Chrome öffnet Tabs mit Werbung!

CaptainZ · 03.09.2014, 16:47

Hallo liebe Leute,
seit heute öffnen sich in Chrome immer wieder Seiten mit Werbung. Ich benutze die 64Bit Version von Google Chrome. Die Werbung kommt nicht durch die Seiten die ich besuche sondern sicher von einer unerwünschten Datei die bei mir irgendwo laufen muss. Kann jemand mal schauen ob ich da was eingefangen habe? Ich nutze Avast in der normalen wirklich gekauften Version. Gerade mache ich eine vollständige Überprüfung!

deeprybka · 03.09.2014, 17:17

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

CaptainZ · 03.09.2014, 17:31

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Ste (administrator) on CAPTAINPC on 03-09-2014 18:23:51
Running from C:\Users\Ste\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Spotify Ltd) C:\Users\Ste\AppData\Roaming\Spotify\spotify.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-06-03] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [framei] => C:\Users\Ste\AppData\Local\ContextFree\framei.exe [567808 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [nvcmd] => C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [cntcmd] => C:\Users\Ste\AppData\Local\ContextFree\cntcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {249684e7-0b46-11e4-beba-4c72b9ad97be} - "E:\SETUP.EXE" 
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {63d56146-fe26-11e3-bea9-4c72b9ad97be} - "E:\setup\rsrc\Autorun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46E8CD6D9043CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {28D12899-03A0-406E-8858-1591705DE945} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\staged [2014-09-03]
FF Extension: DownloadHelper - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-19]

Chrome: 
=======
CHR Profile: C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-20]
CHR Extension: (BetterTTV) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-20]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-20]
CHR Extension: (plugCubed) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmcolnbeaedhcaiafolaaiokicobgc [2014-07-20]
CHR Extension: (Google Search) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-20]
CHR Extension: (Tampermonkey) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-16]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-07-20]
CHR Extension: (Google Play Music) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-20]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-07-20]
CHR Extension: (Webcam Toy) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-19]
CHR Extension: (Gmail) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncbbbpddkdpkckkbifnfgmfbnocdmih [2014-07-20]
CHR Extension: (Lounge Companion (Dota 2 & CS:GO)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-25] () [File not signed]
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R2 hmip; C:\WINDOWS\system32\Drivers\hmip64.sys [38760 2013-06-19] (Hide My IP)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wlreadun; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 18:23 - 2014-09-03 18:24 - 00000000 ____D () C:\FRST
2014-09-03 18:23 - 2014-09-03 18:23 - 00023554 _____ () C:\Users\Ste\Downloads\FRST.txt
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:21 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 15:03 - 2014-09-03 15:03 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 15:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:14 - 2014-09-02 15:14 - 00001098 _____ () C:\Users\Ste\Desktop\KMSPico CloseAll.lnk
2014-09-02 15:13 - 2014-09-02 15:18 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:13 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\ContextFree
2014-09-01 14:03 - 2014-09-01 14:05 - 137333626 _____ () C:\Users\Ste\Downloads\kuptonvids.zip
2014-08-29 21:48 - 2014-08-29 21:49 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:52 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 14:41 - 2014-09-03 15:02 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-09-03 17:45 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 14:40 - 2014-09-03 15:02 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:39 - 2014-08-28 14:40 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:31 - 2014-09-02 15:32 - 00002742 _____ () C:\WINDOWS\PFRO.log
2014-08-27 21:08 - 2014-08-27 21:11 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 20:54 - 2014-08-29 22:41 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 14:06 - 2014-08-26 14:08 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 23:09 - 2014-08-25 23:09 - 00000372 _____ () C:\Users\Ste\Downloads\xmas64.rar
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 13:43 - 2014-09-03 18:16 - 00564142 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 13:00 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 13:00 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 00:44 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 00:44 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 00:37 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 00:37 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 00:37 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 00:37 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 00:37 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 00:37 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 00:37 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 00:37 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 00:37 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 00:37 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 00:37 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 00:36 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 00:36 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 00:35 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 00:35 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 00:34 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 00:34 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 00:34 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 00:34 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 00:34 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 00:34 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 00:29 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 00:29 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 00:29 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 00:29 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 00:29 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 00:29 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 00:29 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 16:48 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-08-13 00:55 - 2014-08-13 00:59 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 02:05 - 2014-08-07 15:23 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:19 - 2014-08-04 00:42 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 18:24 - 2014-09-03 18:23 - 00000000 ____D () C:\FRST
2014-09-03 18:23 - 2014-09-03 18:23 - 00023554 _____ () C:\Users\Ste\Downloads\FRST.txt
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:22 - 2014-09-03 18:21 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 18:22 - 2014-03-24 19:41 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB2AFE3E-8364-41A2-BA5C-F8E0CE4FD5D0}
2014-09-03 18:17 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\TS3Client
2014-09-03 18:16 - 2014-08-23 13:43 - 00564142 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-03 18:11 - 2014-03-19 20:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Spotify
2014-09-03 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-03 17:45 - 2014-08-28 14:40 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 17:30 - 2014-03-19 18:23 - 00000000 ____D () C:\Users\Ste\AppData\Local\VirtualStore
2014-09-03 16:24 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-03 15:05 - 2014-03-19 18:31 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-56534520-2028495375-83417344-1001
2014-09-03 15:03 - 2014-09-03 15:03 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 15:02 - 2014-08-28 14:41 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 15:02 - 2014-08-28 14:40 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 15:02 - 2014-03-20 19:47 - 00000000 ___DO () C:\Users\Ste\SkyDrive
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-03 02:01 - 2014-03-19 20:01 - 00000000 ____D () C:\Users\Ste\AppData\Local\Adobe
2014-09-03 00:01 - 2014-05-01 00:03 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\.minecraft
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:19 - 2014-03-19 18:22 - 00000000 ____D () C:\Users\Ste\AppData\Local\Packages
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 20:59 - 2014-03-22 16:06 - 00001456 _____ () C:\Users\Ste\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-02 16:56 - 2014-06-08 20:05 - 00000000 ____D () C:\Users\Ste\Downloads\Visual+Studio+2013+crack
2014-09-02 15:32 - 2014-08-28 14:31 - 00002742 _____ () C:\WINDOWS\PFRO.log
2014-09-02 15:32 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-02 15:31 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-02 15:20 - 2014-03-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 15:18 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:18 - 2014-06-11 23:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:14 - 2014-09-02 15:14 - 00001098 _____ () C:\Users\Ste\Desktop\KMSPico CloseAll.lnk
2014-09-02 15:13 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\ContextFree
2014-09-02 15:11 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Skype
2014-09-01 14:05 - 2014-09-01 14:03 - 137333626 _____ () C:\Users\Ste\Downloads\kuptonvids.zip
2014-08-31 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-31 15:25 - 2014-06-21 16:11 - 00000000 ____D () C:\Users\Ste\AppData\Local\Game Dev Tycoon
2014-08-30 19:44 - 2013-08-22 16:44 - 05223864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-30 14:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 22:41 - 2014-08-26 20:54 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-29 22:36 - 2014-03-22 16:16 - 00000000 ____D () C:\ProgramData\Origin
2014-08-29 22:35 - 2014-03-22 16:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-29 21:49 - 2014-08-29 21:48 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 21:37 - 2014-03-22 22:01 - 00000600 _____ () C:\Users\Ste\AppData\Roaming\winscp.rnd
2014-08-29 16:43 - 2014-03-22 16:31 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-08-29 03:13 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Ste
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:45 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Local\Google
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:40 - 2014-08-28 14:39 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:40 - 2014-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-28 14:36 - 2014-03-19 19:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-27 21:11 - 2014-08-27 21:08 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 16:17 - 2014-06-07 15:56 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft
2014-08-26 14:08 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 23:09 - 2014-08-25 23:09 - 00000372 _____ () C:\Users\Ste\Downloads\xmas64.rar
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-25 18:40 - 2014-04-06 00:54 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-08-25 14:26 - 2014-03-19 20:33 - 00000000 ____D () C:\Users\Ste\AppData\Local\Spotify
2014-08-24 20:47 - 2014-05-31 13:43 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-24 20:45 - 2014-04-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-24 00:07 - 2014-04-01 20:23 - 00000000 ____D () C:\Users\Ste\Documents\My Games
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 02:42 - 2014-08-28 14:52 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:47 - 2014-05-01 01:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-22 18:42 - 2014-04-08 16:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-22 18:31 - 2014-06-07 17:11 - 00003648 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-03-24 19:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 14:05 - 2014-08-22 14:06 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 20:48 - 2014-07-26 23:52 - 00000000 ____D () C:\Users\Ste\AppData\Local\ftblauncher
2014-08-19 19:57 - 2014-03-19 23:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 19:52 - 2014-03-19 23:11 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-18 16:55 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 16:54 - 2014-07-14 13:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:22 - 2014-04-04 21:47 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\HpUpdate
2014-08-16 19:22 - 2014-04-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-16 19:22 - 2014-04-04 21:44 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 15:51 - 2014-07-20 11:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 22:51 - 2014-04-03 13:38 - 00000000 ____D () C:\Users\Ste\AppData\Local\DayZ
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 14:23 - 2014-03-19 19:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-15 13:00 - 2014-07-10 23:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 12:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 00:59 - 2014-08-13 00:55 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 15:23 - 2014-08-07 02:05 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-07 04:12 - 2014-08-15 00:34 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 00:35 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-06 00:04 - 2014-04-12 23:58 - 00000000 ____D () C:\Program Files\OBS
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:42 - 2014-08-04 00:19 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4
2014-08-04 00:41 - 2014-04-06 00:54 - 00000000 ____D () C:\Users\Ste\AppData\Local\PunkBuster

Some content of TEMP:
====================
C:\Users\Ste\AppData\Local\Temp\6_Offer_14.exe
C:\Users\Ste\AppData\Local\Temp\ins.exe
C:\Users\Ste\AppData\Local\Temp\KMSPicoCloseAll.exe
C:\Users\Ste\AppData\Local\Temp\proxy_vole8454109476281695788.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-24 13:54

==================== End Of Log ============================

--- --- ---

CaptainZ · 03.09.2014, 17:31

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Ste at 2014-09-03 18:26:56
Running from C:\Users\Ste\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.18.0 - Mirillis)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BCC 8 OFX 64Bit (HKLM\...\{24D38864-527F-4688-B831-A1A4CC60CD54}) (Version: 8.0.1 - Boris FX, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
ContextFree (HKCU\...\ContextFree) (Version:  - )
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 3.9.7.6 - )
Game Dev Tycoon Version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.102 - Google Inc.)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
GTA IV Vehicle Mod Installer v1.2 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.2_is1) (Version:  - MobileD2)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Interstellar Marines (HKLM-x32\...\Steam App 236370) (Version:  - Zero Point Software)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JetBrains dotPeek 1.1 (HKLM-x32\...\{D5A5829D-E916-4277-8E08-2EBD98EC4A10}) (Version: 1.1.1.33 - JetBrains Inc)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{31e4d2a5-b246-4c2d-a7fb-aee157c26b02}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.7.19.0 - Red Giant, LLC)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
spotimote (HKLM-x32\...\spotimote) (Version:  - )
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek GmbH)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.5.2 (HKLM-x32\...\winscp3_is1) (Version: 5.5.2 - Martin Prikryl)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-56534520-2028495375-83417344-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

19-08-2014 17:50:22 Windows Update
22-08-2014 12:04:09 Installed Java 7 Update 67
23-08-2014 22:01:47 Microsoft Visual C++ 2005 Redistributable wird installiert
29-08-2014 19:46:21 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-04-05 23:47 - 00001583 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 ns1.paka-service.com
127.0.0.1 ns2.paka-service.com
127.0.0.1 ns356781.ovh.net
127.0.0.1 www.Mirillis.com
127.0.0.1 HOST-190.EDGE-FO.IAD3.VERISIGN.COM
127.0.0.1 TGV.ANYCAST-FO.CHI2.VERISIGN.COM
127.0.0.1 OCSP.TKO2.VERISIGN.COM
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 crl.verisign.net
127.0.0.1 cs-g2-crl.thawte.com
127.0.0.1 ocsp.thawte.com
127.0.0.1 a23-53-181-163.deploy.static.akamaitechnologies.com
127.0.0.1 a23-37-37-163.deploy.static.akamaitechnologies.com
127.0.0.1 a23-63-133-163.deploy.static.akamaitechnologies.com
127.0.0.1 a92-123-69-197.deploy.akamaitechnologies.com
127.0.0.1 a92-123-69-244.deploy.akamaitechnologies.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05FD59E3-F651-4762-BDC1-30744F8E173B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {16573DAE-3E4C-42B9-B0FA-35C68CA64A6C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EDB7F2D-8394-4240-8DF5-171D0BBA249F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4ACAB9CE-8EC5-425D-BA9F-3133751D1504} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {4EE7CBFF-8912-4283-9650-AEEEC42C6663} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2013-10-10] ()
Task: {5D7D0E15-0DF5-4369-99CA-F4D5FAB26313} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {5E1EC58D-450A-4F37-A8BB-AFBB915A47B8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-19] (Microsoft Corporation)
Task: {6198AA7C-6D2A-4AF7-9866-B377AC4983D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6208A349-A126-4ABE-B9A4-7E3FE0D36362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7289EF42-5A0D-4C21-95E0-20272D406F0B} - System32\Tasks\Driver Booster SkipUAC (Ste) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {72B8EDB2-26DE-4189-B753-4B519293A0AA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B0348A46-BCCD-4985-9DA8-D4672CF1EB0A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-StefanRinas@live.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {C8B670C1-9214-4932-A3AE-4DFD181D905C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E17FAEC4-ABCB-49E0-ADEC-95E9C654489E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EBF6C9F8-3A57-40D1-8318-C1918ACEFD76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {ED71B2E6-F57A-49E1-9AAF-6F00378F4D2B} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-07-14] ()
Task: {FF359962-4398-47FD-A738-D79CFC5C6DFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-15 15:41 - 2014-01-29 19:14 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2014-05-15 15:41 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-05-31 13:43 - 2014-08-24 20:47 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-07-29 22:50 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 12:24 - 2014-03-20 12:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-08-05 17:27 - 2014-08-05 17:27 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-01-10 14:41 - 2014-06-03 16:41 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2014-07-01 14:26 - 2014-07-01 14:26 - 00596480 _____ () C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 00610872 _____ () C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-29 15:03 - 2014-08-28 05:59 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\libglesv2.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\libegl.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 10329416 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\pdf.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\ppGoogleNaClPluginChrome.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\ffmpegsumo.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 26610504 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\PepperFlash\pepflashplayer.dll
2014-07-11 16:00 - 2014-07-11 16:00 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-02 15:12 - 2014-09-02 15:12 - 02807296 _____ () C:\Program Files\AVAST Software\Avast\defs\14090200\algo.dll
2014-09-03 00:13 - 2014-09-03 00:13 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090201\algo.dll
2014-09-03 16:28 - 2014-09-03 16:28 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 13:35 - 2014-08-21 00:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-08-28 20:53 - 2014-08-28 13:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-28 20:53 - 2014-08-28 13:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-11 16:00 - 2014-07-11 16:00 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-22 13:35 - 2014-08-21 00:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-22 13:35 - 2014-08-21 00:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 36966968 _____ () C:\Users\Ste\AppData\Roaming\Spotify\Data\libcef.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 00867896 _____ () C:\Users\Ste\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 00886840 _____ () C:\Users\Ste\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 00108600 _____ () C:\Users\Ste\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ste\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKCU\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
HKCU\...\StartupApproved\Run: => "ESL Wire"
HKCU\...\StartupApproved\Run: => "TeamSpeak 3 Client"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 06:20:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ddc

Startzeit: 01cfc7924d42b7c2

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 468b0160-3386-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 06:05:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16ec

Startzeit: 01cfc79034f61083

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 2a9ea191-3384-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b4c

Startzeit: 01cfc78e1c60a578

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 135bd80f-3382-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 05:35:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f90

Startzeit: 01cfc78c03feb95e

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: fb6a0e7a-337f-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 05:05:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f70

Startzeit: 01cfc787d339020a

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: c89b2583-337b-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 04:35:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 183c

Startzeit: 01cfc783a231b4d4

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 96da7f0b-3377-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 04:20:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4d8

Startzeit: 01cfc78189bdda53

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 7f96e36f-3375-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 03:10:24 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (09/03/2014 02:46:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CAPTAINPC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/02/2014 04:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1968

Startzeit: 01cfc6babc163a70

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: b0bd4b28-32ae-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App


System errors:
=============
Error: (09/03/2014 02:46:14 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:14 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:10 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:08 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (09/03/2014 02:46:08 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/02/2014 03:39:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/02/2014 03:38:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/02/2014 03:33:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/02/2014 03:33:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (09/02/2014 03:31:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office Sessions:
=========================
Error: (09/03/2014 06:20:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311ddc01cfc7924d42b7c24294967295C:\WINDOWS\syswow64\wwahost.exe468b0160-3386-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 06:05:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703116ec01cfc79034f610834294967295C:\WINDOWS\syswow64\wwahost.exe2a9ea191-3384-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031b4c01cfc78e1c60a5784294967295C:\WINDOWS\syswow64\wwahost.exe135bd80f-3382-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 05:35:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031f9001cfc78c03feb95e4294967295C:\WINDOWS\syswow64\wwahost.exefb6a0e7a-337f-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 05:05:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311f7001cfc787d339020a4294967295C:\WINDOWS\syswow64\wwahost.exec89b2583-337b-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 04:35:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031183c01cfc783a231b4d44294967295C:\WINDOWS\syswow64\wwahost.exe96da7f0b-3377-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 04:20:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170314d801cfc78189bdda534294967295C:\WINDOWS\syswow64\wwahost.exe7f96e36f-3375-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 03:10:24 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (09/03/2014 02:46:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CAPTAINPC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (09/02/2014 04:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031196801cfc6babc163a704294967295C:\WINDOWS\syswow64\wwahost.exeb0bd4b28-32ae-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp


CodeIntegrity Errors:
===================================
  Date: 2014-03-20 13:21:14.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe\Platform.winmd that did not meet the Store signing level requirements.

  Date: 2014-03-20 00:46:54.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 8074.35 MB
Available physical RAM: 4317.7 MB
Total Pagefile: 11664.1 MB
Available Pagefile: 6914.17 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:230.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 734FB2D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

es tut mir leid, habe vergessen die Datei vom Desktop aus zu starten und zu scannen. Hoffe dass das nichts ausmacht

deeprybka · 03.09.2014, 17:45

Hi,
das hier gelesen?

CaptainZ · 03.09.2014, 17:49

Nein, was haben Sie denn gefunden?

deeprybka · 03.09.2014, 18:04

Z.B. das

Code:

ATTFilter

2014-09-02 16:56 - 2014-06-08 20:05 - 00000000 ____D () C:\Users\Ste\Downloads\Visual+Studio+2013+crack

CaptainZ · 03.09.2014, 18:07

Ok aber der Ordner war leer somit kein Crack drinnen

sorry habs auch gelöscht

deeprybka · 03.09.2014, 18:37

Ich hab keine Zeit mit Dir Spiele zu spielen. Halte Dich bitte an die Regeln hier und deinstalliere jetzt alles wofür Du keine Lizenz hast.

CaptainZ · 03.09.2014, 19:22

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Ste (administrator) on CAPTAINPC on 03-09-2014 20:18:33
Running from C:\Users\Ste\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Users\Ste\AppData\Local\Temp\DEL8DD8.tmp
(Microsoft Corporation) C:\Users\Ste\AppData\Local\Temp\DEL8DD8.tmp
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-06-03] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [framei] => C:\Users\Ste\AppData\Local\ContextFree\framei.exe [567808 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [nvcmd] => C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [cntcmd] => C:\Users\Ste\AppData\Local\ContextFree\cntcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {249684e7-0b46-11e4-beba-4c72b9ad97be} - "E:\SETUP.EXE" 
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {63d56146-fe26-11e3-bea9-4c72b9ad97be} - "E:\setup\rsrc\Autorun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46E8CD6D9043CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {28D12899-03A0-406E-8858-1591705DE945} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\staged [2014-09-03]
FF Extension: DownloadHelper - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-19]

Chrome: 
=======
CHR Profile: C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-20]
CHR Extension: (BetterTTV) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-20]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-20]
CHR Extension: (plugCubed) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmcolnbeaedhcaiafolaaiokicobgc [2014-07-20]
CHR Extension: (Google Search) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-20]
CHR Extension: (Tampermonkey) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-16]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-07-20]
CHR Extension: (Google Play Music) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-20]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-07-20]
CHR Extension: (Webcam Toy) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-19]
CHR Extension: (Gmail) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncbbbpddkdpkckkbifnfgmfbnocdmih [2014-07-20]
CHR Extension: (Lounge Companion (Dota 2 & CS:GO)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-25] () [File not signed]
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R2 hmip; C:\WINDOWS\system32\Drivers\hmip64.sys [38760 2013-06-19] (Hide My IP)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wlreadun; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 20:18 - 2014-09-03 20:18 - 00022252 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-03 19:25 - 2014-09-03 19:25 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 18:51 - 2014-09-03 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:23 - 2014-09-03 20:18 - 00000000 ____D () C:\FRST
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:21 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 15:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:13 - 2014-09-02 15:18 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:13 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\ContextFree
2014-08-29 21:48 - 2014-08-29 21:49 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:52 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 14:41 - 2014-09-03 19:22 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-09-03 19:45 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 14:40 - 2014-09-03 19:21 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:39 - 2014-08-28 14:40 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:31 - 2014-09-02 15:32 - 00002742 _____ () C:\WINDOWS\PFRO.log
2014-08-27 21:08 - 2014-08-27 21:11 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 20:54 - 2014-08-29 22:41 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 14:06 - 2014-08-26 14:08 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 13:43 - 2014-09-03 19:45 - 00603384 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 13:00 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 13:00 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 00:44 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 00:44 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 00:37 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 00:37 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 00:37 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 00:37 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 00:37 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 00:37 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 00:37 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 00:37 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 00:37 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 00:37 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 00:37 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 00:36 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 00:36 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 00:35 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 00:35 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 00:34 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 00:34 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 00:34 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 00:34 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 00:34 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 00:34 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 00:29 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 00:29 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 00:29 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 00:29 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 00:29 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 00:29 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 00:29 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 16:48 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-08-13 00:55 - 2014-08-13 00:59 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 02:05 - 2014-08-07 15:23 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:19 - 2014-08-04 00:42 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 20:18 - 2014-09-03 20:18 - 00022252 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-03 20:18 - 2014-09-03 18:23 - 00000000 ____D () C:\FRST
2014-09-03 20:18 - 2014-03-19 20:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-03 20:15 - 2014-03-19 18:31 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-56534520-2028495375-83417344-1001
2014-09-03 20:07 - 2014-03-22 15:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 20:05 - 2014-06-08 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-09-03 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-03 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-03 19:58 - 2014-06-07 19:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 19:51 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-03 19:49 - 2014-07-14 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-03 19:48 - 2014-07-30 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 19:48 - 2013-11-14 09:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-03 19:46 - 2014-03-24 19:41 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB2AFE3E-8364-41A2-BA5C-F8E0CE4FD5D0}
2014-09-03 19:45 - 2014-08-28 14:40 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 19:45 - 2014-08-23 13:43 - 00603384 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-03 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-03 19:45 - 2013-08-22 15:25 - 00000111 _____ () C:\WINDOWS\win.ini
2014-09-03 19:30 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\TS3Client
2014-09-03 19:25 - 2014-09-03 19:25 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 19:22 - 2014-08-28 14:41 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 19:22 - 2014-03-20 19:47 - 00000000 ___DO () C:\Users\Ste\SkyDrive
2014-09-03 19:21 - 2014-08-28 14:40 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 19:20 - 2014-03-19 19:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-03 19:20 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-03 19:18 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-03 19:16 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-03 18:52 - 2014-09-03 18:51 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:22 - 2014-09-03 18:21 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 18:11 - 2014-03-19 20:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Spotify
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 17:30 - 2014-03-19 18:23 - 00000000 ____D () C:\Users\Ste\AppData\Local\VirtualStore
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-03 02:01 - 2014-03-19 20:01 - 00000000 ____D () C:\Users\Ste\AppData\Local\Adobe
2014-09-03 00:01 - 2014-05-01 00:03 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\.minecraft
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:19 - 2014-03-19 18:22 - 00000000 ____D () C:\Users\Ste\AppData\Local\Packages
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 20:59 - 2014-03-22 16:06 - 00001456 _____ () C:\Users\Ste\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-02 15:32 - 2014-08-28 14:31 - 00002742 _____ () C:\WINDOWS\PFRO.log
2014-09-02 15:20 - 2014-03-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 15:18 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:18 - 2014-06-11 23:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:13 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\ContextFree
2014-09-02 15:11 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Skype
2014-08-31 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-31 15:25 - 2014-06-21 16:11 - 00000000 ____D () C:\Users\Ste\AppData\Local\Game Dev Tycoon
2014-08-30 19:44 - 2013-08-22 16:44 - 05223864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-30 14:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 22:41 - 2014-08-26 20:54 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-29 22:36 - 2014-03-22 16:16 - 00000000 ____D () C:\ProgramData\Origin
2014-08-29 22:35 - 2014-03-22 16:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-29 21:49 - 2014-08-29 21:48 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 21:37 - 2014-03-22 22:01 - 00000600 _____ () C:\Users\Ste\AppData\Roaming\winscp.rnd
2014-08-29 16:43 - 2014-03-22 16:31 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-08-29 03:13 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Ste
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:45 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Local\Google
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:40 - 2014-08-28 14:39 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:40 - 2014-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-27 21:11 - 2014-08-27 21:08 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 16:17 - 2014-06-07 15:56 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft
2014-08-26 14:08 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-25 18:40 - 2014-04-06 00:54 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-08-25 14:26 - 2014-03-19 20:33 - 00000000 ____D () C:\Users\Ste\AppData\Local\Spotify
2014-08-24 20:47 - 2014-05-31 13:43 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-24 20:45 - 2014-04-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-24 00:07 - 2014-04-01 20:23 - 00000000 ____D () C:\Users\Ste\Documents\My Games
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 02:42 - 2014-08-28 14:52 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:47 - 2014-05-01 01:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-22 18:42 - 2014-04-08 16:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-22 18:31 - 2014-06-07 17:11 - 00003648 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-03-24 19:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 14:05 - 2014-08-22 14:06 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 20:48 - 2014-07-26 23:52 - 00000000 ____D () C:\Users\Ste\AppData\Local\ftblauncher
2014-08-19 19:57 - 2014-03-19 23:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 19:52 - 2014-03-19 23:11 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:22 - 2014-04-04 21:47 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\HpUpdate
2014-08-16 19:22 - 2014-04-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-16 19:22 - 2014-04-04 21:44 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 15:51 - 2014-07-20 11:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 22:51 - 2014-04-03 13:38 - 00000000 ____D () C:\Users\Ste\AppData\Local\DayZ
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 14:23 - 2014-03-19 19:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-15 13:00 - 2014-07-10 23:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 00:59 - 2014-08-13 00:55 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 15:23 - 2014-08-07 02:05 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-07 04:12 - 2014-08-15 00:34 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 00:35 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-06 00:04 - 2014-04-12 23:58 - 00000000 ____D () C:\Program Files\OBS
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:42 - 2014-08-04 00:19 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4
2014-08-04 00:41 - 2014-04-06 00:54 - 00000000 ____D () C:\Users\Ste\AppData\Local\PunkBuster

Some content of TEMP:
====================
C:\Users\Ste\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-03 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Ste at 2014-09-03 20:19:16
Running from C:\Users\Ste\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.18.0 - Mirillis)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BCC 8 OFX 64Bit (HKLM\...\{24D38864-527F-4688-B831-A1A4CC60CD54}) (Version: 8.0.1 - Boris FX, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
ContextFree (HKCU\...\ContextFree) (Version:  - )
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 3.9.7.6 - )
Game Dev Tycoon Version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.102 - Google Inc.)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
GTA IV Vehicle Mod Installer v1.2 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.2_is1) (Version:  - MobileD2)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Interstellar Marines (HKLM-x32\...\Steam App 236370) (Version:  - Zero Point Software)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JetBrains dotPeek 1.1 (HKLM-x32\...\{D5A5829D-E916-4277-8E08-2EBD98EC4A10}) (Version: 1.1.1.33 - JetBrains Inc)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.7.19.0 - Red Giant, LLC)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
spotimote (HKLM-x32\...\spotimote) (Version:  - )
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek GmbH)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.5.2 (HKLM-x32\...\winscp3_is1) (Version: 5.5.2 - Martin Prikryl)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-56534520-2028495375-83417344-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

22-08-2014 12:04:09 Installed Java 7 Update 67
23-08-2014 22:01:47 Microsoft Visual C++ 2005 Redistributable wird installiert
29-08-2014 19:46:21 DirectX wurde installiert
03-09-2014 17:42:48 Removed Microsoft Office Professional Plus 2013
03-09-2014 17:43:37 PROPLUSR

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-04-05 23:47 - 00001583 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 ns1.paka-service.com
127.0.0.1 ns2.paka-service.com
127.0.0.1 ns356781.ovh.net
127.0.0.1 www.Mirillis.com
127.0.0.1 HOST-190.EDGE-FO.IAD3.VERISIGN.COM
127.0.0.1 TGV.ANYCAST-FO.CHI2.VERISIGN.COM
127.0.0.1 OCSP.TKO2.VERISIGN.COM
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 crl.verisign.net
127.0.0.1 cs-g2-crl.thawte.com
127.0.0.1 ocsp.thawte.com
127.0.0.1 a23-53-181-163.deploy.static.akamaitechnologies.com
127.0.0.1 a23-37-37-163.deploy.static.akamaitechnologies.com
127.0.0.1 a23-63-133-163.deploy.static.akamaitechnologies.com
127.0.0.1 a92-123-69-197.deploy.akamaitechnologies.com
127.0.0.1 a92-123-69-244.deploy.akamaitechnologies.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05FD59E3-F651-4762-BDC1-30744F8E173B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {16573DAE-3E4C-42B9-B0FA-35C68CA64A6C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4ACAB9CE-8EC5-425D-BA9F-3133751D1504} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {4EE7CBFF-8912-4283-9650-AEEEC42C6663} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2013-10-10] ()
Task: {5D7D0E15-0DF5-4369-99CA-F4D5FAB26313} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {5E1EC58D-450A-4F37-A8BB-AFBB915A47B8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-19] (Microsoft Corporation)
Task: {6208A349-A126-4ABE-B9A4-7E3FE0D36362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7289EF42-5A0D-4C21-95E0-20272D406F0B} - System32\Tasks\Driver Booster SkipUAC (Ste) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {72B8EDB2-26DE-4189-B753-4B519293A0AA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B0348A46-BCCD-4985-9DA8-D4672CF1EB0A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-StefanRinas@live.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {C8B670C1-9214-4932-A3AE-4DFD181D905C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {C8BA637D-0D2D-4CAD-8117-85AD52FEF97E} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-07-14] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E17FAEC4-ABCB-49E0-ADEC-95E9C654489E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FF359962-4398-47FD-A738-D79CFC5C6DFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-29 22:50 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 12:24 - 2014-03-20 12:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-15 15:41 - 2014-01-29 19:14 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2014-05-15 15:41 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-08-05 17:27 - 2014-08-05 17:27 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-05-31 13:43 - 2014-08-24 20:47 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-15 14:23 - 2014-08-15 14:23 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2012-01-10 14:41 - 2014-06-03 16:41 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2014-07-01 14:26 - 2014-07-01 14:26 - 00596480 _____ () C:\Users\Ste\AppData\Local\ContextFree\nvcmd.exe
2014-08-29 15:03 - 2014-08-28 05:59 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\libglesv2.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\libegl.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 10329416 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\pdf.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\ppGoogleNaClPluginChrome.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\ffmpegsumo.dll
2014-08-29 15:03 - 2014-08-28 05:59 - 26610504 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.102\PepperFlash\pepflashplayer.dll
2014-07-11 16:00 - 2014-07-11 16:00 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 16:28 - 2014-09-03 16:28 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 13:35 - 2014-08-21 00:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-08-28 20:53 - 2014-08-28 13:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 13:35 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-28 20:53 - 2014-08-28 13:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-11 16:00 - 2014-07-11 16:00 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-22 13:35 - 2014-08-21 00:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ste\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKCU\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
HKCU\...\StartupApproved\Run: => "ESL Wire"
HKCU\...\StartupApproved\Run: => "TeamSpeak 3 Client"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 08:05:02 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: )
Description: Help Content Manager exited with error: NoBooksToUninstall

Error: (09/03/2014 08:03:50 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: )
Description: Der Hilfeinhalts-Manager wurde mit einem Fehler beendet: NoBooksToUninstall

Error: (09/03/2014 07:22:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 1.14.17.0, Zeitstempel: 0x521fbc82
Name des fehlerhaften Moduls: daemonu.exe, Version: 1.14.17.0, Zeitstempel: 0x521fbc82
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0004d623
ID des fehlerhaften Prozesses: 0x5c8
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Vollständiger Name des fehlerhaften Pakets: daemonu.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: daemonu.exe5

Error: (09/03/2014 07:15:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (09/03/2014 07:05:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1440

Startzeit: 01cfc79896a79dfc

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 8cf57334-338c-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 06:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17dc

Startzeit: 01cfc7967e24fad5

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 7657e5b8-338a-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 06:35:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10c8

Startzeit: 01cfc79465dae316

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 5bb3ee16-3388-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 06:20:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ddc

Startzeit: 01cfc7924d42b7c2

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 468b0160-3386-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 06:05:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16ec

Startzeit: 01cfc79034f61083

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 2a9ea191-3384-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/03/2014 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b4c

Startzeit: 01cfc78e1c60a578

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 135bd80f-3382-11e4-becd-4c72b9ad97be

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App


System errors:
=============
Error: (09/03/2014 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2014 07:16:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (09/03/2014 07:16:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NvNetworkService erreicht.

Error: (09/03/2014 02:46:14 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:14 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:10 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/03/2014 02:46:08 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (09/03/2014 02:46:08 AM) (Source: DCOM) (EventID: 10010) (User: CAPTAINPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/02/2014 03:39:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/02/2014 03:38:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 08:05:02 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: )
Description: Help Content Manager exited with error: NoBooksToUninstall

Error: (09/03/2014 08:03:50 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: )
Description: Der Hilfeinhalts-Manager wurde mit einem Fehler beendet: NoBooksToUninstall

Error: (09/03/2014 07:22:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: daemonu.exe1.14.17.0521fbc82daemonu.exe1.14.17.0521fbc82c00004170004d6235c801cfc79b87f7c8c3C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exedf7df748-338e-11e4-bece-4c72b9ad97be

Error: (09/03/2014 07:15:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (09/03/2014 07:05:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031144001cfc79896a79dfc4294967295C:\WINDOWS\syswow64\wwahost.exe8cf57334-338c-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 06:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703117dc01cfc7967e24fad54294967295C:\WINDOWS\syswow64\wwahost.exe7657e5b8-338a-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 06:35:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703110c801cfc79465dae3164294967295C:\WINDOWS\syswow64\wwahost.exe5bb3ee16-3388-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 06:20:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311ddc01cfc7924d42b7c24294967295C:\WINDOWS\syswow64\wwahost.exe468b0160-3386-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 06:05:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703116ec01cfc79034f610834294967295C:\WINDOWS\syswow64\wwahost.exe2a9ea191-3384-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (09/03/2014 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031b4c01cfc78e1c60a5784294967295C:\WINDOWS\syswow64\wwahost.exe135bd80f-3382-11e4-becd-4c72b9ad97beMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp


CodeIntegrity Errors:
===================================
  Date: 2014-03-20 13:21:14.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe\Platform.winmd that did not meet the Store signing level requirements.

  Date: 2014-03-20 00:46:54.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 8074.35 MB
Available physical RAM: 4498.08 MB
Total Pagefile: 9546.35 MB
Available Pagefile: 4838.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:247.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 734FB2D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Habe jetzt soweit alles gelöscht und es dürfte nichts mehr illegales drauf sein.

deeprybka · 03.09.2014, 19:27

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Malwarebytes Antimalware

Download-Link
Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 3

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

CaptainZ · 03.09.2014, 21:14

AdwCleaner

Code:

ATTFilter

# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 21:22:04
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Ste - CAPTAINPC
# Gestartet von : C:\Users\Ste\Downloads\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Users\Ste\AppData\Local\ContextFree
Ordner Gelöscht : C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\staged\faststartff@gmail.com

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\ContextFree
Schlüssel Gelöscht : HKCU\Software\InetStat

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\prefs.js ]


-\\ Google Chrome v37.0.2062.103

[ Datei : C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1379 octets] - [03/09/2014 21:21:33]
AdwCleaner[S0].txt - [1213 octets] - [03/09/2014 21:22:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1273 octets] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.09.2014
Suchlauf-Zeit: 21:33:38
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.03.08
Rootkit Datenbank: v2014.08.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Ste

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 377310
Verstrichene Zeit: 28 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HD-V9.4, In Quarantäne, [8019a920a3d873c3f9a9857e8a799e62], 

Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-56534520-2028495375-83417344-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [79202f9a3d3e0333630e8d713fc3d927]

Registrierungsdaten: 2
PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Gut: (www.google.com), Schlecht: (%appdata%\SimplyTech\home\home.htm),Ersetzt,[4d4cd6f3e49778be40893ba68e76a25e]
PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Gut: (www.google.com), Schlecht: (%appdata%\SimplyTech\home\home.htm),Ersetzt,[366335941962fa3ce8e1ae33c044936d]

Ordner: 2
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, In Quarantäne, [b5e4715802790a2cc8edef0c21e1a060], 
PUP.Optional.Sweetpacks, C:\Program Files (x86)\SWEETPACKS, In Quarantäne, [3f5a9534c2b930060601339511f147b9], 

Dateien: 7
PUP.Optional.TenkiTechnology, C:\Program Files (x86)\FreeHideIP\FreeHideIP.exe, In Quarantäne, [435626a3cab1ab8b10464f85ff05ca36], 
PUP.Optional.Amonetize, C:\Users\Ste\AppData\Local\Temp\_avast_\unp162159114.tmp\13.exe, In Quarantäne, [8d0cb81134473cfa6e878e1627da53ad], 
PUP.HackTool.LOIC, C:\Users\Ste\Downloads\LOIC.exe, In Quarantäne, [f3a6973287f42a0c1495d87e04fc12ee], 
PUP.Optional.OpenCandy, C:\Users\Ste\Downloads\DTLite4491-0356.exe, In Quarantäne, [a1f83396473467cfa33c54bdc04545bb], 
PUP.Optional.TenkiTechnology, C:\Users\Ste\Downloads\FreeHideIP-3.9.7.6.Setup.exe, In Quarantäne, [24753f8a90ebea4c2b2bd5ff0afaeb15], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, In Quarantäne, [b5e4715802790a2cc8edef0c21e1a060], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, In Quarantäne, [b5e4715802790a2cc8edef0c21e1a060], 

Physische Sektoren: 0
(No malicious items detected)


(end)

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Ste (administrator) on CAPTAINPC on 03-09-2014 22:12:40
Running from C:\Users\Ste\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Windows\AutoKMS\AutoKMS.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-06-03] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {249684e7-0b46-11e4-beba-4c72b9ad97be} - "E:\SETUP.EXE" 
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {63d56146-fe26-11e3-bea9-4c72b9ad97be} - "E:\setup\rsrc\Autorun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46E8CD6D9043CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {28D12899-03A0-406E-8858-1591705DE945} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\staged [2014-09-03]
FF Extension: DownloadHelper - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-19]

Chrome: 
=======
CHR Profile: C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-20]
CHR Extension: (BetterTTV) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-20]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-20]
CHR Extension: (plugCubed) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmcolnbeaedhcaiafolaaiokicobgc [2014-07-20]
CHR Extension: (Google Search) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-20]
CHR Extension: (Tampermonkey) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-16]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-07-20]
CHR Extension: (Google Play Music) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-20]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-07-20]
CHR Extension: (Webcam Toy) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-19]
CHR Extension: (Gmail) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncbbbpddkdpkckkbifnfgmfbnocdmih [2014-07-20]
CHR Extension: (Lounge Companion (Dota 2 & CS:GO)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-25] () [File not signed]
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R2 hmip; C:\WINDOWS\system32\Drivers\hmip64.sys [38760 2013-06-19] (Hide My IP)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wlreadun; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 22:13 - 2014-09-03 22:13 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 22:12 - 2014-09-03 22:12 - 00021819 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-03 21:32 - 2014-09-03 22:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 21:32 - 2014-09-03 21:32 - 00001086 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 21:32 - 2014-09-03 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ste\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:31 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 21:31 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-03 21:31 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-03 21:31 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-03 21:12 - 2014-09-03 21:22 - 00000000 ____D () C:\AdwCleaner
2014-09-03 21:12 - 2014-09-03 21:12 - 01370483 _____ () C:\Users\Ste\Downloads\adwcleaner_3.309.exe
2014-09-03 20:19 - 2014-09-03 20:19 - 00045560 _____ () C:\Users\Ste\Desktop\Addition.txt
2014-09-03 18:51 - 2014-09-03 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:23 - 2014-09-03 22:12 - 00000000 ____D () C:\FRST
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:21 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 15:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:13 - 2014-09-02 15:18 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-08-29 21:48 - 2014-08-29 21:49 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:52 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 14:41 - 2014-09-03 22:11 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-09-03 22:08 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 14:40 - 2014-09-03 21:45 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:39 - 2014-08-28 14:40 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:31 - 2014-09-03 22:07 - 00005524 _____ () C:\WINDOWS\PFRO.log
2014-08-27 21:08 - 2014-08-27 21:11 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 20:54 - 2014-08-29 22:41 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 14:06 - 2014-08-26 14:08 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 13:43 - 2014-09-03 22:06 - 00630941 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 13:00 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 13:00 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 00:44 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 00:44 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 00:37 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 00:37 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 00:37 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 00:37 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 00:37 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 00:37 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 00:37 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 00:37 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 00:37 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 00:37 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 00:37 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 00:36 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 00:36 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 00:35 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 00:35 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 00:34 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 00:34 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 00:34 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 00:34 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 00:34 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 00:34 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 00:29 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 00:29 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 00:29 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 00:29 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 00:29 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 00:29 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 00:29 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 16:48 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-08-13 00:55 - 2014-08-13 00:59 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 02:05 - 2014-08-07 15:23 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:19 - 2014-08-04 00:42 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 22:13 - 2014-09-03 22:13 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-09-03 22:13 - 2014-09-03 22:12 - 00021819 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-03 22:13 - 2014-03-19 18:31 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-56534520-2028495375-83417344-1001
2014-09-03 22:12 - 2014-09-03 18:23 - 00000000 ____D () C:\FRST
2014-09-03 22:11 - 2014-08-28 14:41 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 22:10 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\TS3Client
2014-09-03 22:09 - 2014-03-20 19:47 - 00000000 ___DO () C:\Users\Ste\SkyDrive
2014-09-03 22:09 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-03 22:08 - 2014-09-03 21:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 22:08 - 2014-08-28 14:40 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 22:07 - 2014-08-28 14:31 - 00005524 _____ () C:\WINDOWS\PFRO.log
2014-09-03 22:07 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-03 22:06 - 2014-08-23 13:43 - 00630941 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-03 22:06 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-03 22:03 - 2014-07-20 01:40 - 00000000 ____D () C:\Program Files (x86)\FreeHideIP
2014-09-03 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-03 21:45 - 2014-08-28 14:40 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 21:32 - 2014-09-03 21:32 - 00001086 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 21:32 - 2014-09-03 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-03 21:32 - 2014-09-03 21:31 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ste\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:31 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 21:24 - 2013-08-22 16:44 - 05224144 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-03 21:22 - 2014-09-03 21:12 - 00000000 ____D () C:\AdwCleaner
2014-09-03 21:12 - 2014-09-03 21:12 - 01370483 _____ () C:\Users\Ste\Downloads\adwcleaner_3.309.exe
2014-09-03 20:54 - 2014-03-24 19:41 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB2AFE3E-8364-41A2-BA5C-F8E0CE4FD5D0}
2014-09-03 20:19 - 2014-09-03 20:19 - 00045560 _____ () C:\Users\Ste\Desktop\Addition.txt
2014-09-03 20:18 - 2014-03-19 20:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-03 20:07 - 2014-03-22 15:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 20:05 - 2014-06-08 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-09-03 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-03 19:58 - 2014-06-07 19:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 19:51 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-03 19:49 - 2014-07-14 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-03 19:48 - 2014-07-30 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 19:48 - 2013-11-14 09:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-03 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-03 19:45 - 2013-08-22 15:25 - 00000111 _____ () C:\WINDOWS\win.ini
2014-09-03 19:20 - 2014-03-19 19:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-03 18:52 - 2014-09-03 18:51 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:22 - 2014-09-03 18:21 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 18:11 - 2014-03-19 20:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Spotify
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 17:30 - 2014-03-19 18:23 - 00000000 ____D () C:\Users\Ste\AppData\Local\VirtualStore
2014-09-03 02:08 - 2014-09-03 02:08 - 11357644 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-03 02:01 - 2014-03-19 20:01 - 00000000 ____D () C:\Users\Ste\AppData\Local\Adobe
2014-09-03 00:01 - 2014-05-01 00:03 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\.minecraft
2014-09-02 22:08 - 2014-09-02 22:08 - 00022800 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:19 - 2014-03-19 18:22 - 00000000 ____D () C:\Users\Ste\AppData\Local\Packages
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 20:59 - 2014-03-22 16:06 - 00001456 _____ () C:\Users\Ste\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-02 15:20 - 2014-03-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 15:18 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:18 - 2014-06-11 23:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:11 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Skype
2014-08-31 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-31 15:25 - 2014-06-21 16:11 - 00000000 ____D () C:\Users\Ste\AppData\Local\Game Dev Tycoon
2014-08-30 14:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 22:41 - 2014-08-26 20:54 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-29 22:36 - 2014-03-22 16:16 - 00000000 ____D () C:\ProgramData\Origin
2014-08-29 22:35 - 2014-03-22 16:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-29 21:49 - 2014-08-29 21:48 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 21:37 - 2014-03-22 22:01 - 00000600 _____ () C:\Users\Ste\AppData\Roaming\winscp.rnd
2014-08-29 16:43 - 2014-03-22 16:31 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-08-29 03:13 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Ste
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:45 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Local\Google
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:40 - 2014-08-28 14:39 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:40 - 2014-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-27 21:11 - 2014-08-27 21:08 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 16:17 - 2014-06-07 15:56 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft
2014-08-26 14:08 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-25 18:40 - 2014-04-06 00:54 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-08-25 14:26 - 2014-03-19 20:33 - 00000000 ____D () C:\Users\Ste\AppData\Local\Spotify
2014-08-24 20:47 - 2014-05-31 13:43 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-24 20:45 - 2014-04-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-24 00:07 - 2014-04-01 20:23 - 00000000 ____D () C:\Users\Ste\Documents\My Games
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 02:42 - 2014-08-28 14:52 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:47 - 2014-05-01 01:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-22 18:42 - 2014-04-08 16:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-22 18:31 - 2014-06-07 17:11 - 00003648 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-03-24 19:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 14:05 - 2014-08-22 14:06 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 20:48 - 2014-07-26 23:52 - 00000000 ____D () C:\Users\Ste\AppData\Local\ftblauncher
2014-08-19 19:57 - 2014-03-19 23:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 19:52 - 2014-03-19 23:11 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-17 00:04 - 2014-08-17 00:04 - 00000150 _____ () C:\Users\Ste\Desktop\btcn.txt
2014-08-16 19:22 - 2014-04-04 21:47 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\HpUpdate
2014-08-16 19:22 - 2014-04-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-16 19:22 - 2014-04-04 21:44 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 15:51 - 2014-07-20 11:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 22:51 - 2014-04-03 13:38 - 00000000 ____D () C:\Users\Ste\AppData\Local\DayZ
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 14:23 - 2014-03-19 19:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-15 13:00 - 2014-07-10 23:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 00:59 - 2014-08-13 00:55 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 15:23 - 2014-08-07 02:05 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-07 04:12 - 2014-08-15 00:34 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 00:35 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-06 00:04 - 2014-04-12 23:58 - 00000000 ____D () C:\Program Files\OBS
2014-08-04 01:02 - 2014-08-04 01:02 - 00011752 _____ () C:\Users\Ste\Downloads\hitsound.wav
2014-08-04 00:42 - 2014-08-04 00:19 - 00000000 ____D () C:\Users\Ste\Documents\Battlefield 4
2014-08-04 00:41 - 2014-04-06 00:54 - 00000000 ____D () C:\Users\Ste\AppData\Local\PunkBuster

Some content of TEMP:
====================
C:\Users\Ste\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-03 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Ok, fertig bis jetzt ist alles ruhig.

deeprybka · 03.09.2014, 21:32

Code:

ATTFilter

FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"

Bekannt? Kann gelöscht werden?

Dann mach auch gleich ESET bitte:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

CaptainZ · 04.09.2014, 02:37

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a23fd72d97b2c940ae6fbcd0d0bfc1b7
# engine=19984
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-04 01:31:53
# local_time=2014-09-04 03:31:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 1086072 14546274 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3939057 14177834 0 0
# scanned=502512
# found=9
# cleaned=0
# scan_time=17664
sh=411D4E2630321CEAB967252BB00D9CDC96AB6106 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Program Files (x86)\Steam\config\overlayhtmlcache\f_00015a"
sh=9A34277221E82CCE8B73C65AFC86C6B0DA1EF935 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zurgop.BK Trojaner" ac=I fn="C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\200062ac\report_id.zip"
sh=2DBE6E8C4D23D8B317E95C3AE652D0B2D8223FC2 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zurgop.BK Trojaner" ac=I fn="C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b1f7\photo.zip"
sh=54690F3322FCA5731CCD8D3658B384A9B46375BC ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.BKXX Trojaner" ac=I fn="C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b459\photo.zip"
sh=D6A226DF95EAC65CC337011A9B940025E77E73C5 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zurgop.BK Trojaner" ac=I fn="C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b7e2\photo.zip"
sh=6EBEE3CFCEB5FCD91D49765EA9AB931EB34B5617 ft=1 fh=85dcf4977dc67c44 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ste\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe"
sh=55C46A799DAEEE2FF4B49E13DA142FBB775D96C1 ft=1 fh=d6eaabd957bb62d7 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ste\Downloads\gb3-setup.exe"
sh=10854777BCC16D7DF4689F69A53722896E1E3F4D ft=1 fh=d1601a97a386572a vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ste\Downloads\iDevice Manager iPhone Explorer - CHIP-Downloader.exe"
sh=B7A11854D6E75912B86CE1CB10F8E53510810CD5 ft=1 fh=86ae7f4984e7d0a0 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ste\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe"

deeprybka · 04.09.2014, 11:51

Hi,

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

C:\Program Files (x86)\Steam\config\overlayhtmlcache\f_00015a
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\200062ac\report_id.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b1f7\photo.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b459\photo.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b7e2\photo.zip
C:\Users\Ste\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe
C:\Users\Ste\Downloads\gb3-setup.exe
C:\Users\Ste\Downloads\iDevice Manager iPhone Explorer - CHIP-Downloader.exe
C:\Users\Ste\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
ProxyServer: http=;ftp=;https=;
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"
FF NetworkProxy: "type", 0
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Windows\AutoKMS\
EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

03.09.2014, 17:45	#5
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Chrome öffnet Tabs mit Werbung! Hi, das hier gelesen? __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

03.09.2014, 18:04	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Chrome öffnet Tabs mit Werbung! Z.B. das Code: ATTFilter 2014-09-02 16:56 - 2014-06-08 20:05 - 00000000 ____D () C:\Users\Ste\Downloads\Visual+Studio+2013+crack __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Chrome öffnet Tabs mit Werbung!

Plagegeister aller Art und deren Bekämpfung: Chrome öffnet Tabs mit Werbung!