Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?


Plagegeister aller Art und deren Bekämpfung: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.02.2015, 00:16   #1
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?


Guten Abend,
Avast hat bei mir kennwortgeschützte Archive gefunden, ich bin unsicher welchen sinn diese Archive haben, die Archive heißen wie folgt:
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbutton.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbuttonfinished.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgcloseprogram.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarempty.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarerror.png

Systemscan mit FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Nagel (administrator) on NAGEL-PC on 03-02-2015 00:09:36
Running from C:\Users\Nagel\Desktop
Loaded Profiles: Nagel (Available profiles: Nagel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Farbar) C:\Users\Nagel\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4838912 2011-12-20] (FNet Co., Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Google Update] => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\webde-suche.xml
FF Extension: ProxTube - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-29]
FF Extension: Adblock Plus - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U35) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Google Update) - C:\Users\Nagel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-26]
CHR Extension: (AdBlock) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-02]
CHR Extension: (Google Wallet) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-11]
StartMenuInternet: Google Chrome.MCGUFTJKQJOMCU353M63HDGSUI - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-11] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-11] (Avast Software)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-11] ()
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-12-20] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-12-20] (FNet Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-11] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 00:09 - 2015-02-03 00:10 - 00016309 _____ () C:\Users\Nagel\Desktop\FRST.txt
2015-02-01 18:36 - 2015-02-01 18:36 - 02131456 _____ (Farbar) C:\Users\Nagel\Desktop\FRST64(1).exe
2015-01-26 23:09 - 2015-01-26 23:12 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel The Agents of S.H.I.E.L.D
2015-01-26 23:09 - 2015-01-26 23:09 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel Guardians of the Galaxy
2015-01-26 18:59 - 2015-01-26 18:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 12:34 - 2015-01-24 12:36 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-34-05.078-aswFe.exe-5640.log
2015-01-24 12:34 - 2015-01-24 12:34 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-34-03.060-AvastVBoxSVC.exe-5596.log
2015-01-24 12:28 - 2015-01-24 12:30 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-28-07.092-aswFe.exe-2980.log
2015-01-24 12:28 - 2015-01-24 12:28 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-28-06.010-AvastVBoxSVC.exe-4240.log
2015-01-24 12:20 - 2015-01-24 12:23 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-20-52.027-aswFe.exe-3908.log
2015-01-24 12:20 - 2015-01-24 12:20 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-20-48.046-AvastVBoxSVC.exe-5580.log
2015-01-23 17:06 - 2015-01-23 17:07 - 00000197 _____ () C:\Windows\system32\2015-01-23-16-06-57.039-AvastVBoxSVC.exe-3168.log
2015-01-23 12:09 - 2015-01-23 12:09 - 00000197 _____ () C:\Windows\system32\2015-01-23-11-09-21.051-AvastVBoxSVC.exe-3516.log
2015-01-22 16:58 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-22 16:55 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-22 16:55 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-22 16:24 - 2015-01-22 16:25 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-24-20.000-AvastVBoxSVC.exe-3768.log
2015-01-21 16:29 - 2015-01-21 16:30 - 00000197 _____ () C:\Windows\system32\2015-01-21-15-29-49.029-AvastVBoxSVC.exe-4252.log
2015-01-20 16:45 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-45-38.083-aswFe.exe-6124.log
2015-01-20 16:40 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-40-48.064-aswFe.exe-5324.log
2015-01-20 16:40 - 2015-01-20 16:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-40-44.060-AvastVBoxSVC.exe-6064.log
2015-01-19 16:32 - 2015-01-19 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-32-01.098-AvastVBoxSVC.exe-3140.log
2015-01-18 21:45 - 2015-01-18 21:46 - 07818296 _____ () C:\Users\Nagel\Downloads\2013_11_21.bmp
2015-01-18 15:55 - 2015-01-18 15:55 - 00000000 __SHD () C:\Users\Nagel\AppData\Local\EmieBrowserModeList
2015-01-18 15:15 - 2015-01-18 15:15 - 00000197 _____ () C:\Windows\system32\2015-01-18-14-15-18.049-AvastVBoxSVC.exe-3144.log
2015-01-15 16:31 - 2015-01-15 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-31-25.077-AvastVBoxSVC.exe-2836.log
2015-01-14 11:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:27 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:27 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:27 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:27 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:27 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 11:17 - 2015-01-14 11:17 - 00000197 _____ () C:\Windows\system32\2015-01-14-10-17-07.099-AvastVBoxSVC.exe-4952.log
2015-01-13 11:37 - 2015-01-13 11:38 - 00000197 _____ () C:\Windows\system32\2015-01-13-10-37-49.032-AvastVBoxSVC.exe-3320.log
2015-01-12 19:58 - 2015-01-12 19:58 - 00000197 _____ () C:\Windows\system32\2015-01-12-18-57-57.028-AvastVBoxSVC.exe-3292.log
2015-01-12 09:35 - 2015-01-12 09:36 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-35-58.034-aswFe.exe-3456.log
2015-01-12 09:30 - 2015-01-12 09:35 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-30-00.085-aswFe.exe-5276.log
2015-01-12 09:29 - 2015-01-12 09:29 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-29-54.084-AvastVBoxSVC.exe-5992.log
2015-01-12 09:22 - 2015-01-12 09:22 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-22-31.010-AvastVBoxSVC.exe-2844.log
2015-01-08 18:18 - 2015-01-08 18:18 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TeamViewer
2015-01-08 17:12 - 2015-01-08 17:12 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-08 17:12 - 2015-01-08 17:12 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-08 17:11 - 2015-01-08 17:11 - 07718224 _____ (TeamViewer GmbH) C:\Users\Nagel\Downloads\TeamViewer_Setup_de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 00:09 - 2014-05-19 18:02 - 00000000 ____D () C:\FRST
2015-02-02 23:51 - 2012-04-02 14:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 23:42 - 2012-09-02 11:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job
2015-02-02 23:34 - 2011-12-29 16:33 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TS3Client
2015-02-02 23:31 - 2011-12-20 03:12 - 01397346 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 23:29 - 2011-12-20 17:29 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Skype
2015-02-02 23:20 - 2013-03-10 12:50 - 00000858 _____ () C:\Windows\client.config.ini
2015-02-02 22:48 - 2012-06-01 16:01 - 00000000 ____D () C:\Users\Nagel\AppData\Local\Deployment
2015-02-02 19:33 - 2012-02-12 17:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-02 19:32 - 2014-10-27 17:11 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 19:32 - 2011-12-20 17:13 - 00000000 ____D () C:\Users\Nagel\AppData\Local\CrashDumps
2015-02-02 19:32 - 2011-12-20 03:08 - 00000000 ____D () C:\Windows\Panther
2015-02-02 17:42 - 2012-09-02 11:35 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job
2015-02-02 16:32 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 16:32 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 16:29 - 2013-10-15 16:55 - 00000000 ___RD () C:\Users\Nagel\Dropbox
2015-02-02 16:29 - 2013-10-15 16:53 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Dropbox
2015-02-02 16:26 - 2011-12-20 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-02 16:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 15:42 - 2012-07-10 11:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-29 23:50 - 2011-12-20 23:20 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\vlc
2015-01-27 16:25 - 2012-04-27 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 23:08 - 2012-07-16 16:44 - 00000000 ____D () C:\Users\Nagel\Documents\Sozialversicherungen
2015-01-25 12:34 - 2014-03-23 20:57 - 00000075 _____ () C:\Users\Nagel\Desktop\Dias-RoM.txt
2015-01-24 23:51 - 2012-04-02 14:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:51 - 2012-04-02 14:55 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:51 - 2011-12-20 17:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 22:56 - 2014-06-15 14:43 - 00000000 ____D () C:\Program Files\Java
2015-01-22 22:56 - 2013-10-17 17:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 22:54 - 2014-07-20 17:18 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-22 22:54 - 2014-06-15 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-22 16:58 - 2014-11-04 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-19 18:23 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-19 18:23 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-19 18:23 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 00:06 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:01 - 2011-12-20 18:48 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 16:15 - 2009-07-14 05:45 - 00299040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 09:07 - 2014-12-23 19:46 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-10 09:07 - 2014-12-23 19:46 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-10 09:07 - 2014-11-19 17:46 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-01-10 09:07 - 2012-12-19 19:50 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-10 00:29 - 2011-03-20 17:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-09 20:47 - 2012-03-15 22:52 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-08 19:00 - 2011-12-20 18:23 - 00065152 _____ () C:\Users\Nagel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-08 09:55 - 2011-12-19 21:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-02-13 19:24 - 2012-07-16 16:52 - 0000600 _____ () C:\Users\Nagel\AppData\Roaming\winscp.rnd
2012-01-05 22:35 - 2012-01-05 22:35 - 0000017 _____ () C:\Users\Nagel\AppData\Local\resmon.resmoncfg
2012-02-13 18:55 - 2011-12-15 18:55 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Nagel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi1gxu2.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 19:03

==================== End Of Log ============================
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Nagel at 2015-02-03 00:10:36
Running from C:\Users\Nagel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Curse Client (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\090215de958f1060) (Version: 4.0.1.260 - Curse)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
F-Stream Tuning v0.1.27.13 (HKLM-x32\...\F-Stream Tuning_is1) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Hama Flashlight Pad (HKLM-x32\...\Hama Flashlight Pad) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
InstantBoot (HKLM-x32\...\InstantBoot_is1) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
QIP 2012 4.0.7000 (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\QIP 2012) (Version: 4.0.7000 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 5.0.5.2592 - Gameforge Productions GmbH)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.6 (HKLM-x32\...\winscp3_is1) (Version: 4.3.6 - Martin Prikryl)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{39049a7d-0377-4db1-aeb5-db60b76870a8}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

13-01-2015 12:13:56 Geplanter Prüfpunkt
15-01-2015 00:00:08 Windows Update
18-01-2015 15:20:27 Windows Update
21-01-2015 16:32:17 Windows Update
27-01-2015 16:37:15 Windows Update
01-02-2015 15:48:12 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {38DC76CE-6A6A-4FA1-8A2B-C46D841009E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {5C1D1930-75D7-4882-942D-EC8EF7646021} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {66AE9055-19FC-4919-8C45-212F6F492A3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {A39C6A1B-D397-413A-8EA5-B1B0E12DCF08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {AEBFCDDB-156A-4184-BE56-31FBA81D96E8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-11] (AVAST Software)
Task: {D3756E5F-1C96-4648-9CE7-CA80D031DA4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {D9BFDBA4-A9F5-4F54-99D7-9CE653E3ED7C} - System32\Tasks\{84F65B50-34CB-4863-90DF-5BDB963DD700} => pcalua.exe -a C:\Users\Nagel\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-01 15:43 - 2015-02-01 15:43 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020100\algo.dll
2015-02-02 16:27 - 2015-02-02 16:27 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2015-02-02 20:32 - 2015-02-02 20:32 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020201\algo.dll
2011-12-20 04:05 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2011-12-20 04:05 - 2009-04-20 11:55 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-11 18:21 - 2014-11-11 18:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-26 18:59 - 2015-01-26 18:59 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-24 23:51 - 2015-01-24 23:51 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:05EE1EEF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Launch LCDMon => "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
MSCONFIG\startupreg: Launch LGDCore => "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
MSCONFIG\startupreg: Launch LgDeviceAgent => "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2764538219-2713831469-2866569616-500 - Administrator - Disabled)
Gast (S-1-5-21-2764538219-2713831469-2866569616-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2764538219-2713831469-2866569616-1006 - Limited - Enabled)
Nagel (S-1-5-21-2764538219-2713831469-2866569616-1000 - Administrator - Enabled) => C:\Users\Nagel

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 06:27:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Client.exe, Version: 6.2.1.2729, Zeitstempel: 0x54ab519c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002defe
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xClient.exe0
Pfad der fehlerhaften Anwendung: Client.exe1
Pfad des fehlerhaften Moduls: Client.exe2
Berichtskennung: Client.exe3

Error: (02/01/2015 07:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: launcher.exe_BaseUpda Application, Version: 1.0.0.1, Zeitstempel: 0x4c233114
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033e3d
ID des fehlerhaften Prozesses: 0x1344
Startzeit der fehlerhaften Anwendung: 0xlauncher.exe_BaseUpda Application0
Pfad der fehlerhaften Anwendung: launcher.exe_BaseUpda Application1
Pfad des fehlerhaften Moduls: launcher.exe_BaseUpda Application2
Berichtskennung: launcher.exe_BaseUpda Application3

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/01/2015 03:40:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/29/2015 09:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: launcher.exe_BaseUpda Application, Version: 1.0.0.1, Zeitstempel: 0x4c233114
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037c2a
ID des fehlerhaften Prozesses: 0x1704
Startzeit der fehlerhaften Anwendung: 0xlauncher.exe_BaseUpda Application0
Pfad der fehlerhaften Anwendung: launcher.exe_BaseUpda Application1
Pfad des fehlerhaften Moduls: launcher.exe_BaseUpda Application2
Berichtskennung: launcher.exe_BaseUpda Application3

Error: (01/27/2015 07:28:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000019e9
ID des fehlerhaften Prozesses: 0x8e4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


System errors:
=============
Error: (02/02/2015 04:27:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (02/01/2015 03:40:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (01/29/2015 04:27:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (01/29/2015 04:25:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Funktionssuche-Ressourcenveröffentlichung erreicht.

Error: (01/28/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSDP-Suche" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/28/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SSDP-Suche erreicht.

Error: (01/28/2015 04:25:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AvastVBox COM Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:27:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Client.exe6.2.1.272954ab519cntdll.dll6.1.7601.18247521ea8e7c00000050002defe165c01d03f037b8aa7d6C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exeC:\Windows\SysWOW64\ntdll.dllc3cf68a5-ab00-11e4-9c4a-002522c3ce18

Error: (02/01/2015 07:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: launcher.exe_BaseUpda Application1.0.0.14c233114ntdll.dll6.1.7601.18247521ea8e7c000000500033e3d134401d03e4dd7cbd5f5C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exeC:\Windows\SysWOW64\ntdll.dll17d33232-aa41-11e4-b2ae-002522c3ce18

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/01/2015 03:40:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/29/2015 09:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: launcher.exe_BaseUpda Application1.0.0.14c233114ntdll.dll6.1.7601.18247521ea8e7c000000500037c2a170401d03c0181febc92C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exeC:\Windows\SysWOW64\ntdll.dllc0e27c19-a7f4-11e4-b08f-002522c3ce18

Error: (01/27/2015 07:28:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000vlc.exe2.1.5.000000000c000000500000000000019e98e401d03a56c95740b5C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exe40dc0565-a652-11e4-b2c1-002522c3ce18

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8174.67 MB
Available physical RAM: 5198.79 MB
Total Pagefile: 16347.53 MB
Available Pagefile: 13192.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System-reserviert) (Fixed) (Total:146.48 GB) (Free:17.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:319.28 GB) (Free:145.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D74F9CD)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Ich hoffe, dass ich schon einmal informationen, die bei der Aufklärung helfen, geben konnte.
Ich freue mich auf hilfreiche antworten .
Lg Troll

 

Themen zu Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?
adware, antivirus, browser, cpu, defender, downloader, failed, firefox, flash player, flashlight, google, helper, homepage, mozilla, realtek, registry, rundll, security, services.exe, software, svchost.exe, trojaner, trojaner?, usb, virus, windows


« Positive Finds - MP3-Converter - Windows 7 - Ergriffene Maßnahmen ohne Erfolg | Datenträger_Auslastung 100% »


Ähnliche Themen: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?


  1. Avast erkennt Malware Prozess:prgramme32/svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 16.07.2015 (8)
  2. Trojaner auf NAS in Archive ZIP/RAR und ISO einfach gelöscht, Sicherheit
    Diskussionsforum - 03.07.2015 (13)
  3. avast erkennt bgbutton finished.png-passwortgeschützte Archive
    Log-Analyse und Auswertung - 01.07.2015 (11)
  4. zonealarm programmdatei als virus? und kennwortgeschützte Archive
    Log-Analyse und Auswertung - 07.06.2014 (10)
  5. Windows 7: Avast erkennt Viren in Java Datei
    Log-Analyse und Auswertung - 07.02.2014 (11)
  6. Windows 7: Avast erkennt Win32:Evo-gen im Steam Ordner - Fehlalarm oder nicht?
    Log-Analyse und Auswertung - 13.01.2014 (7)
  7. avast erkennt eine datei im scan ordner von windows defender als trojaner. mbam nicht. fehlmeldung?
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (5)
  8. AVAST! erkennt GVU Trojaner NICHT
    Antiviren-, Firewall- und andere Schutzprogramme - 22.12.2012 (19)
  9. Avast erkennt eigene Logdatei als Virus?
    Antiviren-, Firewall- und andere Schutzprogramme - 28.06.2012 (2)
  10. Avast: Kennwortgeschützte Archive
    Antiviren-, Firewall- und andere Schutzprogramme - 22.04.2012 (6)
  11. Kaspersky erkennt Virus,Trojaner o.ä. nicht , was nun?
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (24)
  12. Was tun wenn die AV einen Virus oder Trojaner erkennt?
    Antiviren-, Firewall- und andere Schutzprogramme - 22.01.2010 (2)
  13. Avast anti virus trojaner alarm
    Antiviren-, Firewall- und andere Schutzprogramme - 22.11.2009 (4)
  14. Avast erkennt 57018be4.sys immer wieder als virus
    Log-Analyse und Auswertung - 08.04.2009 (1)
  15. Log File - archive.exe - Trojaner?
    Netzwerk und Hardware - 17.05.2007 (14)
  16. Avast erkennt Panda als virus !!!
    Plagegeister aller Art und deren Bekämpfung - 06.10.2005 (4)
  17. Avast erkennt Panda als virus !!!
    Mülltonne - 06.10.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Guten Abend, Avast hat bei mir kennwortgeschützte Archive gefunden, ich bin unsicher welchen sinn diese Archive haben, die Archive heißen wie folgt: C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbutton.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbuttonfinished.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgcloseprogram.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarempty.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarerror.png Systemscan mit FRST - Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?...
Archiv
Du betrachtest: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19