WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild)

MrMoto · 03.02.2015, 16:33

Ich habe ein Problem

Seitdem Avira ein kompletten Computerscan durchgeführt hat kommt immer wen ich eine .exe starte ein Error Namens xxx.exe - Ungültiges Bild. Jenachdem was ich starte steht dort immer eine andere .dll Datei?! Bitte so schnell wie möglich um hilfe !

Habe grade ein Programm von euch gefunden und gesehen das man euch die Log File schicken soll. Hier ist sie :

========================================================================================
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Computer (administrator) on COMPUTER-PC on 03-02-2015 16:18:54
Running from C:\Users\Computer\Downloads
Loaded Profiles: Computer (Available profiles: Computer)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2252800 2009-08-28] (VIA)
HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\MountPoints2: D - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\MountPoints2: {c9463965-be59-11e3-ac63-806e6f6e6963} - D:\cdstart.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [253200 2015-01-28] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [219408 2015-01-28] ()
BootExecute: autocheck autochk * ROBoot64 \??\C:\Windows\system32\ASOROSet.bin

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1321156328-529181414-577969707-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-1321156328-529181414-577969707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
URLSearchHook: HKU\S-1-5-21-1321156328-529181414-577969707-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKU\S-1-5-21-1321156328-529181414-577969707-1000 -> DefaultScope {E37ABD14-4BE7-4f9d-A357-A58C79C88BD1} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1321156328-529181414-577969707-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1321156328-529181414-577969707-1000 -> {83CABBF7-9AED-4FF3-B5AA-4D0BE9EDACD2} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-1321156328-529181414-577969707-1000 -> {B664AFAC-E1F8-4a3d-AFC0-56736F11AF38} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1321156328-529181414-577969707-1000 -> {E37ABD14-4BE7-4f9d-A357-A58C79C88BD1} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {0025320D-4D37-4C73-9A5C-0C28F04068A3} -> C:\Users\Computer\AppData\LocalLow\IE-BHO\bho.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0FA6A0B6-1AE1-43BD-8C95-69C69306C42A&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPD7204262-D530-4BBE-9C43-FE9AD06BD332
FF SearchEngineOrder.3: Bing 
FF Homepage: www.google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1321156328-529181414-577969707-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1321156328-529181414-577969707-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\user.js
FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\searchplugins\trovi-search.xml
FF Extension: Foxi Security - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\Extensions\foxi@securitii-dhfjs.com [2014-11-09]
FF Extension: MEGA - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\Extensions\firefox@mega.co.nz.xpi [2015-01-05]
FF Extension: Adblock Plus - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\6zsj7tyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome: 
=======
CHR HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3505936 2015-01-28] (Client Connect LTD)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-02-03] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-17] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 16:18 - 2015-02-03 16:19 - 00016560 _____ () C:\Users\Computer\Downloads\FRST.txt
2015-02-03 16:18 - 2015-02-03 16:18 - 02131456 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe
2015-02-03 16:18 - 2015-02-03 16:18 - 00000000 ____D () C:\FRST
2015-02-03 15:58 - 2015-02-03 15:58 - 00243664 _____ () C:\Users\Computer\Downloads\Firefox Setup Stub 35.0.1.exe
2015-02-03 15:30 - 2015-02-03 15:30 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2015-02-03 15:30 - 2015-02-03 15:30 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2015-02-03 15:16 - 2015-02-03 15:30 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Solvusoft
2015-02-03 15:15 - 2015-02-03 15:15 - 03894696 _____ (solvusoft Corporation ) C:\Users\Computer\Downloads\HELPER.EXE-Reparaturprogramm-WinThruster.exe
2015-02-03 15:05 - 2015-02-03 15:05 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-03 15:05 - 2015-02-03 15:05 - 00000000 ____D () C:\Users\Computer\Documents\Battlefield 3
2015-02-03 15:04 - 2015-02-03 15:04 - 01533584 _____ () C:\Users\Computer\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-03 15:02 - 2015-02-03 15:02 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2015-02-03 15:02 - 2015-02-03 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-02-03 15:02 - 2015-02-03 15:02 - 00000000 ____D () C:\ProgramData\EA Core
2015-02-03 14:01 - 2015-02-03 14:02 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-03 14:01 - 2015-02-03 14:01 - 00292184 _____ (Microsoft Corporation) C:\Users\Computer\Downloads\dxwebsetup.exe
2015-02-03 14:01 - 2015-02-03 14:01 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-02-03 13:49 - 2015-02-03 13:49 - 01191200 _____ () C:\Users\Computer\Downloads\DirectX - CHIP-Installer.exe
2015-02-03 13:44 - 2015-02-03 13:44 - 00000000 ____D () C:\rei
2015-02-03 13:42 - 2015-02-03 13:42 - 00775968 _____ (Reimage®) C:\Users\Computer\Downloads\ReimageRepair(1).exe
2015-02-02 21:50 - 2015-02-02 21:50 - 07562200 _____ () C:\Users\Computer\Desktop\Cyanit.zip
2015-02-02 16:55 - 2015-02-02 16:55 - 00000000 ___HD () C:\Users\Computer\Desktop\.updtmp
2015-02-02 15:55 - 2015-02-03 13:29 - 00000000 ____D () C:\Users\Computer\AppData\Local\avaxvavya
2015-02-02 15:55 - 2015-02-02 15:55 - 00003492 _____ () C:\Windows\System32\Tasks\avaxvavya
2015-02-01 14:40 - 2015-02-01 14:40 - 23866540 _____ (Craften.de ) C:\Users\Computer\Downloads\craftenterminal(4).exe
2015-01-30 16:49 - 2015-01-30 16:49 - 01879979 _____ () C:\Users\Computer\Downloads\CreativeMode1-4-0.zip
2015-01-30 13:38 - 2015-01-30 13:42 - 301243966 _____ () C:\Users\Computer\Downloads\UE4_ShooterGame.zip
2015-01-30 12:42 - 2015-01-30 12:42 - 00166222 _____ () C:\Users\Computer\Desktop\iConomy(1).jar
2015-01-29 16:31 - 2015-01-29 16:31 - 01879953 _____ () C:\Users\Computer\Downloads\CreativeMode1-3-6(1).zip
2015-01-29 16:21 - 2015-01-29 16:21 - 01879953 _____ () C:\Users\Computer\Downloads\CreativeMode1-3-6.zip
2015-01-29 15:08 - 2015-01-29 15:08 - 00007313 _____ () C:\Users\Computer\Desktop\BloodParticles.jar
2015-01-28 16:21 - 2015-01-28 16:21 - 00000000 ____D () C:\Users\Computer\AppData\Local\Reflections
2015-01-28 14:42 - 2015-01-30 13:42 - 00000000 ____D () C:\Users\Computer\Desktop\Unreal Engine 4
2015-01-25 10:57 - 2015-01-25 10:57 - 03072300 _____ () C:\Users\Computer\Downloads\weather2 v2.3.4 for MC v1.7.10.zip
2015-01-25 10:25 - 2015-01-25 10:25 - 00117637 _____ () C:\Users\Computer\Downloads\WebDisplays-0.11.jar
2015-01-25 10:24 - 2015-01-25 10:24 - 00238181 _____ () C:\Users\Computer\Downloads\MCEF-1.7.10-0.4.jar
2015-01-25 10:17 - 2015-01-25 10:17 - 00214961 _____ () C:\Users\Computer\Downloads\ShadersModCore-v2.3.28-mc1.7.10-f.jar
2015-01-24 20:19 - 2015-01-24 20:21 - 79295653 _____ () C:\Users\Computer\Downloads\New Castol City 2014 2.0.zip
2015-01-23 13:32 - 2015-01-23 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-23 13:32 - 2015-01-23 13:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-22 19:19 - 2015-01-22 19:19 - 00000222 _____ () C:\Users\Computer\Desktop\Farming Simulator 15.url
2015-01-22 17:23 - 2015-01-22 17:23 - 00001283 _____ () C:\Users\Computer\Desktop\Landwirtschafts Simulator 2013 .lnk
2015-01-22 17:23 - 2015-01-22 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2013
2015-01-22 17:22 - 2015-01-22 17:23 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2013
2015-01-21 18:49 - 2015-01-21 20:20 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.crazycraft2
2015-01-20 20:13 - 2015-01-21 18:49 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.voidswrath
2015-01-20 20:13 - 2015-01-21 18:49 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.fellowship2.0
2015-01-20 20:13 - 2015-01-21 18:49 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.dreamcraft
2015-01-20 20:13 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.vanilla1.6.4
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.vanilla162
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.vanilla1.7.2
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.mountolympussiege
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.morphhidenseek
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.mariokart
2015-01-20 20:13 - 2015-01-20 20:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.heliwars
2015-01-20 20:12 - 2015-01-21 18:49 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.pokepack
2015-01-20 20:12 - 2015-01-21 18:49 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.jurassiccraft
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.VoidLauncher
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.vanilla1.7.10
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.vanilla1.5.2
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.fellowship
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.electriciansjourney
2015-01-20 20:12 - 2015-01-21 18:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.crazycraft
2015-01-20 19:20 - 2015-01-20 19:20 - 38232057 _____ () C:\Users\Computer\Downloads\LifeintheWoods1.6_server.rar
2015-01-17 20:10 - 2015-01-22 17:25 - 00000000 ____D () C:\Users\Computer\Documents\My Games
2015-01-17 19:52 - 2015-01-17 19:52 - 00000000 ____D () C:\Users\Computer\AppData\Local\Doctor Entertainment AB
2015-01-17 17:04 - 2015-01-17 17:04 - 03686989 _____ () C:\Users\Computer\Downloads\Brick Force  Hack 2015.rar
2015-01-17 12:05 - 2015-01-17 12:18 - 00000000 ____D () C:\Users\Computer\Downloads\Farming Simulator 15 [MULTI][PCDVD][CODEX][WwW.GamesTorrents.CoM]
2015-01-17 12:04 - 2015-01-17 13:21 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\DAEMON Tools Lite
2015-01-17 12:04 - 2015-01-17 13:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-01-17 12:04 - 2015-01-17 12:04 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2015-01-17 12:03 - 2015-01-17 12:04 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-17 12:01 - 2015-01-17 12:01 - 01678928 _____ (BitTorrent Inc.) C:\Users\Computer\Downloads\uTorrent(2).exe
2015-01-17 12:01 - 2015-01-17 12:01 - 00017854 _____ () C:\Users\Computer\Downloads\[kickass.so]farming.simulator.15.multi.pcdvd.codex.torrent
2015-01-17 12:00 - 2015-01-17 12:01 - 13429504 _____ (Disc Soft Ltd) C:\Users\Computer\Downloads\DTLite4491-0356(1).exe
2015-01-17 10:09 - 2015-01-17 10:18 - 00000000 ____D () C:\Games
2015-01-16 22:55 - 2015-01-16 23:06 - 00000000 ____D () C:\Users\Computer\Downloads\Call of Duty Black Ops repzOps PC game SP-MP-ZM ^^nosTEAM^^
2015-01-16 22:53 - 2015-01-16 22:53 - 01678928 _____ (BitTorrent Inc.) C:\Users\Computer\Downloads\uTorrent(1).exe
2015-01-16 22:53 - 2015-01-16 22:53 - 00052799 _____ () C:\Users\Computer\Downloads\Call of Duty Black Ops repzOps PC game SP-MP-ZM ^^nosTEAM^^.torrent
2015-01-16 21:41 - 2015-01-16 21:42 - 13429504 _____ (Disc Soft Ltd) C:\Users\Computer\Downloads\DTLite4491-0356.exe
2015-01-16 21:36 - 2015-01-16 21:36 - 01678928 _____ (BitTorrent Inc.) C:\Users\Computer\Downloads\uTorrent.exe
2015-01-16 13:15 - 2015-01-16 13:17 - 73255390 _____ () C:\Users\Computer\Downloads\SkyePack2.rar
2015-01-13 20:49 - 2015-01-13 20:49 - 00032905 _____ () C:\Users\Computer\Downloads\Minidozer + v1.1.rar
2015-01-13 20:47 - 2015-01-13 20:47 - 00004155 _____ () C:\Users\Computer\Downloads\Dominator Cheat Gun.zip
2015-01-13 20:11 - 2015-01-13 20:17 - 00000000 ____D () C:\Users\Computer\Desktop\starbound
2015-01-13 20:10 - 2015-01-13 20:10 - 06388000 _____ (Tim Kosse) C:\Users\Computer\Downloads\FileZilla_3.10.0.1_win32-setup.exe
2015-01-11 19:09 - 2015-01-17 20:05 - 02898864 _____ () C:\Users\Computer\Desktop\Das.rar
2015-01-11 18:18 - 2015-01-11 18:33 - 00000000 ____D () C:\Users\Computer\Desktop\Starbound Backups
2015-01-11 12:54 - 2015-01-11 12:55 - 12560935 _____ () C:\Users\Computer\Downloads\StarboudMultiplayerModsByFptbb.zip
2015-01-11 12:52 - 2015-01-11 12:53 - 67741496 _____ () C:\Users\Computer\Downloads\Starbound-Mod-Manager-2.0.2-Windows.zip
2015-01-11 12:11 - 2015-01-11 12:11 - 00023854 _____ () C:\Users\Computer\Downloads\Cheat-Box-1.05.zip
2015-01-11 11:25 - 2015-01-11 11:25 - 00302054 _____ () C:\Users\Computer\Downloads\humanShipUpgrade_T6_r4.zip
2015-01-11 11:12 - 2015-01-11 11:12 - 00000336 _____ () C:\Users\Computer\Downloads\ateam.zip
2015-01-11 10:49 - 2015-01-11 10:49 - 02015596 _____ () C:\Users\Computer\Downloads\CreativeMode1-3-3.zip
2015-01-11 10:44 - 2015-01-11 10:44 - 00055165 _____ () C:\Users\Computer\Downloads\Firefly v1.2.zip
2015-01-11 10:26 - 2015-01-11 10:26 - 00033996 _____ () C:\Users\Computer\Downloads\bulldozer.zip
2015-01-11 10:04 - 2015-01-11 10:04 - 00026438 _____ () C:\Users\Computer\Downloads\FCSModV1.1.EK.zip
2015-01-11 09:59 - 2015-01-11 09:59 - 00059144 _____ () C:\Users\Computer\Downloads\Avian.zip
2015-01-11 09:26 - 2015-01-11 09:26 - 03455987 _____ () C:\Users\Computer\Downloads\XSMech_Pack_v_1_05.rar
2015-01-07 13:35 - 2015-01-18 11:54 - 00000241 _____ () C:\Users\Computer\Desktop\Red Crucible 2.txt
2015-01-06 14:38 - 2015-01-06 14:38 - 00000222 _____ () C:\Users\Computer\Desktop\Starbound.url
2015-01-06 10:55 - 2015-01-06 11:08 - 00027648 _____ () C:\Users\Computer\Desktop\world.db
2015-01-06 10:54 - 2015-01-06 10:54 - 00000644 _____ () C:\Users\Computer\Desktop\CubeLauncher - Verknüpfung.lnk
2015-01-06 10:53 - 2015-01-06 13:16 - 00000000 ____D () C:\Users\Computer\Desktop\CubeWorld
2015-01-06 10:53 - 2015-01-06 13:15 - 00000005 _____ () C:\Users\Computer\Desktop\server.cfg
2015-01-05 23:53 - 2015-01-05 23:53 - 00075264 _____ (Zlib) C:\Users\Computer\Downloads\zlib1.dll
2015-01-05 23:47 - 2015-01-05 23:47 - 00032853 _____ () C:\Users\Computer\Downloads\zlib1.zip
2015-01-05 22:50 - 2015-02-03 16:12 - 00000000 ____D () C:\Users\Computer\AppData\Local\LogMeIn Hamachi
2015-01-05 22:47 - 2015-01-05 22:47 - 01174352 _____ () C:\Users\Computer\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
2015-01-05 22:42 - 2015-01-17 12:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\uTorrent
2015-01-05 22:41 - 2015-01-05 22:42 - 01688656 _____ (BitTorrent Inc.) C:\Users\Computer\Downloads\uTorrent_3.4.2b37594.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 16:02 - 2014-11-07 13:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-03 16:02 - 2014-04-07 14:52 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-03 16:02 - 2014-04-07 14:52 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-03 16:02 - 2014-04-07 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 15:42 - 2014-04-07 15:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 15:28 - 2014-11-29 19:20 - 00000117 _____ () C:\Users\Computer\Desktop\Steam und Origin Account.txt
2015-02-03 15:27 - 2014-04-08 16:21 - 00000000 ____D () C:\ProgramData\Origin
2015-02-03 15:27 - 2014-04-08 16:21 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-03 15:27 - 2014-04-07 16:55 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Skype
2015-02-03 15:26 - 2014-04-07 14:40 - 01651405 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 15:26 - 2009-07-14 05:51 - 00776188 _____ () C:\Windows\setupact.log
2015-02-03 15:08 - 2014-04-08 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-03 15:05 - 2014-11-29 11:57 - 00000000 ____D () C:\Users\Computer\AppData\Local\PunkBuster
2015-02-03 15:05 - 2014-11-26 13:42 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-03 15:04 - 2014-11-26 13:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-03 15:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 15:01 - 2014-11-26 13:42 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-03 15:01 - 2014-11-26 13:42 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-03 15:01 - 2014-04-25 12:08 - 00150760 _____ () C:\Windows\DirectX.log
2015-02-03 14:37 - 2014-11-23 19:22 - 708482751 _____ () C:\Users\Computer\Downloads\SpeedAutoClicker.zip
2015-02-03 13:42 - 2014-04-28 15:07 - 00000099 _____ () C:\Windows\Reimage.ini
2015-02-03 13:41 - 2014-11-29 19:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-03 06:37 - 2009-07-14 05:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 06:37 - 2009-07-14 05:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 06:29 - 2014-04-07 15:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-03 06:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 21:56 - 2014-04-07 16:14 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.minecraft
2015-02-02 19:32 - 2014-04-08 16:21 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Origin
2015-02-02 15:58 - 2010-11-21 04:47 - 00232232 _____ () C:\Windows\PFRO.log
2015-02-02 15:55 - 2014-04-25 22:06 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-02-01 21:36 - 2014-04-07 16:13 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Craften Terminal
2015-02-01 21:30 - 2014-04-07 16:50 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-01 21:30 - 2014-04-07 16:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-01 21:30 - 2014-04-07 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-01 21:30 - 2014-04-07 16:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-01 14:41 - 2014-07-31 20:41 - 00001135 _____ () C:\Users\Public\Desktop\Join our server!.lnk
2015-02-01 14:41 - 2014-04-07 16:13 - 00001103 _____ () C:\Users\Public\Desktop\Craften Terminal.lnk
2015-02-01 14:41 - 2014-04-07 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2015-02-01 14:41 - 2014-04-07 16:13 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2015-01-24 21:42 - 2014-04-07 15:17 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:42 - 2014-04-07 15:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 21:42 - 2014-04-07 15:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-22 19:19 - 2014-11-30 19:38 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-22 17:26 - 2014-04-08 00:35 - 00699190 _____ () C:\Windows\system32\perfh007.dat
2015-01-22 17:26 - 2014-04-08 00:35 - 00149330 _____ () C:\Windows\system32\perfc007.dat
2015-01-22 17:26 - 2009-07-14 06:13 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 18:48 - 2014-05-07 18:06 - 00000000 ____D () C:\VoidLauncher
2015-01-20 19:42 - 2014-04-22 15:27 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\FileZilla
2015-01-20 19:13 - 2014-04-07 16:22 - 04578560 _____ () C:\Users\Computer\Desktop\TechnicLauncher.exe
2015-01-20 19:13 - 2014-04-07 16:22 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.technic
2015-01-14 11:32 - 2014-07-16 16:47 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-11 11:15 - 2014-04-07 15:17 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\vlc
2015-01-08 18:27 - 2014-04-16 08:35 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\TS3Client

Some content of TEMP:
====================
C:\Users\Computer\AppData\Local\Temp\avgnt.exe
C:\Users\Computer\AppData\Local\Temp\bitool.dll
C:\Users\Computer\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Computer\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Computer\AppData\Local\Temp\instructions.exe
C:\Users\Computer\AppData\Local\Temp\nsvD84.exe
C:\Users\Computer\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Computer\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Computer\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Computer\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Computer\AppData\Local\Temp\nvStInst.exe
C:\Users\Computer\AppData\Local\Temp\OpenComputersMod-1.3.3.547-native.64.dll
C:\Users\Computer\AppData\Local\Temp\OpenComputersMod-native.64.dll
C:\Users\Computer\AppData\Local\Temp\PreExe_ID_13296.exe
C:\Users\Computer\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Computer\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Computer\AppData\Local\Temp\SIntf16.dll
C:\Users\Computer\AppData\Local\Temp\SIntf32.dll
C:\Users\Computer\AppData\Local\Temp\SIntfNT.dll
C:\Users\Computer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Computer\AppData\Local\Temp\skype_amd649181090352500085037.dll
C:\Users\Computer\AppData\Local\Temp\smw_FF.exe
C:\Users\Computer\AppData\Local\Temp\sonarinst.exe
C:\Users\Computer\AppData\Local\Temp\utt1D4D.tmp.exe
C:\Users\Computer\AppData\Local\Temp\utt6CF4.tmp.exe
C:\Users\Computer\AppData\Local\Temp\uttB072.tmp.exe
C:\Users\Computer\AppData\Local\Temp\uttFD19.tmp.exe
C:\Users\Computer\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Computer\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 22:45

==================== End Of Log ============================

--- --- ---

schrauber · 03.02.2015, 17:20

Hi,

Addition.txt von FRST fehlt noch

MrMoto · 03.02.2015, 17:49

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Computer at 2015-02-03 17:47:34
Running from C:\Users\Computer\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Brick-Force (EU) (HKLM-x32\...\Steam App 335330) (Version:  - Exe Games Inc.)
Browser Configuration Utility (HKLM-x32\...\{125BA25B-8D21-4029-AA06-47C3AA327AA7}) (Version: 1.0.2.0 - DeviceVM) <==== ATTENTION
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)
Craften Terminal 4.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1 - Craften.de)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.00.33 - )
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version: 6 - ) <==== ATTENTION
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Download Manager 3.9.3 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Gear Up (HKLM-x32\...\Steam App 214420) (Version:  - Doctor Entertainment AB)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
RAR Repair Tool v.4.0 (HKLM-x32\...\RAR Repair Tool_is1) (Version:  - ZRT Labs)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
RollerCoaster Tycoon 3 Demo (HKLM-x32\...\{990036E7-D647-45A4-8F7F-1CB277EF0ABD}) (Version: 1.00.000 - )
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.20.2.12 - Client Connect LTD) <==== ATTENTION
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity 4 (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.1.0.3 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SkyePack 3.1 For Simcity 2013 (HKLM-x32\...\SkyePack 3.1 For Simcity 2013) (Version: 3.1 - Sugc)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1321156328-529181414-577969707-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-01-2015 10:48:57 Geplanter Prüfpunkt
17-01-2015 13:20:42 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte
17-01-2015 16:04:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
17-01-2015 16:04:34 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
17-01-2015 19:52:00 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
17-01-2015 19:52:27 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
22-01-2015 17:23:39 DirectX wurde installiert
03-02-2015 15:00:03 DirectX wurde installiert
03-02-2015 15:18:55 WinThruster Di, Feb 03, 15  15:18
03-02-2015 17:03:55 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A1FBC3E-7E1F-4E65-8E65-086AC4F36096} - System32\Tasks\{5B917ABC-FEEB-4D64-834B-E18B8A016EF7} => pcalua.exe -a C:\Users\Computer\Downloads\forge-1.7.10-10.13.2.1264-installer-win.exe -d C:\Users\Computer\Downloads
Task: {0FE1B50F-435A-461F-9E77-CF051002E0B9} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {5A47EAD4-989F-46C0-A2DE-F812562F658B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {657DC200-A4CD-455D-8209-A9B0E83F660E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {A4EC854B-B7C2-41E0-87E2-2B0057EA0999} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {EC696B08-B4BD-4AE8-89EC-A81C38305F72} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2009-08-20] (ASUSTeK Computer Inc.)
Task: {F9AE3A23-6304-49A2-B3D1-6534E034E133} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {FB0DCB1D-C8C7-4E2D-86E6-34FAC03A7794} - System32\Tasks\avaxvavya => C:\Users\Computer\AppData\Local\avaxvavya\avaxvavya.exe [2015-01-28] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-07 15:08 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-04-07 14:47 - 2009-05-07 09:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-04-07 14:47 - 2009-05-07 09:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-04-07 14:47 - 2008-01-18 07:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2014-04-07 14:47 - 2009-08-28 04:31 - 47601664 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-11-26 13:42 - 2015-02-03 17:05 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-07 14:49 - 2009-01-15 13:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-04-07 14:48 - 2009-06-27 09:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-04-08 16:21 - 2015-01-31 15:42 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-11-05 21:26 - 2015-01-31 15:42 - 00060928 _____ () C:\Program Files (x86)\Origin\audio\qtaudio_windows.dll
2014-11-07 13:32 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-24 21:42 - 2015-01-24 21:42 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Computer\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Computer\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Computer\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Computer\AppData\Roaming:NT2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1321156328-529181414-577969707-500 - Administrator - Disabled)
Computer (S-1-5-21-1321156328-529181414-577969707-1000 - Administrator - Enabled) => C:\Users\Computer
Gast (S-1-5-21-1321156328-529181414-577969707-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1321156328-529181414-577969707-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2015 03:26:21 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
   bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
   bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
   bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
   bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
   bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   bei S...

Error: (02/03/2015 06:31:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 07:53:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShooterGame.exe, Version 4.0.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 404

Startzeit: 01d03f190a03eae9

Endzeit: 182

Anwendungspfad: C:\Users\Computer\Desktop\Unreal Engine 4\WabbleSchwabbleShooter\shootergame\binaries\win64\ShooterGame.exe

Berichts-ID:

Error: (02/02/2015 04:02:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.0.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1710

Startzeit: 01d03ef92812ba30

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:

Error: (02/02/2015 04:00:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 01:57:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm starbound.exe, Version 0.9.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a34

Startzeit: 01d03ee7a0aebfc7

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe

Berichts-ID: f8ef0690-aada-11e4-8361-485b39c64024

Error: (02/02/2015 09:52:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2015 09:25:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2015 08:41:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm starbound.exe, Version 0.9.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16a0

Startzeit: 01d03e563a4b8eea

Endzeit: 35

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe

Berichts-ID: 5e741609-aa4a-11e4-8c54-485b39c64024

Error: (02/01/2015 08:35:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm starbound.exe, Version 0.9.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14c8

Startzeit: 01d03e55fef04acb

Endzeit: 23

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe

Berichts-ID: 7474c1e9-aa49-11e4-8c54-485b39c64024


System errors:
=============
Error: (02/03/2015 03:26:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/02/2015 10:06:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/02/2015 08:23:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/02/2015 08:23:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/02/2015 08:23:39 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/02/2015 04:00:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/02/2015 03:59:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/02/2015 03:59:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (02/02/2015 03:16:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/02/2015 03:16:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (02/03/2015 03:26:21 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
   bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
   bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
   bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
   bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
   bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
   bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   bei S...

Error: (02/03/2015 06:31:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 07:53:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ShooterGame.exe4.0.1.040401d03f190a03eae9182C:\Users\Computer\Desktop\Unreal Engine 4\WabbleSchwabbleShooter\shootergame\binaries\win64\ShooterGame.exe

Error: (02/02/2015 04:02:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.0.0.102171001d03ef92812ba3010C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (02/02/2015 04:00:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 01:57:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: starbound.exe0.9.0.01a3401d03ee7a0aebfc75C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exef8ef0690-aada-11e4-8361-485b39c64024

Error: (02/02/2015 09:52:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2015 09:25:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2015 08:41:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: starbound.exe0.9.0.016a001d03e563a4b8eea35C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe5e741609-aa4a-11e4-8c54-485b39c64024

Error: (02/01/2015 08:35:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: starbound.exe0.9.0.014c801d03e55fef04acb23C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe7474c1e9-aa49-11e4-8c54-485b39c64024


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 31%
Total physical RAM: 7671.05 MB
Available physical RAM: 5218.32 MB
Total Pagefile: 15340.29 MB
Available Pagefile: 12184.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:250.38 GB) NTFS
Drive d: (FS13 Titanium) (CDROM) (Total:1.97 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2E9215CF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 03.02.2015, 21:12

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Browser Configuration Utility

Foxy Secure

Search Protect
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

MrMoto · 04.02.2015, 16:31

Oh vielen Tausend Dank alles funktzioniert wieder !

schrauber · 05.02.2015, 06:57

Bitte das Log posten, wir sind noch nicht fertig

03.02.2015, 17:20	#2
schrauber /// the machine /// TB-Ausbilder	WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild) Hi, Addition.txt von FRST fehlt noch __________________ __________________

05.02.2015, 06:57	#6
schrauber /// the machine /// TB-Ausbilder	WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild) Bitte das Log posten, wir sind noch nicht fertig __________________ --> WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild)

WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild)

Plagegeister aller Art und deren Bekämpfung: WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild)