Hallo cosinus, mittlerweile kann ich vom Laptop posten
Teil2
AdwCleaner Logfile: Code:
# AdwCleaner v4.206 - Bericht erstellt 17/06/2015 um 23:05:50
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-17.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Carsten - CARSTEN
# Gestarted von : C:\Users\Carsten\Desktop\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : ColorMedia
[#] Dienst Gelöscht : RBClientService
[#] Dienst Gelöscht : 4ef60154
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\HealthAlert
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\radio
Ordner Gelöscht : C:\ProgramData\{bd9d0755-efcc-1991-bd9d-d0755efc1d57}
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
Ordner Gelöscht : C:\Program Files (x86)\Right Backup
Ordner Gelöscht : C:\Program Files (x86)\ClickForSaale
Ordner Gelöscht : C:\Program Files (x86)\Coupon Digger
Ordner Gelöscht : C:\Program Files (x86)\deaL4mee
Ordner Gelöscht : C:\Program Files (x86)\diEEaL4me
Ordner Gelöscht : C:\Program Files (x86)\Last Tab Keeper
Ordner Gelöscht : C:\Program Files (x86)\LiuicKyShOpper
Ordner Gelöscht : C:\Program Files (x86)\LLuickyuShopper
Ordner Gelöscht : C:\Program Files (x86)\LucckyCCoupoen
Ordner Gelöscht : C:\Program Files (x86)\LuckYShooPpeR
Ordner Gelöscht : C:\Program Files (x86)\RoyaAllCoupon
Ordner Gelöscht : C:\Program Files (x86)\ROYaalShoppeRAApp
Ordner Gelöscht : C:\Program Files (x86)\SalaEEsCheCkeR
Ordner Gelöscht : C:\Program Files (x86)\SaulesMagnet
Ordner Gelöscht : C:\Program Files (x86)\savearoN
Ordner Gelöscht : C:\Program Files (x86)\saveingtOYYOu
Ordner Gelöscht : C:\Program Files (x86)\ShopperuMaistEr
Ordner Gelöscht : C:\Program Files (x86)\SomartComparoE
Ordner Gelöscht : C:\Program Files (x86)\WooWCoouponu
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\speed browser
Ordner Gelöscht : C:\Users\Carsten\AppData\Local\9CCE64D0-1424624861-81F5-2400-7824AF296216
Ordner Gelöscht : C:\Users\Carsten\AppData\Local\9CCE64D0-1425750621-81F5-2400-7824AF296216
Ordner Gelöscht : C:\Users\Carsten\AppData\LocalLow\SmartWeb
Ordner Gelöscht : C:\Users\Carsten\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\rightbackup
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\sparta123
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Ordner Gelöscht : C:\Users\Carsten\Documents\PCSpeedUp
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\3psOVDhyV@fk.net
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\GS@F1iS0Nmr.org
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\NN@gmmy.org
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\V@ist.org
Ordner Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\Zync8SC@De.edu
Datei Gelöscht : C:\Program Files (x86)\prefs.js
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\ICSW_0L1L2X1PtJ1V0N1F1C2Z1F1GtAyCtD.txt
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\invalidprefs.js
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\user.js
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.delta-homes.com_0.localstorage
Datei Gelöscht : C:\Users\Carsten\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.delta-homes.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
Task Gelöscht : gtaUpt
Task Gelöscht : Right Backup_startup
Task Gelöscht : Advanced System~Protector_startup
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Verknüpfung Desinfiziert : C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe\Warframe.lnk
Verknüpfung Desinfiziert : C:\Users\Carsten\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk
Verknüpfung Desinfiziert : C:\Users\Carsten\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PCSU.Registry
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\99bfa1b1-4fb0-c321-d3f4-9a71d028b0ab
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{10F67E56-58A9-4A52-A48A-A28A75FF9FBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5518881B-BB38-46C7-A27C-024DA02AD167}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SecuredDownload
Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\IGS
Schlüssel Gelöscht : HKLM\SOFTWARE\SiteSee
Schlüssel Gelöscht : HKLM\SOFTWARE\SecurityUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AE9B04F2-E9E8-162C-829B-52C116B3EFCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3119AFD3-545C-0955-573A-494F62E61990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SecurityUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{09854D8E-46B5-057B-5B6E-BFD2A04AD5AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0D566ABB-889B-AF39-7B6A-23D4C5D54542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{66951628-3E5A-9C96-37EA-490E187974D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C998B44-82D8-CC7E-D847-4CD73036412A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A9F7A981-09A3-C1F7-2D46-1BA20CFDF02F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SecurityUtility
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5081D2D4-1637-404c-B74F-50526718257D}_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\de.reimageplus.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\playsushi.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v37.0.1 (x86 de)
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "istartsurf");
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "istartsurf");
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=1434106095&from=xtab&uid=3BE23898C1D64ffbA4A9F85A87AE5732&q={searchTerms}");
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("extensions.HwRyP9LgRy2mwfbD.scode", "(function(){try{if(window.location.href.indexOf(\"rjCHqHY5rjYFrdwErTYGrHU6rHU\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("extensions.uYfZ9a5sWqpcqoAK.scode", "(function(){try{if(window.location.href.indexOf(\"rjCHqHY5rjYFrdwErTYGrHU6rHU\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[dk0njk6k.default-1425814825542\prefs.js] - Zeile Gelöscht : user_pref("extensions.vyWmklpFU7Pd2XvN.scode", "(function(){try{if(window.location.href.indexOf(\"rjCHqHY5rjYFrdwErTYGrHU6rHU\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
-\\ Chromium v
-\\ Opera v30.0.1835.59
*************************
AdwCleaner[R0].txt - [14873 Bytes] - [17/06/2015 23:03:18]
AdwCleaner[S0].txt - [13152 Bytes] - [17/06/2015 23:05:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13212 Bytes] ##########
--- --- ---
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.1 (06.17.2015:2)
OS: Windows 8.1 x64
Ran by Carsten on 17.06.2015 at 23:13:23,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Dynamo Combo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Dynamo Combo
~~~ Files
Successfully deleted: [File] C:\Users\Carsten\appdata\local\nsb9AD6.tmp
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\t122078ed
Successfully deleted: [Folder] C:\Users\Carsten\appdata\locallow\company
Successfully deleted: [Folder] C:\ProgramData\15926887554843256858
Successfully deleted: [Folder] C:\ProgramData\33042a52875d448f81c55f523653ee6a
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.06.2015 at 23:20:13,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Carsten (administrator) on CARSTEN on 17-06-2015 23:23:28
Running from C:\Users\Carsten\Desktop
Loaded Profiles: Carsten (Available Profiles: Carsten)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [416080 2015-01-22] (Perfect World Entertainment)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4923832 2015-05-26] (Emsisoft Ltd)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-05-27] (Avira Operations GmbH & Co. KG)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3715676092-2590170253-164830291-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {1F81E7D8-EAD3-463C-8209-858DEC5E4FDD} -> No File
BHO: No Name -> {34D0826E-7DC1-4B54-90ED-191A60ADA6A1} -> No File
BHO: No Name -> {70FDDD11-A146-4C0F-A4DA-8A8F25DB87B3} -> No File
BHO: No Name -> {e5500ead-9940-45ff-8d34-d97dd41ababe} -> No File
BHO: SomartComparoE -> {EC9F8CAB-2247-4F36-BCE7-3DFD2447DC9E} -> C:\Program Files (x86)\SomartComparoE\mp2mC2DfxxjsJd.x64.dll No File
BHO: No Name -> {F4734433-9CAE-423E-B8E2-9BDF2454A795} -> No File
BHO: No Name -> {F56950E1-4EFE-46D0-A9A1-36C423DBD37B} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-01-22] (Perfect World Entertainment Inc)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: GetTheDiscount - C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\dk0njk6k.default-1425814825542\Extensions\gftblidtdfyu_ool@irvibpzkrwemeewgs.org [2015-05-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-08]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-24]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-11]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Carsten\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-01-17]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.de/"
OPR Extension: (Dynamo Combo) - C:\Users\Carsten\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgohmfhlbipbcmmpdonacmkpibfghppn [2015-05-03]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.delta-homes.com/?type=sc&ts=1434105950&z=766685ec54ab49f54f76b6dg6z6c3z2gee0w0tac1o&from=ient06122&uid=ST1000LM024XHN-M101MBB_S32XJ9BF501796
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5155576 2015-05-26] (Emsisoft Ltd)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-05-27] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-01-22] (Perfect World Entertainment Inc)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-09-30] (iolo technologies, LLC)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-06-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-25] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-05-27] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (EldoS Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 23:23 - 2015-06-17 23:23 - 00019895 _____ C:\Users\Carsten\Desktop\FRST.txt
2015-06-17 23:23 - 2015-06-17 07:22 - 02109952 _____ (Farbar) C:\Users\Carsten\Desktop\FRST64.exe
2015-06-17 23:20 - 2015-06-17 23:20 - 00001211 _____ C:\Users\Carsten\Desktop\JRT.txt
2015-06-17 23:13 - 2015-06-17 23:13 - 00000207 _____ C:\Windows\tweaking.com-regbackup-CARSTEN-Windows-8.1-(64-bit).dat
2015-06-17 23:13 - 2015-06-17 23:13 - 00000000 ____D C:\RegBackup
2015-06-17 23:13 - 2015-06-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-17 23:12 - 2015-06-17 23:11 - 02949914 _____ (Thisisu) C:\Users\Carsten\Desktop\JRT(1).exe
2015-06-17 23:11 - 2015-06-17 23:11 - 02949914 _____ (Thisisu) C:\Users\Carsten\Downloads\JRT(1).exe
2015-06-17 23:10 - 2015-06-17 23:06 - 00013325 _____ C:\Users\Carsten\Desktop\AdwCleaner[S0].txt
2015-06-17 23:04 - 2015-06-14 06:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Carsten\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-17 23:03 - 2015-06-17 23:06 - 00000000 ____D C:\AdwCleaner
2015-06-17 23:02 - 2015-06-17 07:20 - 02231296 _____ C:\Users\Carsten\Desktop\AdwCleaner_4.206.exe
2015-06-17 23:01 - 2015-06-17 23:01 - 02231296 _____ C:\Users\Carsten\Downloads\AdwCleaner_4.206(1).exe
2015-06-17 22:49 - 2015-06-17 22:49 - 00026361 _____ C:\Users\Carsten\Desktop\mbam.txt
2015-06-17 07:22 - 2015-06-17 07:22 - 02109952 _____ (Farbar) C:\Users\Carsten\Downloads\FRST64.exe
2015-06-17 07:21 - 2015-06-17 07:21 - 02946265 _____ (Thisisu) C:\Users\Carsten\Downloads\JRT.exe
2015-06-17 07:20 - 2015-06-17 07:20 - 02231296 _____ C:\Users\Carsten\Downloads\AdwCleaner_4.206.exe
2015-06-17 07:18 - 2015-06-17 07:19 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Carsten\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-16 13:06 - 2015-06-16 13:06 - 00000000 ____D C:\Users\Carsten\AppData\Local\GWX
2015-06-16 09:17 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-16 09:17 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-16 09:17 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 14:09 - 2015-06-15 14:09 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Avira
2015-06-15 14:07 - 2015-05-27 13:11 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-15 14:07 - 2015-05-27 13:11 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-15 14:07 - 2015-05-27 13:11 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-06-15 14:07 - 2015-05-27 13:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-06-15 14:04 - 2015-06-15 14:04 - 00001210 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-15 14:03 - 2015-06-15 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-15 14:03 - 2015-06-15 14:07 - 00000000 ____D C:\ProgramData\Avira
2015-06-15 14:03 - 2015-06-15 14:07 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-14 21:38 - 2015-06-14 21:38 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-14 21:03 - 2015-06-17 23:23 - 00000000 ____D C:\FRST
2015-06-14 20:54 - 2015-06-14 20:54 - 00000000 ____D C:\ProgramData\Emsisoft
2015-06-14 12:03 - 2015-06-14 12:03 - 00003094 _____ C:\Windows\System32\Tasks\{56A2E47B-41EE-408C-A573-8F3B696F1CA8}
2015-06-14 09:41 - 2015-06-17 23:09 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 09:39 - 2015-06-17 22:24 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 09:39 - 2015-06-17 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-14 09:39 - 2015-06-17 22:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 09:39 - 2015-06-14 09:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-14 09:39 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-14 09:39 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-14 09:39 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-14 09:26 - 2015-06-14 09:26 - 00000000 ____D C:\Users\Carsten\Desktop\trojaner-board
2015-06-14 09:21 - 2015-06-14 20:59 - 00056900 _____ C:\EamClean.log
2015-06-14 08:12 - 2015-06-14 08:12 - 00001105 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-06-14 08:12 - 2015-06-14 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-06-14 08:11 - 2015-03-24 00:17 - 00135800 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp64.sys
2015-06-14 08:10 - 2015-06-17 23:09 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-06-14 08:07 - 2015-06-14 08:08 - 00000000 ____D C:\daten
2015-06-12 19:45 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-12 19:42 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-12 19:42 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-12 19:42 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-12 19:42 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-12 19:42 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-12 19:42 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-12 19:42 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-12 19:42 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-12 19:42 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-12 19:42 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-12 19:42 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-12 19:42 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-12 19:42 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-12 19:42 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-12 19:42 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-12 19:42 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-12 19:42 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-12 19:42 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-12 19:42 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-12 19:42 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-12 19:42 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-12 19:42 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-12 19:42 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-12 19:42 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-12 19:42 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-12 19:42 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-12 19:42 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-12 19:42 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-12 19:42 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-12 19:42 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-12 19:42 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-12 19:42 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-12 19:42 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-12 19:42 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-12 19:42 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-12 19:42 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-12 19:42 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-12 19:42 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-12 19:42 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-12 19:42 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-12 19:42 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 19:42 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-12 15:12 - 2015-06-12 15:33 - 00000000 _____ C:\Recovery.txt
2015-06-12 14:37 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-12 14:37 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-12 14:37 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 14:37 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-12 14:37 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-12 14:37 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-12 14:37 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-12 14:37 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-12 14:37 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-12 14:37 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-12 14:37 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-12 14:37 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-12 14:37 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-12 14:37 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-12 14:37 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-12 14:37 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-12 14:37 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-12 14:37 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-12 14:37 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-12 14:37 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-12 14:37 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-12 14:37 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-12 14:37 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-12 14:37 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-12 14:37 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-12 14:37 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-12 14:37 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-12 14:37 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-12 14:37 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-12 14:37 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-12 11:23 - 2015-06-12 11:23 - 00000000 ____D C:\Windows\system32\config\Original
2015-06-11 12:33 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-06-04 09:45 - 2015-06-04 09:46 - 00000000 ____D C:\Users\Carsten\Desktop\Programme
2015-06-04 09:44 - 2015-06-04 09:46 - 00000000 ____D C:\Users\Carsten\Desktop\Origin usw
2015-05-29 09:04 - 2015-05-29 09:55 - 00000000 ____D C:\Users\Carsten\AppData\Local\PAYDAY 2
2015-05-29 09:04 - 2015-05-29 09:04 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-05-27 07:59 - 2015-05-29 20:32 - 00000080 _____ C:\Users\Carsten\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-05-27 07:59 - 2015-05-27 07:59 - 00000000 ____D C:\Users\Carsten\Documents\Rockstar Games
2015-05-27 07:59 - 2015-05-27 07:59 - 00000000 ____D C:\Users\Carsten\AppData\Local\Rockstar Games
2015-05-27 07:59 - 2015-05-27 07:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-05-27 07:58 - 2015-05-27 07:58 - 00000000 ____D C:\Program Files\Rockstar Games
2015-05-26 16:05 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-26 16:05 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-25 21:36 - 2015-06-12 11:52 - 00000000 ____D C:\Program Files (x86)\Talking Tom Cat Kid Ginger
2015-05-24 15:34 - 2015-06-11 12:28 - 00003452 _____ C:\Windows\System32\Tasks\Ororubeovbren
2015-05-24 15:34 - 2015-05-24 15:34 - 00000000 ____D C:\ProgramData\Ororubeovbren
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 23:23 - 2014-06-24 18:46 - 01948980 _____ C:\Windows\WindowsUpdate.log
2015-06-17 23:18 - 2014-12-25 15:48 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3715676092-2590170253-164830291-1001
2015-06-17 23:11 - 2014-12-25 15:43 - 00000074 _____ C:\Users\Carsten\AppData\Roaming\sp_data.sys
2015-06-17 23:09 - 2014-12-27 16:17 - 00000000 ___RD C:\Users\Carsten\OneDrive
2015-06-17 23:07 - 2013-08-22 16:46 - 00034370 _____ C:\Windows\setupact.log
2015-06-17 23:07 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 23:06 - 2013-12-13 05:57 - 00342164 _____ C:\Windows\PFRO.log
2015-06-17 23:06 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-17 23:05 - 2015-05-02 10:27 - 00000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-17 23:05 - 2015-03-07 18:54 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-17 23:05 - 2015-01-16 19:58 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2015-06-17 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-17 22:43 - 2014-12-26 12:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-16 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-16 12:55 - 2015-05-03 10:21 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-16 12:55 - 2015-05-03 10:07 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-16 09:43 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-15 14:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-15 14:03 - 2014-12-26 16:26 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-14 20:56 - 2015-02-22 18:06 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\9CCE64D0-1424624809-81F5-2400-7824AF296216
2015-06-14 09:42 - 2015-02-22 18:53 - 00000000 ____D C:\ProgramData\EDOlmOnyl
2015-06-14 08:12 - 2015-02-22 18:20 - 00000129 _____ C:\Users\Carsten\AppData\Roaming\WB.CFG
2015-06-14 08:12 - 2013-12-13 13:04 - 00773008 _____ C:\Windows\system32\perfh007.dat
2015-06-14 08:12 - 2013-12-13 13:04 - 00162310 _____ C:\Windows\system32\perfc007.dat
2015-06-14 08:12 - 2013-12-13 06:09 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-13 08:34 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-12 21:46 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-12 19:55 - 2013-08-22 16:44 - 00338016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 19:52 - 2015-04-13 08:33 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-12 19:52 - 2015-04-13 08:33 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-12 19:52 - 2014-12-26 19:33 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 19:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-12 14:37 - 2014-12-25 20:47 - 00000000 ____D C:\ProgramData\iolo
2015-06-12 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-12 13:47 - 2015-03-28 17:04 - 00000000 ____D C:\tmp
2015-06-12 13:22 - 2015-03-07 18:54 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-12 11:24 - 2014-06-24 18:59 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-06-11 13:14 - 2015-04-08 08:53 - 00000000 ____D C:\Program Files (x86)\Permanent Readability
2015-06-11 12:57 - 2015-03-07 18:55 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1425747289
2015-06-11 12:43 - 2014-12-26 12:26 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 12:42 - 2015-02-13 16:56 - 00000000 ____D C:\Program Files (x86)\alt-Mozilla Firefox
2015-06-11 12:33 - 2014-12-25 21:26 - 00000000 ____D C:\Windows\system32\config\SM Registry Backup
2015-06-07 12:22 - 2014-12-26 22:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-07 10:12 - 2014-12-25 15:41 - 00000000 ____D C:\Users\Carsten
2015-06-04 09:45 - 2015-02-20 23:38 - 00000000 ____D C:\Users\Carsten\Desktop\game
2015-06-03 18:18 - 2015-05-03 10:19 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2015-05-03 10:19 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 10:04 - 2014-12-26 12:28 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\.minecraft
2015-05-29 09:04 - 2014-06-24 18:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-29 06:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-28 19:24 - 2014-12-28 16:35 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-27 00:04 - 2014-12-26 19:33 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-26 08:59 - 2015-01-16 19:58 - 00000000 ____D C:\Users\Carsten\AppData\Local\Warframe
2015-05-26 08:57 - 2015-03-08 11:07 - 00054112 _____ C:\Windows\DirectX.log
2015-05-25 13:44 - 2014-12-26 12:44 - 00000000 ____D C:\ProgramData\Origin
2015-05-25 13:40 - 2014-12-26 12:44 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-24 21:06 - 2013-08-22 22:59 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2014-12-25 15:43 - 2015-06-17 23:11 - 0000074 _____ () C:\Users\Carsten\AppData\Roaming\sp_data.sys
2015-02-22 18:20 - 2015-06-14 08:12 - 0000129 _____ () C:\Users\Carsten\AppData\Roaming\WB.CFG
2015-03-06 20:11 - 2015-03-06 20:11 - 0274045 _____ () C:\Users\Carsten\AppData\Local\dsi1.dat
2015-03-06 20:11 - 2015-03-06 20:11 - 0161916 _____ () C:\Users\Carsten\AppData\Local\dsi2.dat
2015-05-02 11:05 - 2015-05-02 11:05 - 0000000 _____ () C:\Users\Carsten\AppData\Local\Temp.dat
2014-06-24 18:50 - 2014-06-24 18:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\avgnt.exe
C:\Users\Carsten\AppData\Local\Temp\Quarantine.exe
C:\Users\Carsten\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-14 12:35
==================== End of log ============================
--- --- ---
FRST Additions Logfile:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Carsten at 2015-06-17 23:24:18
Running from C:\Users\Carsten\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3715676092-2590170253-164830291-500 - Administrator - Disabled)
Carsten (S-1-5-21-3715676092-2590170253-164830291-1001 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-3715676092-2590170253-164830291-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3715676092-2590170253-164830291-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.1.1000.15664 - systweak.com) <==== ATTENTION
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.7 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0033 - ASUS)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.128 - Electronic Arts, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version: - Stardock Entertainment)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GoHDV07.03 (HKLM-x32\...\GoHDV07.03) (Version: 1.36.01.22 - InstallMoonV07.03) <==== ATTENTION!
Gotham City Impostors: Free To Play (HKLM-x32\...\Steam App 206210) (Version: - Monolith Productions, Inc.)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.0.3 - iolo technologies, LLC)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.316 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.0.0 - Ubisoft)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Permanent Readability (HKLM-x32\...\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}) (Version: - "") <==== ATTENTION
Phone To Desktop (HKLM-x32\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version: - "")
PlanetSide 2 (HKU\S-1-5-21-3715676092-2590170253-164830291-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Ref 1.10.0.9 (HKLM-x32\...\QuickRef_1.10.0.9) (Version: 1.10.0.9 - Quick Ref) <==== ATTENTION!
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Warframe (HKLM-x32\...\{CBFC50BE-963E-464B-A20E-8031064B647F}) (Version: 1.0.0 - Digital Extremes)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wizard101(DE) (HKU\S-1-5-21-3715676092-2590170253-164830291-1001\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3715676092-2590170253-164830291-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3715676092-2590170253-164830291-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01E76E5D-A9A7-4656-9CF0-C21BFD9722DE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {0B806867-7677-4779-8D68-19838AE82F36} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {10669899-3CFC-4C77-B215-A635A440A2E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {11899337-2077-46AE-A5C5-1BE3C5190AC0} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {195A06DC-DDD1-478F-A62C-208F73090080} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {1F488469-7C4C-4EFD-8054-BF35F69160CC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {2A862315-89E0-4E04-8377-65C2DBD690BF} - System32\Tasks\{56A2E47B-41EE-408C-A573-8F3B696F1CA8} => pcalua.exe -a "C:\Program Files (x86)\gmsd_de_245\unins000.exe"
Task: {309C526C-223F-4358-85F1-17916022FB1F} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-01-03] ()
Task: {422CABFA-A983-4C40-ABA3-44C8F48FA4E4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {43BB3A43-CED8-4689-AD10-743679D0E09D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated)
Task: {44322FA6-EF9A-4E60-8BE7-E83C2D5BEB3D} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-06-17] ()
Task: {466EB3CD-BEF9-4DC2-BBAE-803B4B242DAA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {50F3F757-8EEC-4960-8C1F-A134745D7405} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {573F8C82-8EF9-4799-B7B4-EF3C63D29382} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-09-30] (iolo technologies, LLC)
Task: {73F590F3-4A68-46AB-88E1-836DE53DE8EE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {78F98D9E-2E2B-407A-A1FE-E1FB6DAF8823} - System32\Tasks\Ororubeovbren => C:\ProgramData\Ororubeovbren\1.0.1.0\owsopnuf.exe
Task: {950F3B99-A2C7-4C8D-9DB0-CC77753861B0} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {B28E57EB-5F3C-477F-B010-A224BD9F7611} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-01-03] (ASUS)
Task: {B298DFFD-F198-4B53-86B8-ABC9EC6049EC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-27] (Microsoft Corporation)
Task: {CEA4FD0F-6D45-40AB-B0EB-2F128BCCB60C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {D392893A-451C-4A22-A4E0-D256EF7FF4A9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {D71B6004-51C9-49FD-B8B5-18F7D2308EB9} - System32\Tasks\Opera scheduled Autoupdate 1425747289 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {E59002CE-0512-4DAF-8E7B-EA072E10ED64} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {E6CDE539-05F5-4CE4-A617-BA34E7DFF3A4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EFBE14B2-2CDB-4103-8EDC-269D5400EDDA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-06-17] ()
Task: {F93206B7-9446-444B-81C3-8CD2399AB484} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-10 16:42 - 2015-05-10 16:42 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Carsten\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Carsten\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3715676092-2590170253-164830291-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B6FE40B7-E75C-454B-99C3-C03FC0977895}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0403AAEE-E1FD-4C6A-99AC-FE2CEAF7AB18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E7F6EC47-7198-4E61-86A4-94641855CF26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{248F5EDE-6CC2-49A0-8628-E0A8D0383955}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AA49F4F-4379-4AE0-A10D-40F4DE044DE9}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{A931A845-2A59-49E6-9D67-EA530F1A62DA}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{BA40F246-2582-4B92-8B43-BE2E6F24D4B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2FFAB011-B266-421C-B3F3-089EAE37621B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A352D13-24C2-4196-A64B-79ED7A9DBCE3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{29CB139D-C3D7-46BA-9308-231D629E713E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8B9AE8C3-F527-408E-AFEA-7B90E8A25173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FE Legendary Heroes\LegendaryHeroes.exe
FirewallRules: [{CDC287D9-F96E-4EA3-B299-E8FC78BA6A8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FE Legendary Heroes\LegendaryHeroes.exe
FirewallRules: [{84F2A8C7-400E-42E4-A9C3-EE9DE0124430}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{E2BA8DF2-A321-460D-8B71-6735925B0F29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{64107B5C-F585-4E52-9252-08B11AD21762}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{F4BFFECD-AC7D-45E8-BC9D-EAD35C8ABAFE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{93047F7E-31BE-41F8-A2C5-1360F1B76C71}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{86C11859-BBB5-4742-BB7A-B171066ABE69}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D7172423-BBF4-4C5C-8988-6A6C4441DB1B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7968B729-98AD-48FA-92A1-720237B527DA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8F35AD5-5077-4BA6-A25E-09924F8FF07D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0B1BE725-7557-4573-892F-D77516C23747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{503B0A43-8BED-41A0-8FF8-A176C3709466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{B609F0A8-B160-4799-8C9D-166D54255DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{61087F73-EF82-4608-903C-9C5E5664B2F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{DA468C44-4B8F-44C6-A08F-C1E6EF305D1C}] => (Allow) C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.BRT.Helper.exe
FirewallRules: [{22C4DDC9-90AC-470C-9C49-8784DCE5DF85}] => (Allow) C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.BRT.Helper.exe
FirewallRules: [{8AB50EA5-7227-47E4-BD3D-E41E1CD2AD4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{9030925A-3E72-4B04-9FD5-15FB628C5973}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{62558EAF-2BB7-4769-851C-BFCD441881F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{899F6E69-912C-4E32-BA6A-677BCD6DBB70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{C4B69F04-EE26-40D6-9F0B-448CA99420C2}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{37086E1E-587F-4636-8FF8-7D4D161F21AA}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{7638F50B-5AB9-4A87-A732-029F3848EAC8}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{EF2818E5-178B-4678-BC6B-0D57D07BF6E7}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{D379BA1D-AE17-4973-81B2-47C76E43F9D6}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{7E2508E3-28C6-460C-B517-4F5474E9D053}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{5641BB5F-27A6-49B1-93EA-06532C33F766}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{1FF9D063-25D8-4A83-A065-A6A7EE602202}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{D3B80A1D-54D6-4C9C-ADFE-ABDC66A3F9BF}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{5495F61F-C26B-43A9-A164-8483CAD11CE8}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{9483A5A2-C7A0-4482-B92E-215E65D0ADF8}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{17FC8E2A-A378-48D3-8B1F-C3F551377C32}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{20EE8D26-1274-4782-887E-B241FEE83376}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{B5E23D3A-B8D4-4178-9863-7DF756530D32}] => (Allow) C:\Users\Carsten\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{3CCC5713-A93B-45D5-9158-279A01A2E45A}] => (Allow) C:\Program Files (x86)\speed browser\Application\browser.exe
FirewallRules: [{8A67030D-A9DA-4075-9069-DC4DCE2FFBB8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{1FD34BED-BD64-4A79-82DD-24130F86D528}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{88BCBC43-8993-472A-AA81-5ED28B3CD90C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB6F8AD3-D8A1-4A7E-B8AF-28B4A4F06327}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DC81626-607C-423F-8D21-A6A97261F09B}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{33264F9E-A21C-4295-9482-C9C63214C01A}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{889C1A5C-373F-43EE-801E-98359ED31640}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F2DEB453-2E5A-4E4A-A980-4FDD37497667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E3819354-E87D-43B0-B0DB-EA575D8500B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{08F7F1E3-AB64-4176-9F29-FFDEAFCF0439}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{510D37D6-4F4B-4903-BA90-FFD2151819BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BFF2BA5F-C714-4CD9-94F8-B11A35A5AEA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6B29AB21-3B56-4C2A-91D9-94B84D116177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B4A135F1-C581-45EB-8B58-3F03741C838C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2015 11:14:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b98
Startzeit: 01d0a941a1c9af68
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: cfeb974f-1535-11e5-8301-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 11:00:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e10
Startzeit: 01d0a93ff6272337
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: eb606509-1533-11e5-8300-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 10:36:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CARSTEN)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/17/2015 10:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19cc
Startzeit: 01d0a93b2de48f65
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 219eeace-152f-11e5-82ff-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 10:22:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/17/2015 10:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/17/2015 09:56:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ca4
Startzeit: 01d0a936fd0467b4
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: f0912822-152a-11e5-82ff-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 09:25:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5a0
Startzeit: 01d0a932b172150e
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: a4f68e52-1526-11e5-82ff-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 08:56:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b04
Startzeit: 01d0a92e9b3dd392
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 8eca5b89-1522-11e5-82ff-7824af296216
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 08:42:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UpdateChecker.exe, Version: 0.0.0.0, Zeitstempel: 0x531ebb57
Name des fehlerhaften Moduls: alvupdt.dll, Version: 1.0.0.10, Zeitstempel: 0x53202e45
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000feb9
ID des fehlerhaften Prozesses: 0x1d80
Startzeit der fehlerhaften Anwendung: 0xUpdateChecker.exe0
Pfad der fehlerhaften Anwendung: UpdateChecker.exe1
Pfad des fehlerhaften Moduls: UpdateChecker.exe2
Berichtskennung: UpdateChecker.exe3
Vollständiger Name des fehlerhaften Pakets: UpdateChecker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UpdateChecker.exe5
System errors:
=============
Error: (06/17/2015 11:15:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 11:15:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 11:15:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/17/2015 11:15:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iolo System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2015 11:15:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/17/2015 11:14:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20856b9801d0a941a1c9af684294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.execfeb974f-1535-11e5-8301-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 11:00:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20856e1001d0a93ff62723374294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exeeb606509-1533-11e5-8300-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 10:36:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CARSTEN)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
Error: (06/17/2015 10:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2085619cc01d0a93b2de48f654294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe219eeace-152f-11e5-82ff-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 10:22:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Carsten\Desktop\trojaner-board\esetsmartinstaller_deu.exe
Error: (06/17/2015 10:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\daten\trojaner-board\esetsmartinstaller_deu.exe
Error: (06/17/2015 09:56:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208561ca401d0a936fd0467b44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exef0912822-152a-11e5-82ff-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 09:25:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208565a001d0a932b172150e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exea4f68e52-1526-11e5-82ff-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 08:56:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208561b0401d0a92e9b3dd3924294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe8eca5b89-1522-11e5-82ff-7824af296216microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/17/2015 08:42:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UpdateChecker.exe0.0.0.0531ebb57alvupdt.dll1.0.0.1053202e45c00000050000feb91d8001d0a92d29eb890eC:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exeC:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll93129da8-1520-11e5-82ff-7824af296216
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 22%
Total physical RAM: 8075.43 MB
Available physical RAM: 6276.2 MB
Total Pagefile: 16779.43 MB
Available Pagefile: 14480.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:7.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:529.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D3893E84)
Partition: GPT Partition Type.
==================== End of log ============================
--- --- ---
--- --- --- |
Malwarebytes Anti-Malware 