-25 23:48 - 00000000 ____D () C:\abd2c10a63f765a5b5741677
2015-01-25 21:20 - 2015-01-25 21:20 - 00001861 _____ () C:\Users\ar-sports\Desktop\UseNeXT by Tangysoft.lnk
2015-01-25 21:20 - 2015-01-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-01-25 21:06 - 2015-01-25 21:06 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\ar-sports\Downloads\UseNeXTSetup_5.64.exe
2015-01-25 14:25 - 2015-01-25 14:31 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Samsung
2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\Users\Public\Documents\SmartSwitch
2015-01-25 13:56 - 2015-01-30 08:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\8908D6CF-FA27-41F6-911D-151CEE0547DD.aplzod
2015-01-25 13:38 - 2015-01-25 13:39 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup (1).exe
2015-01-25 13:34 - 2015-01-25 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:31 - 2015-01-25 13:33 - 71647536 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\icloudsetup.exe
2015-01-25 00:09 - 2015-01-25 00:10 - 00000000 ____D () C:\567f23d61e19196654ff15f6d11c7d
2015-01-24 00:13 - 2015-01-24 00:13 - 00000000 ____D () C:\7b97ffe15426a80f1fa531e9
2015-01-23 00:05 - 2015-01-23 00:06 - 00000000 ____D () C:\89cf8cad9273348b3978
2015-01-21 23:56 - 2015-01-21 23:57 - 00000000 ____D () C:\e8d3e4ba50f785c1c8
2015-01-21 17:14 - 2015-01-21 17:14 - 00000891 _____ () C:\Users\ar-sports\Desktop\iPhone von Andi - Verknüpfung.lnk
2015-01-21 17:05 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 16:39 - 2015-01-21 17:05 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 16:39 - 2015-01-21 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 16:39 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 16:38 - 2015-01-21 16:38 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 16:33 - 2015-01-21 16:36 - 122418480 _____ (Apple Inc.) C:\Users\ar-sports\Downloads\iTunes64Setup (1).exe
2015-01-20 23:29 - 2015-01-20 23:30 - 00000000 ____D () C:\e8bd0b5a87fe32c4ee
2015-01-19 23:13 - 2015-01-19 23:13 - 00000000 ____D () C:\5e7e451a0cf836eaaab73e2081786c
2015-01-19 17:07 - 2015-01-19 17:08 - 00000000 ____D () C:\8249325112d6e9bc1f611f
2015-01-14 22:30 - 2015-01-14 22:30 - 00013844 _____ () C:\Users\ar-sports\Documents\Kopie von Logistikaufstellung DAVID 2015.xlsx
2015-01-14 08:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:36 - 2015-01-13 16:36 - 00003560 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - b39ff3e4de754a48ad14dfb13da642efb9b0e44ec9ba4f87be1144be0cdef85e

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 08:57 - 2012-04-18 13:58 - 00000000 ____D () C:\Users\ar-sports\Documents\Outlook-Dateien
2015-01-30 08:51 - 2012-11-21 08:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 08:31 - 2013-04-25 18:45 - 00000000 ____D () C:\Users\ar-sports\Desktop\Nürburgring
2015-01-30 08:20 - 2011-09-10 02:35 - 02014907 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 08:17 - 2012-08-12 20:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:10 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 07:01 - 2013-11-23 15:51 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 07:01 - 2012-11-21 08:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 07:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 07:01 - 2009-07-14 05:51 - 00140897 _____ () C:\Windows\setupact.log
2015-01-29 17:02 - 2014-10-16 12:31 - 00000000 ____D () C:\Users\ar-sports\Desktop\Schneeräumen
2015-01-29 08:45 - 2010-11-21 04:47 - 00433990 _____ () C:\Windows\PFRO.log
2015-01-29 08:44 - 2013-11-12 18:51 - 00000000 ____D () C:\AdwCleaner
2015-01-29 08:38 - 2014-12-27 15:54 - 00000000 ____D () C:\Users\ar-sports\Desktop\Autos
2015-01-29 07:49 - 2013-11-12 23:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 19:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:30 - 2012-07-12 20:12 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\vlc
2015-01-27 18:06 - 2011-09-10 12:28 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2015-01-27 18:06 - 2011-09-10 12:28 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2015-01-27 18:06 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 07:53 - 2014-01-21 08:03 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 21:20 - 2012-04-19 11:31 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-01-25 21:18 - 2012-04-18 17:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\UseNeXT
2015-01-25 21:13 - 2013-05-05 13:49 - 00000000 ____D () C:\Program Files (x86)\Racelogic
2015-01-25 15:47 - 2012-05-12 12:59 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Dropbox
2015-01-25 14:53 - 2012-05-28 09:20 - 00012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 13:56 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Roaming\Apple Computer
2015-01-25 13:41 - 2013-11-04 10:51 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Apple Computer
2015-01-25 13:33 - 2013-11-04 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-24 23:17 - 2012-08-12 20:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:17 - 2012-04-19 06:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:17 - 2011-08-03 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:18 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\ar-sports\Desktop\DavidMedien
2015-01-22 08:30 - 2012-05-12 13:01 - 00000000 ___RD () C:\Users\ar-sports\Dropbox
2015-01-21 16:38 - 2013-11-04 10:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 16:30 - 2013-11-04 10:47 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 15:28 - 2014-11-24 16:17 - 00001996 ____H () C:\Users\ar-sports\Documents\Default.rdp
2015-01-21 15:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-19 20:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 20:22 - 2012-04-17 16:01 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-16 23:06 - 2012-04-18 17:56 - 00000000 ____D () C:\Users\ar-sports\AppData\Local\Adobe
2015-01-16 21:02 - 2014-12-09 22:17 - 00000000 ____D () C:\Users\ar-sports\Desktop\Chris25
2015-01-16 00:08 - 2014-12-14 11:51 - 00000000 ____D () C:\Users\ar-sports\Desktop\AudiS3
2015-01-15 00:22 - 2013-08-14 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:18 - 2012-04-18 07:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:45 - 2014-07-27 16:55 - 00000000 ____D () C:\Users\ar-sports\Desktop\Aufträge_David
2015-01-13 14:31 - 2014-12-03 13:55 - 00000000 ____D () C:\ZR-Excelsicherung
2015-01-11 15:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-28 09:20 - 2015-01-25 14:53 - 0012288 _____ () C:\Users\ar-sports\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-06 14:15 - 2014-08-06 14:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-10 03:09 - 2012-04-18 15:35 - 0013715 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\ar-sports\AppData\Local\Temp\avgnt.exe
C:\Users\ar-sports\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 10:02

==================== End Of Log ============================
--- --- ---

--- --- ---
/CODE]

Sorry wenn die jetzt doppelt und dreifach sind..

schrauber 30.01.2015 14:28
Zitat:
Running from C:\Users\ar-sports\Downloads\FRST-OlderVersion
Wo liegt denn bei Dir FRST? ;)

FRST neu laden, auf den Desktop, dann klappt das auch mit der Fixlist :).

Was machen die Fehlermeldungen nach Neustart?

Unwissender1 31.01.2015 09:46
So jetzt aber...
Habe es auf dem Desktop noch einmal runtergeladen aber die Fehlermeldungen gingen beim Neustart leider wieder auf...

[CODE][Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by ar-sports at 2015-01-30 15:27:33 Run:1
Running from C:\Users\ar-sports\Desktop
Loaded Profiles: UpdatusUser & ar-sports (Available profiles: UpdatusUser & ar-sports)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Desktop\FreeVideoDub1810.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT1351351\Softonic_DeutschAutoUpdaterHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngin0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD1.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\ldrtbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof1.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof2.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\GLF11.tmp.tbDVDV.dll

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\Softonic_Deutsch.exe

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\ToolbarUpdater_1289802965\autoUpdater.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngin0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngine.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\prxtbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD2.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVDV.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\ldrtbSof0.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSof1.dll

C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSoft.dll
Emptytemp:

*****************

C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Desktop\FreeVideoDub1810.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT1351351\Softonic_DeutschAutoUpdaterHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngin0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\ldrtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\tbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\ldrtbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\tbSof2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\GLF11.tmp.tbDVDV.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\Softonic_Deutsch.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\ToolbarUpdater_1289802965\autoUpdater.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Conduit\Community Alerts\Alert1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngin0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\ldrtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\prxtbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVD2.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\DVDVideoSoftTB\tbDVDV.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\ldrtbSof0.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSof1.dll => Moved successfully.
C:\Users\ar-sports\Desktop\alteplatte\Programme\Softonic_Deutsch\tbSoft.dll => Moved successfully.
EmptyTemp: => Removed 2.5 GB temporary data.


The system needed a reboot.

==== End of Fixlog 15:31:13 ====/CODE]

Hallo Schrauber hier noch eine Info die vielleicht relevant ist.

Immer wenn ich den Computer runter fahre erscheint

Schalten Sie den Computer nicht aus es wird 1 von 1 Update installiert..... Das erscheint immer! Update waren immer so alle 2-4 Wochen und dann aber mehrere.


Wenn der Computer hochgefahren ist erscheint nach ca. 3-4 Minuten die Info Java Auto Updater Möchten Sie zulassen das durch das folgende Programm bla bla bla.....

Habe mit ja oder mit nein etc. bestätigt die Frage kommt aber immer wieder..

schrauber 31.01.2015 13:36
Die Net Framework Fehler erscheinen immer noch obwohl das Framework jetzt installiert ist?


http://www.deeprybka.trojaner-board....r/wraioneu.PNG
  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
http://deeprybka.trojaner-board.de/b...srepair271.png

Unwissender1 31.01.2015 19:31
Leider keine Besserung. Alles wie vorher :-(

schrauber 01.02.2015 10:02
Windows Scheibe zur Hand?

Unwissender1 01.02.2015 12:35
Was meinst Du mit Windows Scheibe??

schrauber 01.02.2015 17:07
na die Windows DVD :)

Unwissender1 01.02.2015 17:43
Achso eine DVD:lach:

Sorry ich habe gerade den der mir den Laptop verkauft und eingerichtet hat angerufen und der meinte Windows war vorinstalliert.

schrauber 01.02.2015 19:43
Dann müssen wir ne ISO bauen :)

http://www.trojaner-board.de/100776-...-download.html

schrauber 01.02.2015 19:43
Dann müssen wir ne ISO bauen :)

http://www.trojaner-board.de/100776-...-download.html

Unwissender1 02.02.2015 17:41
Hallo Schrauber DVD ist fertig. Es geht ja nur um eine Reparatur und nicht um eine komplette Neuinstallierung oder? Sonst muss ich alle Daten sichern..

schrauber 02.02.2015 21:17
genau, nur reparieren :)

"In Place Upgrade"

Unwissender1 02.02.2015 22:23
Liste der Anhänge anzeigen (Anzahl: 2)
Hm also ich hoffe das ist das richtige was ich da runter geladen habe??

Ich drücke auf Boot und dann kommt folgendes und wo soll ich da drücken sorry für die doofen Fragen..

schrauber 03.02.2015 09:36
Sicher dass Du das ISO korrekt auf die DVD gebracht hast?


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:19 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130