Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: websearches, wpm-wirus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.05.2014, 20:08   #1
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Hallo Trojaner-board Team,

ich wollte mir ein Spiel (Chess Titans) herunterladen. Nachdem ich dies getan hatte, änderte sich meine Suchmaschiene, in Google Chrome, von Google zu websearches. Ändern funktionierte nicht. Ich durchsuchte daraufhin meinen PC nach, am heutigen Tag geänderten Dateien und stieß auf Bilder und gifs, welche ich noch nie gesehen hatte - es waren keine obszönen, sondern zum beispiel ein Auschnitt aus einer Nachrichtensendung. Als ich etwas recherchierte stieß ich auf Revo uninstaller und versuchte WPM18.8.0.212 und websearches uninstaller zu entfernen. Danach durchsuchte ich den PC mit Malwarebytes Anti-Malware - Protokoll anbei.
Danach setzte ich Google Chrome zurück.

Danke im Voraus

Alt 18.05.2014, 20:42   #2
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Hallo und willkommen an Board, DerGeilomat

Mein Name ist Machiavelli und werde bei Deinem Malware Problemen behilflich sein. Falls Du Dich im abgesicherten Modus befindest, würde ich Dir raten, alle Anweisungen von mir auszudrucken, um besseren Überblick auf die Gesamtsituation zu bekommen. Ich bin hier im Malwareteam und daher ist es mir möglich, Dir zu helfen.

Damit eine Bereinigung ermöglicht werden kann, musst Du ein paar Regeln/Tipps beachten:
  • Malware zu entfernen ist normalerweise recht schwierig
    Heutige Malware kann sich sehr gut verstecken, so kann es sein, dass es bestimmte Tools nicht sehen. Eine Neuinstallation ist daher oft das klügere.
  • Bitte folge meinen Anweisung bis in das kleinste Detail
    Falls Du was falsches machst, wie z.B. irgendwas fixt, was nicht durch mich genehmigt wurde, kann der PC dadurch beschädigt werden. Daher folge meinen Anweisungen ganz genau
  • Bleibe mit mir in Kontakt, bis Deine Probleme vollständig gelöst sind
    Themen, in welchen innerhalb von 4 Tagen keine Antwort gepostet wird, werden geschlossen.
  • Bitte lasse keine anderen Tools laufen, während ich bereinige
    Wenn Du Tools wie z.B. Malwarebytes etc. ohne meines Wissens laufen lässt, kann es unter Umständen Ergebnisse verfälschen.
  • Ließ meine Posts vollständig durch
    Falls nicht, kann das zu schwerwiegenden Problemen (z.B. PC bootet nicht mehr) führen oder der Prozess der Malwareentfernung wird länger


Bitte poste alle Logs in Code Tags.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________


Alt 19.05.2014, 15:33   #3
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lukas1 at 2014-05-18 20:16:03
Running from C:\Users\Lukas1\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blitzkrieg Mod version 4.8.1.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.8.1.0 - Blitzkrieg Mod Team)
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

29-04-2014 11:45:57 Windows Update
06-05-2014 14:21:09 avast! antivirus system restore point
13-05-2014 17:15:12 Geplanter Prüfpunkt
18-05-2014 12:21:35 Revo Uninstaller's restore point - WPM18.8.0.304

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {053A9073-860D-4A62-AE0C-0788810FB475} - System32\Tasks\{CE5A12F7-9F4D-4995-8CD5-DF3C8D56E7BF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsMain
Task: {0E3DC0D6-3EE8-446F-ADB3-B730E47A4A31} - System32\Tasks\{280D50DD-49E8-4CBE-AB2B-DA02E4201042} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {14D1CCEB-86BB-49C8-9868-B9B25885C808} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {17B9327A-5E59-4B55-A149-FA655CBD2CCD} - System32\Tasks\{2773D659-7CEF-42CB-ABA4-236740DC0924} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BD0FCDB-DEF2-4DB1-8E7F-E86F4EBE5213} - System32\Tasks\{666527F7-6002-404C-AD74-36AE0EC7E227} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2864CF46-9DEA-4D5E-9E86-0CCBC0D02417} - System32\Tasks\{C08C7ABD-57EC-433F-B131-968F198AC862} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {2CA94E8C-AB80-444E-9CFC-7D53AF8995EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {307F2D74-6689-4B2F-90EE-33F622095AB5} - System32\Tasks\{C3A778E7-BAEC-4E72-A725-F15896D32964} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {3FC15C4A-0988-4328-B6BE-350CA3DF9472} - System32\Tasks\{47604712-095A-4831-8221-A2965B8FE551} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {4EAF0553-51D7-4C03-81A2-BF0F23798EE9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {5450324F-5314-48FA-87D1-53BAFF57902D} - System32\Tasks\{B3DDFEB0-D018-40E0-BC29-1C682D4F4950} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/go/help.faq.installer?LastError=1603
Task: {66684CA4-34A9-47AE-88EB-FFD0AFF318CF} - System32\Tasks\{98D92ADC-0AA0-43B8-90A1-A6A297A0FE46} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {6AFB890F-59BF-4695-96E4-87CBFD66B4D0} - System32\Tasks\{14DC988C-F9E1-46B1-9DF0-1C861547A231} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {80779342-4458-4E11-86D3-2F3FFBC85B42} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {81C7999F-9DE9-427C-AAF6-A4559FEA6808} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {882CA471-94E9-411A-B13B-9B321F96B1D5} - System32\Tasks\{FB1E42AD-BEF9-43FE-B191-771950D295FC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {8B054801-A7E7-43FB-BF06-2EBCE8C83343} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {96BDD7F5-B265-48C9-B751-A840B1C02DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BBBDFAE2-3D16-4B1B-BFCA-EC31C0AE54F7} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C38B253F-46E7-4DBE-B1D4-A64C9A33D861} - System32\Tasks\{6AE0AB08-125B-4073-8D8B-77DA2E944937} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {C595CE85-1686-406B-9CD6-F797AA88102F} - System32\Tasks\{52B85645-CFF1-4FC6-9020-EFC796616E68} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C894760C-AC95-420D-BEB0-6AAFA5DBB2F4} - System32\Tasks\{01C95A51-9824-4F8E-8020-0E273D8371C6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {D3311B43-E0D2-4283-AEDB-2A19E4E865BC} - System32\Tasks\{EAEC581B-3625-4C72-9169-FAD7328A54C9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {EAB2CF42-2AE0-40DD-89B7-3AC2529AC06A} - System32\Tasks\{E6BDF8A1-5791-41C3-B27F-13DE21549EC5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F116B9E2-C493-426F-9AD8-F36A27935359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 20:16 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-17 20:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-19 19:02 - 2013-10-01 05:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-02-21 02:03 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-12-07 15:17 - 2013-12-07 15:17 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-21 09:38 - 2012-10-26 20:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-14 19:07 - 2013-11-22 01:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-03-13 19:46 - 2014-03-13 19:46 - 00173568 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-03-13 19:46 - 2014-03-13 19:46 - 01080832 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-13 19:46 - 2014-03-13 19:46 - 00833024 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-04-04 10:38 - 2014-03-13 19:46 - 00102344 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-04-04 10:38 - 2014-03-13 19:46 - 00108488 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-13 19:46 - 2014-03-13 19:46 - 00030208 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-13 19:46 - 2014-03-13 19:46 - 00233984 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-04-04 10:38 - 2014-03-13 19:46 - 00563656 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-25 18:40 - 2014-03-13 19:46 - 00577480 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-13 19:46 - 2014-03-13 19:46 - 00159232 _____ () C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:05 - 2014-05-18 14:05 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051800\algo.dll
2014-05-18 19:25 - 2014-05-18 19:25 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051801\algo.dll
2014-05-18 14:44 - 2014-05-18 14:44 - 00041984 _____ () c:\users\lukas1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph39mu0.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-21 02:01 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-17 17:17 - 2013-10-17 17:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-14 20:35 - 2014-02-14 20:35 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-02-21 01:47 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 23:32 - 2013-11-21 23:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-04-17 20:16 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-01-08 16:26 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 12:44 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-04-23 18:30 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-05-03 15:35 - 2014-04-24 00:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2014 02:40:54 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/16/2014 09:57:53 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/16/2014 05:42:16 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/16/2014 05:41:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc)
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe()
   bei IAStorIcon.StorageIcon.Stop()
   bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs)
   bei System.Windows.Forms.Application.RaiseExit()
   bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application.Run()
   bei IAStorIcon.Program.Main()

Error: (05/15/2014 09:50:19 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/15/2014 08:15:33 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/13/2014 09:54:54 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/11/2014 09:45:16 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/10/2014 06:41:16 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/10/2014 06:38:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf3.exe, Version 1.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21a0

Startzeit: 01cf6c6cdaee854a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

Berichts-ID: 8332fd69-d861-11e3-8121-5cf9dd5b0642

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (05/18/2014 07:25:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 04:50:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 04:29:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 04:22:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 02:51:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 02:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/18/2014 02:42:46 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "LUKAS" auf Transport "NetBT_Tcpip_{459AA3BD-5665-4B6C-BF8C-69898E2FFA84}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/18/2014 02:42:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/18/2014 02:42:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (05/18/2014 02:42:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 8048.93 MB
Available physical RAM: 4963.98 MB
Total Pagefile: 16240.93 MB
Available Pagefile: 12695.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.34 GB) (Free:554.52 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:14.03 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D48BB8E2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lukas1 (administrator) on LUKAS on 18-05-2014 20:15:26
Running from C:\Users\Lukas1\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dropbox, Inc.) C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(TeamSpeak Systems GmbH) C:\Users\Lukas1\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lukas1\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [76912 2012-07-14] (cyberlink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify] => C:\Users\Lukas1\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify Web Helper] => C:\Users\Lukas1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [InetStat] => "C:\Users\Lukas1\AppData\Roaming\InetStat\inetstat.exe" /c=14
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-27]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Lukas1\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\Lukas1\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-14]
CHR Extension: (AdBlock) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-22]
CHR Extension: (Disconnect) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-01-17]
CHR Extension: (Google Wallet) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-27]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-11] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [236144 2012-07-13] (CyberLink)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-01] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-16] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-16] ()
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 TDKLIB; \??\C:\Users\Lukas1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 20:15 - 2014-05-18 20:15 - 00022639 _____ () C:\Users\Lukas1\Downloads\FRST.txt
2014-05-18 20:14 - 2014-05-18 20:15 - 00000000 ____D () C:\FRST
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Downloads\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Downloads\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:41 - 2014-05-18 14:41 - 00027946 _____ () C:\Windows\PFRO.log
2014-05-18 14:26 - 2014-05-18 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 14:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 14:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:08 - 2014-05-18 14:03 - 00042088 _____ () C:\error.php
2014-05-18 14:07 - 2014-05-18 14:10 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-18 14:06 - 2014-05-18 15:03 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\InetStat
2014-05-18 14:06 - 2014-05-18 14:41 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-18 14:06 - 2014-05-18 14:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\SupTab
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 17:41 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-14 17:41 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-14 17:40 - 2014-05-14 17:41 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 15:03 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:03 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:03 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:03 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 15:03 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:03 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:03 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 15:03 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:02 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 15:02 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 15:02 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 15:02 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:02 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:02 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:02 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 15:02 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 15:02 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:02 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:02 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:02 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 15:02 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:02 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 15:00 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 15:00 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 15:00 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 15:00 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 15:00 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 15:00 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:25 - 2014-05-09 16:26 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-08 14:50 - 2014-05-09 16:25 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-08 14:50 - 2014-05-08 14:52 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:45 - 2014-05-06 15:47 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 15:01 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:01 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:01 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-21 13:04 - 2014-04-21 13:06 - 50922509 _____ (Blitzkrieg Mod Team ) C:\Users\Lukas1\Downloads\Blitzkrieg_4.8.1.0_Patch.exe
2014-04-20 15:08 - 2014-04-20 15:08 - 05803664 _____ (Phoenix Technologies Ltd.) C:\Users\Lukas1\Downloads\7720A16.exe
2014-04-20 15:06 - 2014-05-18 14:52 - 01907693 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-05-18 20:15 - 2014-05-18 20:15 - 00022639 _____ () C:\Users\Lukas1\Downloads\FRST.txt
2014-05-18 20:15 - 2014-05-18 20:14 - 00000000 ____D () C:\FRST
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Downloads\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Downloads\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 20:12 - 2013-03-02 14:37 - 00000000 ____D () C:\Users\Lukas1
2014-05-18 20:04 - 2013-08-14 13:22 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-18 20:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-18 19:36 - 2013-03-02 14:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3612053278-141353942-2490348611-1002
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 18:38 - 2013-06-20 19:35 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\TS3Client
2014-05-18 18:25 - 2013-05-09 12:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-18 15:04 - 2013-08-14 13:22 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 15:03 - 2014-05-18 14:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\InetStat
2014-05-18 14:52 - 2014-04-20 15:06 - 01907693 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 14:52 - 2013-02-21 02:08 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-18 14:47 - 2014-05-18 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 14:44 - 2014-03-27 17:49 - 00000000 ___RD () C:\Users\Lukas1\Dropbox
2014-05-18 14:44 - 2014-03-27 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Dropbox
2014-05-18 14:42 - 2013-04-10 17:23 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-18 14:42 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 14:41 - 2014-05-18 14:41 - 00027946 _____ () C:\Windows\PFRO.log
2014-05-18 14:41 - 2014-05-18 14:06 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-18 14:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-18 14:41 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-18 14:35 - 2013-06-18 17:50 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Spotify
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2013-10-06 18:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:15 - 2013-08-14 13:22 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
2014-05-18 14:10 - 2014-05-18 14:07 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:06 - 2014-05-18 14:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\SupTab
2014-05-18 14:03 - 2014-05-18 14:08 - 00042088 _____ () C:\error.php
2014-05-18 12:35 - 2012-07-26 12:27 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-05-18 12:35 - 2012-07-26 12:27 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-05-18 12:35 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 08:41 - 2013-06-18 17:51 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Spotify
2014-05-16 21:53 - 2013-08-06 23:27 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\LogMeIn Hamachi
2014-05-16 21:51 - 2013-04-04 17:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-16 21:31 - 2013-04-04 17:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-16 14:29 - 2014-03-27 17:49 - 00001021 _____ () C:\Users\Lukas1\Desktop\Dropbox.lnk
2014-05-16 14:29 - 2014-03-27 17:47 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 14:29 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 20:19 - 2013-06-27 18:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-15 19:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-15 14:56 - 2014-01-07 17:57 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 14:56 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 14:56 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 14:49 - 2014-01-11 22:45 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-15 14:49 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 17:41 - 2014-05-14 17:40 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 17:24 - 2013-08-03 13:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:21 - 2013-04-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-14 16:52 - 2013-08-19 19:02 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-14 16:52 - 2013-06-16 14:44 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-14 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-12 18:30 - 2013-05-09 12:17 - 00344576 ___SH () C:\Users\Lukas1\Downloads\Thumbs.db
2014-05-11 16:35 - 2013-06-16 09:15 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-10 23:57 - 2013-04-04 21:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Skype
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:26 - 2014-05-09 16:25 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-09 16:25 - 2014-05-08 14:50 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-09 16:25 - 2014-01-29 21:52 - 00000000 ____D () C:\Windows\Minidump
2014-05-08 14:59 - 2013-08-14 13:22 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 14:59 - 2013-08-14 13:22 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:52 - 2014-05-08 14:50 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 20:55 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 17:42 - 2013-04-23 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Windows Live
2014-05-06 16:25 - 2013-11-06 20:49 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 16:24 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 16:24 - 2013-06-27 18:07 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:47 - 2014-05-06 15:45 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 07:14 - 2014-05-14 15:02 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 15:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 22:43 - 2013-06-22 13:20 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\vlc
2014-05-02 15:58 - 2014-01-11 22:23 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.technic
2014-05-02 13:37 - 2014-01-11 22:23 - 02346942 _____ () C:\Users\Lukas1\Desktop\TechnicLauncher.exe
2014-05-02 13:37 - 2014-01-11 22:14 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.minecraft
2014-05-01 22:37 - 2013-11-13 20:40 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-11-13 20:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 20:29 - 2013-10-30 15:17 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-10-30 15:17 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-22 17:01 - 2013-11-04 18:01 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-04-21 13:07 - 2014-02-15 23:46 - 00001574 _____ () C:\Users\Public\Desktop\Blitzkrieg Mod.lnk
2014-04-21 13:07 - 2014-02-15 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blitzkrieg Mod
2014-04-21 13:06 - 2014-04-21 13:04 - 50922509 _____ (Blitzkrieg Mod Team ) C:\Users\Lukas1\Downloads\Blitzkrieg_4.8.1.0_Patch.exe
2014-04-20 15:08 - 2014-04-20 15:08 - 05803664 _____ (Phoenix Technologies Ltd.) C:\Users\Lukas1\Downloads\7720A16.exe
2014-04-19 11:39 - 2014-05-06 15:01 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 15:01 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 15:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 15:01 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 15:01 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

Some content of TEMP:
====================
C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph39mu0.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 15:02] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 19:10

==================== End Of Log ============================
         
--- --- ---

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:12 on 18/05/2014 (Lukas1)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 18.05.2014
Suchlauf-Zeit: 14:39:13
Logdatei: Suchlaufprotokoll Malwarebytes anti-maleware.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.18.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas1

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 261533
Verstrichene Zeit: 11 Min, 34 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 4
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 4240, Löschen bei Neustart, [c01b2a280972fe38ab5c9fb7bf426a96]
Adware.Tuto4PC, C:\Program Files (x86)\fst_de_15\fst_de_15.exe, 3484, Löschen bei Neustart, [4992351d2a5172c489cbd4345ba632ce]
Backdoor.Bot.ED, C:\Users\Lukas1\AppData\Local\fst_de_15\upfst_de_15.exe, 3584, Löschen bei Neustart, [20bb4f03146738fe0d3956238f72a45c]
PUP.Optional.FirstSeenToday.A, C:\Program Files (x86)\fst_de_15\fst_de_15.exe, 3484, Löschen bei Neustart, [9e3dda78b5c6df576cf7a2e7b44ede22]

Module: 1
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [ad2e10422e4d2d09ec1a33679d65e61a], 

Registrierungsschlüssel: 14
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [c01b2a280972fe38ab5c9fb7bf426a96], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [17c492c0ec8fe3539b798d32b84bff01], 
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\FreeSoftToday, In Quarantäne, [0ecd4e0426557abc9dbb4574e81b1ee2], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [feddfe54c0bbe6505e310090887a1de3], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [10cb0b47b7c440f656be66597e8542be], 
PUP.Optional.Qone8, HKU\S-1-5-21-3612053278-141353942-2490348611-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [5b80bb972c4fd26471a27a451be835cb], 
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\fst_de_15_is1, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 

Registrierungswerte: 3
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_15, "C:\Program Files (x86)\fst_de_15\fst_de_15.exe", In Quarantäne, [4992351d2a5172c489cbd4345ba632ce]
Backdoor.Bot.ED, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upfst_de_15.exe, C:\Users\Lukas1\AppData\Local\fst_de_15\upfst_de_15.exe -runonce, In Quarantäne, [20bb4f03146738fe0d3956238f72a45c]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_15, "C:\Program Files (x86)\fst_de_15\fst_de_15.exe", In Quarantäne, [9e3dda78b5c6df576cf7a2e7b44ede22]

Registrierungsdaten: 14
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Ersetzt,[ad2e10422e4d2d09ec1a33679d65e61a]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Ersetzt,[ad2e10422e4d2d09ec1a33679d65e61a]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[b724252d542747ef951dea58b0549c64]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}),Ersetzt,[7863cd853e3d0b2b6247a59d7a8af709]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[da013c16aad150e6e6c10b37e3219f61]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[13c85101bbc02e083873ad95a163ba46]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[1cbf3919e398cb6bf8e2f25a7c88c33d]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[33a8c38f6219e056d9d98ab890747c84]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203&q={searchTerms}),Ersetzt,[edee6de57b007abc6c3de55d0afaf50b]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[bb200c46413a06302285b19146beb14f]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[9e3dfa583546c373aefd8cb636ce7090]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[538855fd6d0e84b2409aff4d54b025db]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-3612053278-141353942-2490348611-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[7b60bb9798e30e28ddcfae9430d48080]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-3612053278-141353942-2490348611-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203),Ersetzt,[b02b3c16b8c335010b9dda6819eb6d93]

Ordner: 34
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSoftToday, In Quarantäne, [5289ba98accf70c6e048c4ae53af7e82], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches\images, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches\images\code, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches\log, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15, Löschen bei Neustart, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\fst_de_15, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\fst_de_15\1.10, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15, Löschen bei Neustart, [d308242e87f4e650878f2f4ceb17a15f], 

Dateien: 80
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [c01b2a280972fe38ab5c9fb7bf426a96], 
Adware.Tuto4PC, C:\Program Files (x86)\fst_de_15\fst_de_15.exe, Löschen bei Neustart, [4992351d2a5172c489cbd4345ba632ce], 
Backdoor.Bot.ED, C:\Users\Lukas1\AppData\Local\fst_de_15\upfst_de_15.exe, Löschen bei Neustart, [20bb4f03146738fe0d3956238f72a45c], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [bb2068ea5625b0868f2a65c4d032728e], 
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-3612053278-141353942-2490348611-1002\$R5RW631.exe, In Quarantäne, [0ad1e1712556171f6c8c281b798733cd], 
PUP.Optional.WpManager, C:\$Recycle.Bin\S-1-5-21-3612053278-141353942-2490348611-1002\$RFQGAVR\wprotectmanager.exe, In Quarantäne, [627981d12853b87e82e1afb108f9758b], 
PUP.Optional.SkyTech.A, C:\Users\Lukas1\AppData\Local\Temp\fullpackage_temp1400414601\alilog.dll, In Quarantäne, [b427bc964e2d191dba5b59d93dc30000], 
PUP.Optional.IePluginService.A, C:\Users\Lukas1\AppData\Local\Temp\fullpackage_temp1400414601\tmp\SupTab_Setup302.exe, In Quarantäne, [39a27fd378039f9708fff5612bd6aa56], 
PUP.Optional.WpManager, C:\Users\Lukas1\AppData\Local\Temp\fullpackage_temp1400414601\tmp\wpm_v18.8.0.304.exe, In Quarantäne, [94474012b3c8ae884d165f012ed3ce32], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [ad2e10422e4d2d09ec1a33679d65e61a], 
PUP.Optional.FirstSeenToday.A, C:\Program Files (x86)\fst_de_15\fst_de_15.exe, Löschen bei Neustart, [9e3dda78b5c6df576cf7a2e7b44ede22], 
Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSoftToday\Freesofttoday.lnk, In Quarantäne, [5289ba98accf70c6e048c4ae53af7e82], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches\UninstallManager.exe, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Roaming\webssearches\log\UninstallManager_2014-05-18[14-14-48-912].log, In Quarantäne, [24b7d57daecd8fa761096018d72bfd03], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\upfst_de_15.cyp, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\user_profil.cyp, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\fst_de_15\1.10\cnf.cyl, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Users\Lukas1\AppData\Local\fst_de_15\fst_de_15\1.10\eorezo.cyl, In Quarantäne, [c4178cc61e5db18543d01e5dd32f8f71], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15\freeSoftToday_widget.exe, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15\predm.exe, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15\unins000.dat, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15\unins000.exe, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_15\unins000.msg, In Quarantäne, [d308242e87f4e650878f2f4ceb17a15f], 
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203" ],), Ersetzt,[cc0faea45d1ec373c7132e4a80842ad6]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 18.05.2014
Suchlauf-Zeit: 17:30:17
Logdatei: Suchlaufprotokoll Malwarebytes anti-maleware2.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.18.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas1

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 569552
Verstrichene Zeit: 2 Std, 42 Min, 4 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203" ],), Ersetzt,[72692131275455e1cb0fb1c78b790ff1]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
__________________

Alt 19.05.2014, 15:39   #4
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt 4
Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

Bitte poste mir die Inhalte der Logs von Adwarecleaner, MBAM, JRT und FRST hier in den Thread.

Alt 20.05.2014, 17:46   #5
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8 x64
Ran by Lukas1 on 20.05.2014 at 18:36:58,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3612053278-141353942-2490348611-1002\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lukas1\appdata\locallow\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.05.2014 at 18:40:31,53
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.05.2014
Suchlauf-Zeit: 18:28:56
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.20.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas1

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 261192
Verstrichene Zeit: 14 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.WebsSearches.A, C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203" ],), Ersetzt,[f4b1b79c4f2c96a0a9f6d7a4b64e857b]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lukas1 at 2014-05-20 18:43:07
Running from C:\Users\Lukas1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blitzkrieg Mod version 4.8.1.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.8.1.0 - Blitzkrieg Mod Team)
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

29-04-2014 11:45:57 Windows Update
06-05-2014 14:21:09 avast! antivirus system restore point
13-05-2014 17:15:12 Geplanter Prüfpunkt
18-05-2014 12:21:35 Revo Uninstaller's restore point - WPM18.8.0.304

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {053A9073-860D-4A62-AE0C-0788810FB475} - System32\Tasks\{CE5A12F7-9F4D-4995-8CD5-DF3C8D56E7BF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsMain
Task: {0E3DC0D6-3EE8-446F-ADB3-B730E47A4A31} - System32\Tasks\{280D50DD-49E8-4CBE-AB2B-DA02E4201042} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {14D1CCEB-86BB-49C8-9868-B9B25885C808} - \BitGuard No Task File <==== ATTENTION
Task: {17B9327A-5E59-4B55-A149-FA655CBD2CCD} - System32\Tasks\{2773D659-7CEF-42CB-ABA4-236740DC0924} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BD0FCDB-DEF2-4DB1-8E7F-E86F4EBE5213} - System32\Tasks\{666527F7-6002-404C-AD74-36AE0EC7E227} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2864CF46-9DEA-4D5E-9E86-0CCBC0D02417} - System32\Tasks\{C08C7ABD-57EC-433F-B131-968F198AC862} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {2CA94E8C-AB80-444E-9CFC-7D53AF8995EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {307F2D74-6689-4B2F-90EE-33F622095AB5} - System32\Tasks\{C3A778E7-BAEC-4E72-A725-F15896D32964} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {3FC15C4A-0988-4328-B6BE-350CA3DF9472} - System32\Tasks\{47604712-095A-4831-8221-A2965B8FE551} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {4EAF0553-51D7-4C03-81A2-BF0F23798EE9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {5450324F-5314-48FA-87D1-53BAFF57902D} - System32\Tasks\{B3DDFEB0-D018-40E0-BC29-1C682D4F4950} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/go/help.faq.installer?LastError=1603
Task: {66684CA4-34A9-47AE-88EB-FFD0AFF318CF} - System32\Tasks\{98D92ADC-0AA0-43B8-90A1-A6A297A0FE46} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {6AFB890F-59BF-4695-96E4-87CBFD66B4D0} - System32\Tasks\{14DC988C-F9E1-46B1-9DF0-1C861547A231} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {80779342-4458-4E11-86D3-2F3FFBC85B42} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {81C7999F-9DE9-427C-AAF6-A4559FEA6808} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {882CA471-94E9-411A-B13B-9B321F96B1D5} - System32\Tasks\{FB1E42AD-BEF9-43FE-B191-771950D295FC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {8B054801-A7E7-43FB-BF06-2EBCE8C83343} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {96BDD7F5-B265-48C9-B751-A840B1C02DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BBBDFAE2-3D16-4B1B-BFCA-EC31C0AE54F7} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C38B253F-46E7-4DBE-B1D4-A64C9A33D861} - System32\Tasks\{6AE0AB08-125B-4073-8D8B-77DA2E944937} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {C595CE85-1686-406B-9CD6-F797AA88102F} - System32\Tasks\{52B85645-CFF1-4FC6-9020-EFC796616E68} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C894760C-AC95-420D-BEB0-6AAFA5DBB2F4} - System32\Tasks\{01C95A51-9824-4F8E-8020-0E273D8371C6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {D3311B43-E0D2-4283-AEDB-2A19E4E865BC} - System32\Tasks\{EAEC581B-3625-4C72-9169-FAD7328A54C9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {EAB2CF42-2AE0-40DD-89B7-3AC2529AC06A} - System32\Tasks\{E6BDF8A1-5791-41C3-B27F-13DE21549EC5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F116B9E2-C493-426F-9AD8-F36A27935359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 20:16 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-17 20:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-19 19:02 - 2013-10-01 05:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-02-21 02:03 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-02-21 09:38 - 2012-10-26 20:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-20 18:10 - 2014-05-20 18:10 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14052000\algo.dll
2014-05-20 18:36 - 2014-05-20 18:36 - 00041984 _____ () c:\users\lukas1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7g6buk.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-21 02:01 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-17 17:17 - 2013-10-17 17:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-14 20:35 - 2014-02-14 20:35 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-02-21 01:47 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-04-17 20:16 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8048.93 MB
Available physical RAM: 5802.07 MB
Total Pagefile: 16240.93 MB
Available Pagefile: 13951.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.34 GB) (Free:553.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D48BB8E2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lukas1 at 2014-05-20 18:43:07
Running from C:\Users\Lukas1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blitzkrieg Mod version 4.8.1.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.8.1.0 - Blitzkrieg Mod Team)
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

29-04-2014 11:45:57 Windows Update
06-05-2014 14:21:09 avast! antivirus system restore point
13-05-2014 17:15:12 Geplanter Prüfpunkt
18-05-2014 12:21:35 Revo Uninstaller's restore point - WPM18.8.0.304

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {053A9073-860D-4A62-AE0C-0788810FB475} - System32\Tasks\{CE5A12F7-9F4D-4995-8CD5-DF3C8D56E7BF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsMain
Task: {0E3DC0D6-3EE8-446F-ADB3-B730E47A4A31} - System32\Tasks\{280D50DD-49E8-4CBE-AB2B-DA02E4201042} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {14D1CCEB-86BB-49C8-9868-B9B25885C808} - \BitGuard No Task File <==== ATTENTION
Task: {17B9327A-5E59-4B55-A149-FA655CBD2CCD} - System32\Tasks\{2773D659-7CEF-42CB-ABA4-236740DC0924} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BD0FCDB-DEF2-4DB1-8E7F-E86F4EBE5213} - System32\Tasks\{666527F7-6002-404C-AD74-36AE0EC7E227} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2864CF46-9DEA-4D5E-9E86-0CCBC0D02417} - System32\Tasks\{C08C7ABD-57EC-433F-B131-968F198AC862} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {2CA94E8C-AB80-444E-9CFC-7D53AF8995EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {307F2D74-6689-4B2F-90EE-33F622095AB5} - System32\Tasks\{C3A778E7-BAEC-4E72-A725-F15896D32964} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {3FC15C4A-0988-4328-B6BE-350CA3DF9472} - System32\Tasks\{47604712-095A-4831-8221-A2965B8FE551} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {4EAF0553-51D7-4C03-81A2-BF0F23798EE9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {5450324F-5314-48FA-87D1-53BAFF57902D} - System32\Tasks\{B3DDFEB0-D018-40E0-BC29-1C682D4F4950} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/go/help.faq.installer?LastError=1603
Task: {66684CA4-34A9-47AE-88EB-FFD0AFF318CF} - System32\Tasks\{98D92ADC-0AA0-43B8-90A1-A6A297A0FE46} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {6AFB890F-59BF-4695-96E4-87CBFD66B4D0} - System32\Tasks\{14DC988C-F9E1-46B1-9DF0-1C861547A231} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {80779342-4458-4E11-86D3-2F3FFBC85B42} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {81C7999F-9DE9-427C-AAF6-A4559FEA6808} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {882CA471-94E9-411A-B13B-9B321F96B1D5} - System32\Tasks\{FB1E42AD-BEF9-43FE-B191-771950D295FC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {8B054801-A7E7-43FB-BF06-2EBCE8C83343} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {96BDD7F5-B265-48C9-B751-A840B1C02DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BBBDFAE2-3D16-4B1B-BFCA-EC31C0AE54F7} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C38B253F-46E7-4DBE-B1D4-A64C9A33D861} - System32\Tasks\{6AE0AB08-125B-4073-8D8B-77DA2E944937} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {C595CE85-1686-406B-9CD6-F797AA88102F} - System32\Tasks\{52B85645-CFF1-4FC6-9020-EFC796616E68} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C894760C-AC95-420D-BEB0-6AAFA5DBB2F4} - System32\Tasks\{01C95A51-9824-4F8E-8020-0E273D8371C6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {D3311B43-E0D2-4283-AEDB-2A19E4E865BC} - System32\Tasks\{EAEC581B-3625-4C72-9169-FAD7328A54C9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {EAB2CF42-2AE0-40DD-89B7-3AC2529AC06A} - System32\Tasks\{E6BDF8A1-5791-41C3-B27F-13DE21549EC5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F116B9E2-C493-426F-9AD8-F36A27935359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 20:16 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-17 20:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-19 19:02 - 2013-10-01 05:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-02-21 02:03 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-02-21 09:38 - 2012-10-26 20:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-20 18:10 - 2014-05-20 18:10 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14052000\algo.dll
2014-05-20 18:36 - 2014-05-20 18:36 - 00041984 _____ () c:\users\lukas1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7g6buk.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-21 02:01 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-17 17:17 - 2013-10-17 17:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-14 20:35 - 2014-02-14 20:35 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-02-21 01:47 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-04-17 20:16 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-14 15:06 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8048.93 MB
Available physical RAM: 5802.07 MB
Total Pagefile: 16240.93 MB
Available Pagefile: 13951.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.34 GB) (Free:553.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D48BB8E2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Alt 20.05.2014, 19:46   #6
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



1. Wo ist das Adwarecleaner Log?
2. Warum postest Du zweimal das Addition Log?

Alt 21.05.2014, 15:21   #7
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Ich bitte um entschuldigung
Code:
ATTFilter
# AdwCleaner v3.210 - Bericht erstellt am 20/05/2014 um 18:07:54
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Lukas1 - LUKAS
# Gestartet von : C:\Users\Lukas1\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\Program Files (x86)\XingHaoLyrics
Ordner Gelöscht : C:\Users\Lukas1\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Lukas1\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKCU\Software\5c08dd8b634ed43
Schlüssel Gelöscht : HKLM\SOFTWARE\5c08dd8b634ed43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricspal
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v34.0.1847.137

[ Datei : C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203
Gelöscht [Startup_urls] : hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203

*************************

AdwCleaner[R0].txt - [4250 octets] - [20/05/2014 18:07:22]
AdwCleaner[S0].txt - [3538 octets] - [20/05/2014 18:07:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3598 octets] ##########
         

Alt 21.05.2014, 15:40   #8
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Wo ist das FRST Log?

Alt 22.05.2014, 13:51   #9
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lukas1 (administrator) on LUKAS on 22-05-2014 14:48:30
Running from C:\Users\Lukas1\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Dropbox, Inc.) C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [76912 2012-07-14] (cyberlink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify] => C:\Users\Lukas1\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify Web Helper] => C:\Users\Lukas1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-27]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Lukas1\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\Lukas1\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-14]
CHR Extension: (AdBlock) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-22]
CHR Extension: (Disconnect) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-01-17]
CHR Extension: (Google Wallet) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-27]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-11] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [236144 2012-07-13] (CyberLink)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-01] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-16] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-16] ()
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 TDKLIB; \??\C:\Users\Lukas1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-20 18:40 - 2014-05-20 18:40 - 00000915 _____ () C:\Users\Lukas1\Desktop\JRT.txt
2014-05-20 18:30 - 2014-05-20 18:31 - 01016261 _____ (Thisisu) C:\Users\Lukas1\Desktop\JRT.exe
2014-05-20 18:28 - 2014-05-20 18:29 - 00001531 _____ () C:\Users\Lukas1\Desktop\mbam.txt
2014-05-20 18:07 - 2014-05-20 18:08 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 18:06 - 2014-05-20 18:06 - 01326389 _____ () C:\Users\Lukas1\Desktop\adwcleaner_3.210.exe
2014-05-18 20:29 - 2014-05-18 20:29 - 00025160 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware.txt
2014-05-18 20:29 - 2014-05-18 20:29 - 00001588 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware2.txt
2014-05-18 20:23 - 2014-05-18 20:23 - 00380416 _____ () C:\Users\Lukas1\Downloads\Gmer-19357.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 00380416 _____ () C:\Users\Lukas1\Desktop\Gmer-19357.exe
2014-05-18 20:16 - 2014-05-20 18:43 - 00026794 _____ () C:\Users\Lukas1\Desktop\Addition.txt
2014-05-18 20:15 - 2014-05-22 14:48 - 00021377 _____ () C:\Users\Lukas1\Desktop\FRST.txt
2014-05-18 20:14 - 2014-05-22 14:48 - 00000000 ____D () C:\FRST
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Desktop\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Desktop\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:41 - 2014-05-20 18:08 - 00028256 _____ () C:\Windows\PFRO.log
2014-05-18 14:26 - 2014-05-20 18:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 14:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 14:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:08 - 2014-05-18 14:03 - 00042088 _____ () C:\error.php
2014-05-18 14:07 - 2014-05-18 14:10 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 17:41 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-14 17:41 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-14 17:40 - 2014-05-14 17:41 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 15:03 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:03 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:03 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:03 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 15:03 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:03 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:03 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 15:03 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:02 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 15:02 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 15:02 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 15:02 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:02 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:02 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:02 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 15:02 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 15:02 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:02 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:02 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:02 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 15:02 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:02 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 15:00 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 15:00 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 15:00 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 15:00 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 15:00 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 15:00 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:25 - 2014-05-09 16:26 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-08 14:50 - 2014-05-09 16:25 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-08 14:50 - 2014-05-08 14:52 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:45 - 2014-05-06 15:47 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 15:01 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:01 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:01 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

==================== One Month Modified Files and Folders =======

2014-05-22 14:48 - 2014-05-18 20:15 - 00021377 _____ () C:\Users\Lukas1\Desktop\FRST.txt
2014-05-22 14:48 - 2014-05-18 20:14 - 00000000 ____D () C:\FRST
2014-05-22 14:48 - 2012-07-26 12:27 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-05-22 14:48 - 2012-07-26 12:27 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-05-22 14:48 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-22 14:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-22 14:46 - 2014-03-27 17:49 - 00000000 ___RD () C:\Users\Lukas1\Dropbox
2014-05-22 14:46 - 2014-03-27 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Dropbox
2014-05-22 14:45 - 2013-08-14 13:22 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-21 21:04 - 2013-08-14 13:22 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 19:09 - 2013-05-09 12:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-21 17:14 - 2013-04-04 17:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-21 17:13 - 2013-06-18 17:50 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Spotify
2014-05-21 16:36 - 2014-04-20 15:06 - 02036605 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 16:29 - 2013-04-04 17:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-21 16:18 - 2013-06-18 17:51 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Spotify
2014-05-20 20:57 - 2013-02-21 02:08 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-20 20:54 - 2013-06-20 19:35 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\TS3Client
2014-05-20 20:48 - 2013-08-06 23:27 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\LogMeIn Hamachi
2014-05-20 20:48 - 2013-04-10 17:23 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-20 20:47 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 18:43 - 2014-05-18 20:16 - 00026794 _____ () C:\Users\Lukas1\Desktop\Addition.txt
2014-05-20 18:40 - 2014-05-20 18:40 - 00000915 _____ () C:\Users\Lukas1\Desktop\JRT.txt
2014-05-20 18:34 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-20 18:31 - 2014-05-20 18:30 - 01016261 _____ (Thisisu) C:\Users\Lukas1\Desktop\JRT.exe
2014-05-20 18:29 - 2014-05-20 18:28 - 00001531 _____ () C:\Users\Lukas1\Desktop\mbam.txt
2014-05-20 18:14 - 2014-05-18 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 18:08 - 2014-05-20 18:07 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:08 - 2014-05-18 14:41 - 00028256 _____ () C:\Windows\PFRO.log
2014-05-20 18:06 - 2014-05-20 18:06 - 01326389 _____ () C:\Users\Lukas1\Desktop\adwcleaner_3.210.exe
2014-05-20 16:24 - 2013-04-23 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Windows Live
2014-05-19 21:56 - 2013-04-04 21:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Skype
2014-05-19 20:15 - 2013-05-09 12:17 - 00344576 ___SH () C:\Users\Lukas1\Downloads\Thumbs.db
2014-05-18 20:29 - 2014-05-18 20:29 - 00025160 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware.txt
2014-05-18 20:29 - 2014-05-18 20:29 - 00001588 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware2.txt
2014-05-18 20:23 - 2014-05-18 20:23 - 00380416 _____ () C:\Users\Lukas1\Downloads\Gmer-19357.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 00380416 _____ () C:\Users\Lukas1\Desktop\Gmer-19357.exe
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Desktop\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Desktop\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 20:12 - 2013-03-02 14:37 - 00000000 ____D () C:\Users\Lukas1
2014-05-18 19:36 - 2013-03-02 14:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3612053278-141353942-2490348611-1002
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2013-10-06 18:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:15 - 2013-08-14 13:22 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
2014-05-18 14:10 - 2014-05-18 14:07 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:03 - 2014-05-18 14:08 - 00042088 _____ () C:\error.php
2014-05-16 14:29 - 2014-03-27 17:49 - 00001021 _____ () C:\Users\Lukas1\Desktop\Dropbox.lnk
2014-05-16 14:29 - 2014-03-27 17:47 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 14:29 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 20:19 - 2013-06-27 18:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-15 19:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-15 14:56 - 2014-01-07 17:57 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 14:56 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 14:56 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 14:49 - 2014-01-11 22:45 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-15 14:49 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 17:41 - 2014-05-14 17:40 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 17:24 - 2013-08-03 13:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:21 - 2013-04-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-14 16:52 - 2013-08-19 19:02 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-14 16:52 - 2013-06-16 14:44 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-14 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-11 16:35 - 2013-06-16 09:15 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:26 - 2014-05-09 16:25 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-09 16:25 - 2014-05-08 14:50 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-09 16:25 - 2014-01-29 21:52 - 00000000 ____D () C:\Windows\Minidump
2014-05-08 14:59 - 2013-08-14 13:22 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 14:59 - 2013-08-14 13:22 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:52 - 2014-05-08 14:50 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 20:55 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 16:25 - 2013-11-06 20:49 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 16:24 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 16:24 - 2013-06-27 18:07 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:47 - 2014-05-06 15:45 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 07:14 - 2014-05-14 15:02 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 15:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 22:43 - 2013-06-22 13:20 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\vlc
2014-05-02 15:58 - 2014-01-11 22:23 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.technic
2014-05-02 13:37 - 2014-01-11 22:23 - 02346942 _____ () C:\Users\Lukas1\Desktop\TechnicLauncher.exe
2014-05-02 13:37 - 2014-01-11 22:14 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.minecraft
2014-05-01 22:37 - 2013-11-13 20:40 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-11-13 20:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 20:29 - 2013-10-30 15:17 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-10-30 15:17 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-22 17:01 - 2013-11-04 18:01 - 00000000 ____D () C:\ProgramData\LogMeIn

Some content of TEMP:
====================
C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxep94d.dll
C:\Users\Lukas1\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 15:02] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-21 19:38

==================== End Of Log ============================
         
--- --- ---

Alt 22.05.2014, 15:26   #10
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Hallo,

Schritt 1: FRST Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = 
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxep94d.dll
C:\Users\Lukas1\AppData\Local\Temp\Quarantine.exe
Task: {14D1CCEB-86BB-49C8-9868-B9B25885C808} - \BitGuard No Task File <==== ATTENTION
AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2: FRST Scan



Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

Schritt 3: TFC

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Schritt 4: ESET


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 5: Frage

Wie läuft der PC?

Alt 24.05.2014, 18:53   #11
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Lukas1 at 2014-05-22 20:19:56 Run:1
Running from C:\Users\Lukas1\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = 
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
2014-05-18 14:11 - 2014-05-18 14:11 - 00003148 _____ () C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450}
C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxep94d.dll
C:\Users\Lukas1\AppData\Local\Temp\Quarantine.exe
Task: {14D1CCEB-86BB-49C8-9868-B9B25885C808} - \BitGuard No Task File <==== ATTENTION
AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} => Key deleted successfully.
HKCR\CLSID\{EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
C:\Windows\System32\Tasks\{61CFF9B2-A12C-4935-BD89-1998314C7450} => Moved successfully.
"C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxep94d.dll" => File/Directory not found.
C:\Users\Lukas1\AppData\Local\Temp\Quarantine.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14D1CCEB-86BB-49C8-9868-B9B25885C808} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14D1CCEB-86BB-49C8-9868-B9B25885C808} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml => ":OECustomProperty" ADS removed successfully.

==== End of Fixlog ====
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d29e343cb621884a81f79ed276de181d
# engine=18369
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-22 07:13:48
# local_time=2014-05-22 09:13:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode=774 16777213 85 76 609034 1399797 0 0
# compatibility_mode=5893 16776574 100 94 628252 6654600 0 0
# scanned=93475
# found=0
# cleaned=0
# scan_time=2308
         
Der Pc läuft wie vor der Kontermination und es gibt keine Auffälligkeiten mehr seit der Säuberung.

Alt 24.05.2014, 19:07   #12
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Was ist mit Schritt 2?

Alt 26.05.2014, 15:52   #13
DerGeilomat
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lukas1 at 2014-05-22 20:21:11
Running from C:\Users\Lukas1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blitzkrieg Mod version 4.8.1.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.8.1.0 - Blitzkrieg Mod Team)
Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

06-05-2014 14:21:09 avast! antivirus system restore point
13-05-2014 17:15:12 Geplanter Prüfpunkt
18-05-2014 12:21:35 Revo Uninstaller's restore point - WPM18.8.0.304

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {053A9073-860D-4A62-AE0C-0788810FB475} - System32\Tasks\{CE5A12F7-9F4D-4995-8CD5-DF3C8D56E7BF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsMain
Task: {0E3DC0D6-3EE8-446F-ADB3-B730E47A4A31} - System32\Tasks\{280D50DD-49E8-4CBE-AB2B-DA02E4201042} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {17B9327A-5E59-4B55-A149-FA655CBD2CCD} - System32\Tasks\{2773D659-7CEF-42CB-ABA4-236740DC0924} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BD0FCDB-DEF2-4DB1-8E7F-E86F4EBE5213} - System32\Tasks\{666527F7-6002-404C-AD74-36AE0EC7E227} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2864CF46-9DEA-4D5E-9E86-0CCBC0D02417} - System32\Tasks\{C08C7ABD-57EC-433F-B131-968F198AC862} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {2CA94E8C-AB80-444E-9CFC-7D53AF8995EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {307F2D74-6689-4B2F-90EE-33F622095AB5} - System32\Tasks\{C3A778E7-BAEC-4E72-A725-F15896D32964} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {3FC15C4A-0988-4328-B6BE-350CA3DF9472} - System32\Tasks\{47604712-095A-4831-8221-A2965B8FE551} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {4EAF0553-51D7-4C03-81A2-BF0F23798EE9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {5450324F-5314-48FA-87D1-53BAFF57902D} - System32\Tasks\{B3DDFEB0-D018-40E0-BC29-1C682D4F4950} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/go/help.faq.installer?LastError=1603
Task: {66684CA4-34A9-47AE-88EB-FFD0AFF318CF} - System32\Tasks\{98D92ADC-0AA0-43B8-90A1-A6A297A0FE46} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {6AFB890F-59BF-4695-96E4-87CBFD66B4D0} - System32\Tasks\{14DC988C-F9E1-46B1-9DF0-1C861547A231} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {7C53D0F8-267F-4B26-9DB7-1FEE3DE58933} - \{61CFF9B2-A12C-4935-BD89-1998314C7450} No Task File <==== ATTENTION
Task: {80779342-4458-4E11-86D3-2F3FFBC85B42} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {81C7999F-9DE9-427C-AAF6-A4559FEA6808} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {882CA471-94E9-411A-B13B-9B321F96B1D5} - System32\Tasks\{FB1E42AD-BEF9-43FE-B191-771950D295FC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {8B054801-A7E7-43FB-BF06-2EBCE8C83343} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {96BDD7F5-B265-48C9-B751-A840B1C02DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BBBDFAE2-3D16-4B1B-BFCA-EC31C0AE54F7} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C38B253F-46E7-4DBE-B1D4-A64C9A33D861} - System32\Tasks\{6AE0AB08-125B-4073-8D8B-77DA2E944937} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/de/abandoninstall?page=tsProgressBar
Task: {C595CE85-1686-406B-9CD6-F797AA88102F} - System32\Tasks\{52B85645-CFF1-4FC6-9020-EFC796616E68} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C894760C-AC95-420D-BEB0-6AAFA5DBB2F4} - System32\Tasks\{01C95A51-9824-4F8E-8020-0E273D8371C6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {D3311B43-E0D2-4283-AEDB-2A19E4E865BC} - System32\Tasks\{EAEC581B-3625-4C72-9169-FAD7328A54C9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {EAB2CF42-2AE0-40DD-89B7-3AC2529AC06A} - System32\Tasks\{E6BDF8A1-5791-41C3-B27F-13DE21549EC5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F116B9E2-C493-426F-9AD8-F36A27935359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 20:16 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-17 20:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-19 19:02 - 2013-10-01 05:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-02-21 02:03 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-12-07 15:17 - 2013-12-07 15:17 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-21 09:38 - 2012-10-26 20:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-14 19:07 - 2013-11-22 01:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-05-22 18:16 - 2014-05-22 18:16 - 02254848 _____ () C:\Program Files\AVAST Software\Avast\defs\14052200\algo.dll
2014-05-22 19:56 - 2014-05-22 19:56 - 00041984 _____ () c:\users\lukas1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpboivyw.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-21 02:01 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-17 17:17 - 2013-10-17 17:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-04-17 20:16 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-02-14 20:35 - 2014-02-14 20:35 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2014-05-22 15:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
2013-02-21 01:47 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 23:32 - 2013-11-21 23:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-02-22 04:05 - 2012-11-26 06:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2014 04:32:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/21/2014 09:42:21 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/21/2014 07:09:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.19.72.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a78

Startzeit: 01cf7517307f702c

Endzeit: 11

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: 8dcf71ad-e10a-11e3-812b-5cf9dd5b0642

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2014 09:40:36 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


System errors:
=============
Error: (05/22/2014 07:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/22/2014 07:55:35 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "LUKAS" auf Transport "NetBT_Tcpip_{459AA3BD-5665-4B6C-BF8C-69898E2FFA84}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/22/2014 07:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/22/2014 07:54:40 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (05/22/2014 06:16:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/22/2014 04:13:08 PM) (Source: DCOM) (EventID: 10010) (User: Lukas)
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}

Error: (05/21/2014 09:14:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/21/2014 07:37:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Installer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/21/2014 07:37:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Installer erreicht.

Error: (05/21/2014 07:06:29 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "LUKAS" auf Transport "NetBT_Tcpip_{459AA3BD-5665-4B6C-BF8C-69898E2FFA84}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8048.93 MB
Available physical RAM: 5413.51 MB
Total Pagefile: 16240.93 MB
Available Pagefile: 13395.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.34 GB) (Free:554.71 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:14.03 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D48BB8E2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lukas1 (administrator) on LUKAS on 22-05-2014 20:20:34
Running from C:\Users\Lukas1\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dropbox, Inc.) C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [76912 2012-07-14] (cyberlink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify] => C:\Users\Lukas1\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [Spotify Web Helper] => C:\Users\Lukas1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3612053278-141353942-2490348611-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lukas1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {EB6A4DD9-DA5B-4CDC-894B-D53012049BAA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-27]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hp&ts=1400414652&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203", "hxxp://istart.webssearches.com/?type=hppp&ts=1400414790&from=amt&uid=ST1000LM024XHN-M101MBB_S2WZJ90CB95203B95203"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Lukas1\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\Lukas1\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-14]
CHR Extension: (AdBlock) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-22]
CHR Extension: (Disconnect) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-01-17]
CHR Extension: (Google Wallet) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Lukas1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-27]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-11] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [236144 2012-07-13] (CyberLink)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-01] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-16] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-16] ()
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 TDKLIB; \??\C:\Users\Lukas1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-20 18:40 - 2014-05-20 18:40 - 00000915 _____ () C:\Users\Lukas1\Desktop\JRT.txt
2014-05-20 18:30 - 2014-05-20 18:31 - 01016261 _____ (Thisisu) C:\Users\Lukas1\Desktop\JRT.exe
2014-05-20 18:28 - 2014-05-20 18:29 - 00001531 _____ () C:\Users\Lukas1\Desktop\mbam.txt
2014-05-20 18:07 - 2014-05-20 18:08 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 18:06 - 2014-05-20 18:06 - 01326389 _____ () C:\Users\Lukas1\Desktop\adwcleaner_3.210.exe
2014-05-18 20:29 - 2014-05-18 20:29 - 00025160 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware.txt
2014-05-18 20:29 - 2014-05-18 20:29 - 00001588 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware2.txt
2014-05-18 20:23 - 2014-05-18 20:23 - 00380416 _____ () C:\Users\Lukas1\Downloads\Gmer-19357.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 00380416 _____ () C:\Users\Lukas1\Desktop\Gmer-19357.exe
2014-05-18 20:16 - 2014-05-20 18:43 - 00026794 _____ () C:\Users\Lukas1\Desktop\Addition.txt
2014-05-18 20:15 - 2014-05-22 20:20 - 00021412 _____ () C:\Users\Lukas1\Desktop\FRST.txt
2014-05-18 20:14 - 2014-05-22 20:20 - 00000000 ____D () C:\FRST
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Desktop\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Desktop\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:41 - 2014-05-20 18:08 - 00028256 _____ () C:\Windows\PFRO.log
2014-05-18 14:26 - 2014-05-20 18:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 14:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 14:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:08 - 2014-05-18 14:03 - 00042088 _____ () C:\error.php
2014-05-18 14:07 - 2014-05-18 14:10 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 17:41 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-14 17:41 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-14 17:40 - 2014-05-14 17:41 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 15:03 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:03 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:03 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:03 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 15:03 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:03 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:03 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 15:03 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:02 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 15:02 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 15:02 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 15:02 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 15:02 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 15:02 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:02 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:02 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:02 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 15:02 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:02 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:02 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:02 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 15:02 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 15:02 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:02 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:02 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:02 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:02 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 15:02 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:02 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 15:00 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 15:00 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 15:00 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 15:00 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 15:00 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 15:00 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 15:00 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:25 - 2014-05-09 16:26 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-08 14:50 - 2014-05-09 16:25 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-08 14:50 - 2014-05-08 14:52 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:45 - 2014-05-06 15:47 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 15:01 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:01 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:01 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:01 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

==================== One Month Modified Files and Folders =======

2014-05-22 20:20 - 2014-05-18 20:15 - 00021412 _____ () C:\Users\Lukas1\Desktop\FRST.txt
2014-05-22 20:20 - 2014-05-18 20:14 - 00000000 ____D () C:\FRST
2014-05-22 20:19 - 2013-10-23 19:42 - 01142433 _____ () C:\Users\Lukas1\Downloads\email_4385_20131023194225.eml
2014-05-22 20:05 - 2014-04-20 15:06 - 02062871 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 20:04 - 2013-08-14 13:22 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 20:03 - 2013-02-21 02:08 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-22 20:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-22 19:56 - 2014-03-27 17:49 - 00000000 ___RD () C:\Users\Lukas1\Dropbox
2014-05-22 19:56 - 2014-03-27 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Dropbox
2014-05-22 19:55 - 2013-08-14 13:22 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 19:55 - 2013-08-06 23:27 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\LogMeIn Hamachi
2014-05-22 19:55 - 2013-04-10 17:23 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-22 19:55 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 19:54 - 2013-04-10 15:49 - 00000000 ____D () C:\Users\Lukas1\Documents\Schule
2014-05-22 19:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-22 16:07 - 2013-06-18 17:50 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Spotify
2014-05-22 15:14 - 2013-08-14 13:22 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 14:48 - 2012-07-26 12:27 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-05-22 14:48 - 2012-07-26 12:27 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-05-22 14:48 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 19:09 - 2013-05-09 12:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-21 17:14 - 2013-04-04 17:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-21 16:29 - 2013-04-04 17:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-21 16:18 - 2013-06-18 17:51 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Spotify
2014-05-20 20:54 - 2013-06-20 19:35 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\TS3Client
2014-05-20 18:43 - 2014-05-18 20:16 - 00026794 _____ () C:\Users\Lukas1\Desktop\Addition.txt
2014-05-20 18:40 - 2014-05-20 18:40 - 00000915 _____ () C:\Users\Lukas1\Desktop\JRT.txt
2014-05-20 18:31 - 2014-05-20 18:30 - 01016261 _____ (Thisisu) C:\Users\Lukas1\Desktop\JRT.exe
2014-05-20 18:29 - 2014-05-20 18:28 - 00001531 _____ () C:\Users\Lukas1\Desktop\mbam.txt
2014-05-20 18:14 - 2014-05-18 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 18:08 - 2014-05-20 18:07 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:08 - 2014-05-18 14:41 - 00028256 _____ () C:\Windows\PFRO.log
2014-05-20 18:06 - 2014-05-20 18:06 - 01326389 _____ () C:\Users\Lukas1\Desktop\adwcleaner_3.210.exe
2014-05-20 16:24 - 2013-04-23 17:45 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Windows Live
2014-05-19 21:56 - 2013-04-04 21:06 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Skype
2014-05-19 20:15 - 2013-05-09 12:17 - 00344576 ___SH () C:\Users\Lukas1\Downloads\Thumbs.db
2014-05-18 20:29 - 2014-05-18 20:29 - 00025160 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware.txt
2014-05-18 20:29 - 2014-05-18 20:29 - 00001588 _____ () C:\Users\Lukas1\Desktop\Suchlaufprotokoll Malwarebytes anti-maleware2.txt
2014-05-18 20:23 - 2014-05-18 20:23 - 00380416 _____ () C:\Users\Lukas1\Downloads\Gmer-19357.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 00380416 _____ () C:\Users\Lukas1\Desktop\Gmer-19357.exe
2014-05-18 20:13 - 2014-05-18 20:13 - 02067456 _____ (Farbar) C:\Users\Lukas1\Desktop\FRST64.exe
2014-05-18 20:12 - 2014-05-18 20:12 - 00000474 _____ () C:\Users\Lukas1\Desktop\defogger_disable.log
2014-05-18 20:12 - 2014-05-18 20:12 - 00000000 _____ () C:\Users\Lukas1\defogger_reenable
2014-05-18 20:12 - 2013-03-02 14:37 - 00000000 ____D () C:\Users\Lukas1
2014-05-18 19:36 - 2013-03-02 14:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3612053278-141353942-2490348611-1002
2014-05-18 19:22 - 2014-05-18 19:22 - 00050477 _____ () C:\Users\Lukas1\Downloads\Defogger.exe
2014-05-18 14:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-18 14:26 - 2014-05-18 14:26 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2014-05-18 14:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 14:26 - 2013-10-06 18:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 14:18 - 2014-05-18 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas1\Downloads\revosetup.exe
2014-05-18 14:18 - 2014-05-18 14:18 - 00001266 _____ () C:\Users\Lukas1\Desktop\Revo Uninstaller.lnk
2014-05-18 14:18 - 2014-05-18 14:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 14:10 - 2014-05-18 14:07 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Opera Software
2014-05-18 14:08 - 2014-05-18 14:08 - 00000000 ____D () C:\Users\Lukas1\AppData\Local\Opera Software
2014-05-18 14:03 - 2014-05-18 14:08 - 00042088 _____ () C:\error.php
2014-05-16 14:29 - 2014-03-27 17:49 - 00001021 _____ () C:\Users\Lukas1\Desktop\Dropbox.lnk
2014-05-16 14:29 - 2014-03-27 17:47 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 14:29 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 20:19 - 2013-06-27 18:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-15 19:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-15 14:56 - 2014-01-07 17:57 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 14:56 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 14:56 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 14:49 - 2014-05-15 14:49 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 14:49 - 2014-01-11 22:45 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-15 14:49 - 2013-03-02 14:39 - 00000000 ___RD () C:\Users\Lukas1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 14:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 17:41 - 2014-05-14 17:40 - 00000103 _____ () C:\Windows\setupact.log
2014-05-14 17:40 - 2014-05-14 17:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 17:24 - 2013-08-03 13:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:21 - 2013-04-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-14 16:52 - 2013-08-19 19:02 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-14 16:52 - 2013-06-16 14:44 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-14 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-11 16:35 - 2013-06-16 09:15 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-10 21:00 - 2014-05-10 21:00 - 00060080 _____ () C:\Users\Lukas1\Documents\ts3_clientui-win64-1394624943-2014-05-10 21_00_07.221609.dmp
2014-05-10 20:57 - 2014-05-10 20:57 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\NVIDIA
2014-05-09 16:26 - 2014-05-09 16:25 - 00262192 _____ () C:\Windows\Minidump\050914-41265-01.dmp
2014-05-09 16:25 - 2014-05-08 14:50 - 817122576 _____ () C:\Windows\MEMORY.DMP
2014-05-09 16:25 - 2014-01-29 21:52 - 00000000 ____D () C:\Windows\Minidump
2014-05-08 14:59 - 2013-08-14 13:22 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 14:59 - 2013-08-14 13:22 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:52 - 2014-05-08 14:50 - 00297552 _____ () C:\Windows\Minidump\050814-27515-01.dmp
2014-05-06 20:55 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 16:25 - 2013-11-06 20:49 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 16:24 - 2014-05-06 16:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 16:24 - 2014-05-06 16:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 16:24 - 2013-11-06 20:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400158505421
2014-05-06 16:24 - 2013-06-27 18:07 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 16:24 - 2013-06-27 18:07 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 16:24 - 2013-06-27 18:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:47 - 2014-05-06 15:45 - 30812976 _____ () C:\Users\Lukas1\Downloads\V01_Meet Jeff Banks_Jeff Banks_Debs_Syn-syndication.mp4
2014-05-06 07:14 - 2014-05-14 15:02 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 15:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 15:02 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 15:02 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 22:43 - 2013-06-22 13:20 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\vlc
2014-05-02 15:58 - 2014-01-11 22:23 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.technic
2014-05-02 13:37 - 2014-01-11 22:23 - 02346942 _____ () C:\Users\Lukas1\Desktop\TechnicLauncher.exe
2014-05-02 13:37 - 2014-01-11 22:14 - 00000000 ____D () C:\Users\Lukas1\AppData\Roaming\.minecraft
2014-05-01 22:37 - 2013-11-13 20:40 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-11-13 20:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 20:29 - 2013-10-30 15:17 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-10-30 15:17 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-22 17:01 - 2013-11-04 18:01 - 00000000 ____D () C:\ProgramData\LogMeIn

Some content of TEMP:
====================
C:\Users\Lukas1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpboivyw.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 15:02] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-21 19:38

==================== End Of Log ============================
         
--- --- ---

Alt 27.05.2014, 15:48   #14
Machiavelli
 
Windows 8: websearches, wpm-wirus - Standard

Windows 8: websearches, wpm-wirus



Hallo,
nach meiner Erkenntnis, ist Dein PC soweit sauber.

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du mir Feedback geben willst, kannst Du es hier gerne tun: Lob, Kritik und Wünsche - Trojaner-Board


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )


Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Hallo,

Ich werde diese Thema aus meiner Aufsichtsliste streichen, da ich dieses Thema als gelöst ansehe, d.h. ich bekomme keine Notifikationen mehr, wenn Du antwortest.

Falls Du doch weitere Hilfe benötigst, reicht es mir eine PM zu schreiben.
__________________
Proud member of Unite

Antwort

Themen zu Windows 8: websearches, wpm-wirus
adware.eorezo, adware.tuto4pc, anti-malware, backdoor.bot.ed, entferne, geänderte, google chrome, malwarebytes, malwarebytes anti-malware, pup.optional.amonetize, pup.optional.firstseentoday.a, pup.optional.iepluginservice.a, pup.optional.qone8, pup.optional.skytech.a, pup.optional.suptab.a, pup.optional.webssearches.a, pup.optional.wpmanager, revo uninstaller, trojaner-board, uninstaller, websearches, windows, windows 8




Ähnliche Themen: Windows 8: websearches, wpm-wirus


  1. Windows 7 istart.websearches und driver operating service entfernen
    Log-Analyse und Auswertung - 20.08.2015 (1)
  2. Unerwünschte Startseiten websearches/22find führt zu Abstürzen, Aufhängen und komischen Geräuschen
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (30)
  3. Windows Vista: Browser öffnet immer mit Starsseite IE WEBSEARCHES
    Plagegeister aller Art und deren Bekämpfung - 18.11.2014 (9)
  4. websearches.com entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (13)
  5. Proxy stellt sich immer auf 127.0.0.1:9880 nach hijack durch websearches
    Log-Analyse und Auswertung - 08.11.2014 (11)
  6. websearches.com loswerden
    Log-Analyse und Auswertung - 04.09.2014 (1)
  7. istart.websearches.com und SaferPro lassen auf neutralen Schaltflächen Werbung aufpoppen
    Log-Analyse und Auswertung - 06.08.2014 (20)
  8. Startseite "istart.websearches.com" und massenweise fenster öffnen sich
    Plagegeister aller Art und deren Bekämpfung - 23.07.2014 (5)
  9. Nach websearches Befall, was in AdwCleaner löschen?
    Plagegeister aller Art und deren Bekämpfung - 28.06.2014 (11)
  10. Windows 7: istart.websearches lässt sich nicht deinstallieren. Rechner sehr langsam.
    Log-Analyse und Auswertung - 23.06.2014 (5)
  11. websearches öffnet sich immer wieder!
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (10)
  12. WIN7 - Chrome startet immer mit websearches Seite
    Log-Analyse und Auswertung - 13.06.2014 (16)
  13. Browser öffnet diverse Werbeseiten (z.B. websearches.com)
    Plagegeister aller Art und deren Bekämpfung - 05.06.2014 (2)
  14. Ärger mit "websearches und mediaplayerplus" Trojanern-/Vierenprogrammen
    Log-Analyse und Auswertung - 31.05.2014 (7)
  15. websearches uninstaller entfernen
    Log-Analyse und Auswertung - 27.05.2014 (9)
  16. websearches.com ändert Startseite bei Firefox
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (13)
  17. trojaner-doppler wirus
    Plagegeister aller Art und deren Bekämpfung - 21.02.2010 (2)

Zum Thema Windows 8: websearches, wpm-wirus - Hallo Trojaner-board Team, ich wollte mir ein Spiel (Chess Titans) herunterladen. Nachdem ich dies getan hatte, änderte sich meine Suchmaschiene, in Google Chrome, von Google zu websearches. Ändern funktionierte nicht. - Windows 8: websearches, wpm-wirus...
Archiv
Du betrachtest: Windows 8: websearches, wpm-wirus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.