Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TSULoader (getarnt als minecraftdl_25068)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.02.2015, 21:12   #1
AquaClassic
 
TSULoader (getarnt als minecraftdl_25068) - Standard

TSULoader (getarnt als minecraftdl_25068)



Hallo liebe Helferlein,

ich habe ein kleines Problem mit meinem Notebook. Und zwar habe ich gerade eine Kaspersky-Rescue-CD rüberlaufen lassen und die hat Malware entdeckt, genauer gesagt folgende Datei:

https://www.virustotal.com/de/file/3ccccc85ce5ef3a07d1c3e537f12322d918ec93b7a14000502e3d413fdc3f47b/analysis/1423511652/

Die Datei heißt ursprünglich TSULoader und tarnt sich durch einen anderen Dateinamen. Ich habe sie selbstständig sicherlich nicht heruntergeladen. Meinen Recherchen nach soll sie vor allem Adware installieren, bisher ist mir aber nichts dergleichen aufgefallen. Ich habe deshalb die Hoffnung, dass die .exe bisher noch nicht ausgeführt wurde (weil ich das selbst nicht getan habe und vielleicht habe ich Glück und es gibt keinen Prozess, der das automatisch getan hat?).

Trotzdem würde ich gerne sichergehen. Ich habe die Datei jetzt erstmal nicht gelöscht, die hängt eh schon seit 'nem Jahr in dem entsprechenden Ordner rum. Wäre euch für schnelle Hilfe sehr dankbar.

Die FRST-Logs habe ich direkt schon erstellt:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by [mein Name] (administrator) on [mein PC-Name]SNOTEBOOK on 09-02-2015 21:07:41
Running from C:\Users\[mein Name]\Desktop
Loaded Profiles: [mein Name] (Available profiles: [mein Name])
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Foxit Software Inc.) D:\Programme\FOXIT READER\Foxit Cloud\FCUpdateService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2784552 2011-05-13] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\[mein Name]\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\Users\[mein Name]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mausarm.lnk
ShortcutTarget: Mausarm.lnk -> C:\Program Files (x86)\Mausarm\Mausarm.exe (hxxp://www.repetitive-strain-injury.de)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-785650546-1832744181-4140763645-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKU\S-1-5-21-785650546-1832744181-4140763645-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\[mein Name]\AppData\Roaming\Mozilla\Firefox\Profiles\pa7njh3i.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-785650546-1832744181-4140763645-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\[mein Name]\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: DownloadHelper - C:\Users\[mein Name]\AppData\Roaming\Mozilla\Firefox\Profiles\pa7njh3i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-21]

Chrome: 
=======
CHR Profile: C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-27]
CHR Extension: (Google Docs) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-14]
CHR Extension: (Google Drive) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-14]
CHR Extension: (Google-Suche) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-14]
CHR Extension: (Postman - REST Client) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2014-01-08]
CHR Extension: (AdBlock) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-14]
CHR Extension: (Avast Online Security) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-21]
CHR Extension: (Google Wallet) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-14]
CHR Extension: (Google Mail) - C:\Users\[mein Name]\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-23] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-23] (Avast Software)
R2 FoxitCloudUpdateService; D:\PROGRAMME\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-14] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-23] (Avast Software)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 SBIOSIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 21:07 - 2015-02-09 21:08 - 00016852 _____ () C:\Users\[mein Name]\Desktop\FRST.txt
2015-02-09 21:07 - 2015-02-09 21:07 - 02132992 _____ (Farbar) C:\Users\[mein Name]\Desktop\FRST64.exe
2015-02-09 21:07 - 2015-02-09 21:07 - 00000000 ____D () C:\FRST
2015-02-09 20:52 - 2015-02-09 20:52 - 00000197 _____ () C:\windows\system32\2015-02-09-19-52-09.071-AvastVBoxSVC.exe-4152.log
2015-02-09 17:52 - 2015-02-09 21:48 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-02-09 14:49 - 2015-02-09 15:00 - 1028653056 _____ () C:\Users\[mein Name]\Downloads\ubuntu-14.04.1-desktop-amd64.iso
2015-02-09 10:34 - 2015-02-09 10:34 - 00000197 _____ () C:\windows\system32\2015-02-09-09-34-00.081-AvastVBoxSVC.exe-3092.log
2015-02-08 23:36 - 2015-02-08 23:36 - 00000197 _____ () C:\windows\system32\2015-02-08-22-36-17.028-AvastVBoxSVC.exe-3088.log
2015-02-08 20:23 - 2015-02-08 20:23 - 00000197 _____ () C:\windows\system32\2015-02-08-19-23-14.076-AvastVBoxSVC.exe-4840.log
2015-02-06 16:18 - 2015-02-06 16:18 - 00000197 _____ () C:\windows\system32\2015-02-06-15-18-21.065-AvastVBoxSVC.exe-4252.log
2015-02-06 09:38 - 2015-02-06 09:38 - 00000197 _____ () C:\windows\system32\2015-02-06-08-38-29.025-AvastVBoxSVC.exe-3808.log
2015-02-06 00:14 - 2015-02-06 00:15 - 00000197 _____ () C:\windows\system32\2015-02-05-23-14-33.005-AvastVBoxSVC.exe-4348.log
2015-02-05 10:12 - 2015-02-05 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-02-05 08:41 - 2015-02-05 08:41 - 00000197 _____ () C:\windows\system32\2015-02-05-07-41-57.070-AvastVBoxSVC.exe-3656.log
2015-02-04 13:17 - 2015-02-04 13:17 - 00380416 _____ () C:\Users\[mein Name]\Downloads\Gmer-19357.exe
2015-02-04 13:13 - 2015-02-04 13:13 - 00000197 _____ () C:\windows\system32\2015-02-04-12-13-00.041-AvastVBoxSVC.exe-3888.log
2015-02-04 12:00 - 2015-02-04 12:01 - 109379584 _____ () C:\Users\[mein Name]\Downloads\rescuecd-20100322-3.iso
2015-02-04 10:25 - 2015-02-04 10:25 - 00000197 _____ () C:\windows\system32\2015-02-04-09-25-13.020-AvastVBoxSVC.exe-2764.log
2015-02-03 23:33 - 2015-02-05 22:53 - 00000000 ____D () C:\Users\[mein Name]\Desktop\PRO
2015-02-03 16:46 - 2015-02-03 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-03 16:46 - 2015-02-03 16:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-03 16:46 - 2015-02-03 16:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-03 16:44 - 2015-02-03 16:45 - 13087456 _____ (Microsoft Corporation) C:\Users\[mein Name]\Downloads\Silverlight_x64.exe
2015-02-03 16:39 - 2015-02-03 16:45 - 652365824 _____ () C:\Users\[mein Name]\Downloads\rescue-system.iso
2015-02-03 16:34 - 2015-02-03 16:35 - 142706688 _____ () C:\Users\[mein Name]\Downloads\rescue-cd-3.16-73600.iso
2015-02-03 16:31 - 2015-02-03 16:34 - 315854848 _____ () C:\Users\[mein Name]\Downloads\kav_rescue_10.iso
2015-02-03 11:44 - 2015-02-03 11:44 - 00000197 _____ () C:\windows\system32\2015-02-03-10-44-28.037-AvastVBoxSVC.exe-4352.log
2015-02-02 23:47 - 2015-02-03 17:19 - 00000603 _____ () C:\Users\[mein Name]\Desktop\Puzzle Quest.txt
2015-02-02 22:46 - 2015-02-02 22:46 - 00000197 _____ () C:\windows\system32\2015-02-02-21-46-46.071-AvastVBoxSVC.exe-3640.log
2015-02-02 07:49 - 2015-02-02 07:49 - 00000197 _____ () C:\windows\system32\2015-02-02-06-49-37.046-AvastVBoxSVC.exe-3148.log
2015-02-01 21:46 - 2015-02-01 21:46 - 00000197 _____ () C:\windows\system32\2015-02-01-20-46-45.022-AvastVBoxSVC.exe-2944.log
2015-02-01 19:45 - 2015-02-01 19:45 - 00000197 _____ () C:\windows\system32\2015-02-01-18-45-35.012-AvastVBoxSVC.exe-4852.log
2015-01-31 20:55 - 2015-01-31 20:55 - 00000000 _____ () C:\windows\SysWOW64\shoB67C.tmp
2015-01-31 12:28 - 2015-01-31 12:28 - 00000197 _____ () C:\windows\system32\2015-01-31-11-28-32.098-AvastVBoxSVC.exe-4692.log
2015-01-30 18:16 - 2015-01-30 18:16 - 00000197 _____ () C:\windows\system32\2015-01-30-17-16-58.037-AvastVBoxSVC.exe-3772.log
2015-01-30 14:32 - 2015-01-30 14:33 - 11152353 _____ () C:\Users\[mein Name]\Downloads\DAO_BetterSexScenesMod.zip
2015-01-30 11:16 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-30 11:09 - 2015-01-30 11:09 - 00000197 _____ () C:\windows\system32\2015-01-30-10-09-49.022-AvastVBoxSVC.exe-2556.log
2015-01-30 00:40 - 2015-01-30 00:40 - 00000000 ____D () C:\Users\[mein Name]\Desktop\D
2015-01-30 00:37 - 2015-01-30 00:37 - 00431104 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2015-01-30 00:37 - 2015-01-30 00:37 - 00409600 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2015-01-30 00:37 - 2015-01-30 00:37 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2015-01-30 00:37 - 2015-01-30 00:37 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2015-01-30 00:37 - 2015-01-30 00:37 - 00000000 ____D () C:\Users\[mein Name]\Documents\Puzzle Quest
2015-01-30 00:37 - 2015-01-30 00:37 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-01-30 00:36 - 2015-01-30 00:36 - 00000154 _____ () C:\windows\DirectX.log
2015-01-29 23:42 - 2015-01-29 23:42 - 00000201 _____ () C:\Users\[mein Name]\Desktop\Puzzle Quest.url
2015-01-29 21:53 - 2015-01-29 21:54 - 30643244 _____ () C:\Users\[mein Name]\Desktop\[mein PC-Name] - 45.wav
2015-01-29 20:58 - 2015-01-29 20:58 - 49239084 _____ () C:\Users\[mein Name]\Desktop\[mein PC-Name] - For My Sake.wav
2015-01-29 07:50 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-01-29 07:50 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-01-29 07:50 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-01-29 07:50 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-01-29 07:28 - 2015-01-29 07:28 - 00000247 _____ () C:\windows\system32\2015-01-29-06-28-31.014-aswFe.exe-480.log
2015-01-29 07:22 - 2015-01-29 07:28 - 00000247 _____ () C:\windows\system32\2015-01-29-06-22-03.015-aswFe.exe-1432.log
2015-01-29 07:21 - 2015-01-29 07:21 - 00000197 _____ () C:\windows\system32\2015-01-29-06-21-55.063-AvastVBoxSVC.exe-5100.log
2015-01-29 07:18 - 2015-01-29 07:18 - 00000197 _____ () C:\windows\system32\2015-01-29-06-18-31.065-AvastVBoxSVC.exe-3452.log
2015-01-29 07:16 - 2015-02-09 20:50 - 00003506 _____ () C:\windows\setupact.log
2015-01-29 07:16 - 2015-01-29 07:16 - 00000000 _____ () C:\windows\setuperr.log
2015-01-28 18:33 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2015-01-28 18:33 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-28 18:33 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-28 18:33 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2015-01-28 18:33 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2015-01-28 18:33 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-01-28 18:33 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2015-01-28 18:33 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-01-28 18:33 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2015-01-28 18:33 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2015-01-28 18:33 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-01-28 18:33 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-01-28 18:33 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-01-28 18:33 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-01-28 18:33 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-01-28 18:19 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-01-28 18:19 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2015-01-28 18:19 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2015-01-28 18:19 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2015-01-28 18:19 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2015-01-28 18:12 - 2015-01-28 18:12 - 00291606 _____ () C:\Users\[mein Name]\Downloads\TCPView.zip
2015-01-28 18:12 - 2015-01-28 18:12 - 00000000 ____D () C:\Users\[mein Name]\Downloads\TCPView
2015-01-28 18:11 - 2015-01-28 18:19 - 00000000 ____D () C:\windows\system32\MRT
2015-01-28 18:11 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-28 18:10 - 2015-01-28 18:10 - 05325208 _____ (Piriform Ltd) C:\Users\[mein Name]\Downloads\ccsetup502.exe
2015-01-27 20:32 - 2015-01-27 20:34 - 169133552 _____ () C:\Users\[mein Name]\Downloads\EmsisoftEmergencyKit.exe
2015-01-27 14:24 - 2015-01-27 14:24 - 00000197 _____ () C:\windows\system32\2015-01-27-13-24-18.063-AvastVBoxSVC.exe-4760.log
2015-01-27 14:18 - 2015-01-27 14:18 - 00000000 ____D () C:\ProgramData\Intel
2015-01-27 14:18 - 2012-05-15 07:13 - 00144896 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2015-01-27 14:18 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2015-01-27 14:11 - 2015-01-27 14:11 - 00000197 _____ () C:\windows\system32\2015-01-27-13-11-09.077-AvastVBoxSVC.exe-4944.log
2015-01-27 14:09 - 2015-01-27 14:09 - 00000000 ____D () C:\Users\[mein Name]\AppData\Local\NVIDIA Corporation
2015-01-27 14:08 - 2015-01-27 14:19 - 00000000 ____D () C:\windows\SysWOW64\NV
2015-01-27 14:08 - 2015-01-27 14:19 - 00000000 ____D () C:\windows\system32\NV
2015-01-27 14:08 - 2015-01-27 14:08 - 00000000 ____D () C:\Users\[mein Name]\AppData\Local\NVIDIA
2015-01-27 14:07 - 2015-01-27 14:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-27 14:06 - 2015-01-27 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-27 14:06 - 2014-12-13 01:11 - 02824504 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-01-27 14:06 - 2014-12-13 01:11 - 02210040 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-01-27 14:06 - 2014-12-13 01:11 - 01715224 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-01-27 14:06 - 2014-12-13 01:11 - 01291464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-01-27 14:05 - 2015-01-27 14:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-27 14:04 - 2015-01-27 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-27 14:04 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-01-27 14:04 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 01097872 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-01-27 14:04 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 00075080 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-01-27 14:04 - 2015-01-09 20:47 - 04173527 _____ () C:\windows\system32\nvcoproc.bin
2015-01-27 14:04 - 2012-05-15 07:13 - 00020992 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-01-27 14:04 - 2012-05-15 06:20 - 00017920 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-01-27 14:03 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-27 14:01 - 2015-01-27 14:01 - 00000197 _____ () C:\windows\system32\2015-01-27-13-01-56.045-AvastVBoxSVC.exe-3500.log
2015-01-27 13:56 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-01-27 13:56 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434725.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434725.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00031376 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2015-01-27 13:56 - 2015-01-10 09:07 - 00027441 _____ () C:\windows\system32\nvinfo.pb
2015-01-27 13:56 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-01-27 13:56 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2015-01-27 13:56 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-01-27 13:38 - 2015-01-27 13:38 - 00000197 _____ () C:\windows\system32\2015-01-27-12-38-24.016-AvastVBoxSVC.exe-3944.log
2015-01-27 13:30 - 2015-01-27 13:30 - 00000197 _____ () C:\windows\system32\2015-01-27-12-30-04.096-AvastVBoxSVC.exe-3396.log
2015-01-27 13:16 - 2015-01-27 13:16 - 00000000 __SHD () C:\Users\[mein Name]\AppData\Local\EmieUserList
2015-01-27 13:16 - 2015-01-27 13:16 - 00000000 __SHD () C:\Users\[mein Name]\AppData\Local\EmieSiteList
2015-01-27 13:16 - 2015-01-27 13:16 - 00000000 __SHD () C:\Users\[mein Name]\AppData\Local\EmieBrowserModeList
2015-01-27 12:19 - 2015-01-27 12:19 - 03183783 _____ () C:\Users\[mein Name]\Downloads\lwjgl-source-2.9.3.zip
2015-01-27 12:00 - 2015-01-27 12:01 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\NetBeans
2015-01-27 12:00 - 2015-01-27 12:00 - 00000000 ____D () C:\Users\[mein Name]\AppData\Local\NetBeans
2015-01-23 16:52 - 2015-01-23 17:02 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 16:31 - 2015-01-23 16:52 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 16:31 - 2015-01-23 16:52 - 00097496 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-23 16:31 - 2015-01-23 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-23 16:31 - 2015-01-23 16:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 16:31 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-23 16:31 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-23 15:51 - 2015-01-23 15:51 - 00000197 _____ () C:\windows\system32\2015-01-23-14-51-01.036-AvastVBoxSVC.exe-2904.log
2015-01-23 11:18 - 2015-01-23 11:18 - 00000197 _____ () C:\windows\system32\2015-01-23-10-18-14.031-AvastVBoxSVC.exe-1752.log
2015-01-22 12:10 - 2015-01-22 12:10 - 00000197 _____ () C:\windows\system32\2015-01-22-11-10-31.007-AvastVBoxSVC.exe-4124.log
2015-01-21 23:19 - 2015-01-21 23:19 - 00000247 _____ () C:\windows\system32\2015-01-21-22-19-12.034-aswFe.exe-1156.log
2015-01-21 23:12 - 2015-01-21 23:18 - 00000247 _____ () C:\windows\system32\2015-01-21-22-12-59.016-aswFe.exe-5052.log
2015-01-21 23:12 - 2015-01-21 23:12 - 00000197 _____ () C:\windows\system32\2015-01-21-22-12-54.002-AvastVBoxSVC.exe-3416.log
2015-01-21 22:24 - 2015-01-21 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-01-21 20:03 - 2015-01-21 20:03 - 00000868 _____ () C:\Users\[mein Name]\Desktop\NetBeans IDE 8.0.2.lnk
2015-01-21 20:03 - 2015-01-21 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2015-01-21 20:00 - 2015-01-21 20:09 - 00000000 ____D () C:\Users\[mein Name]\.nbi
2015-01-21 19:57 - 2015-01-21 19:57 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-01-21 19:57 - 2015-01-21 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-21 19:55 - 2015-01-21 19:56 - 00000000 ____D () C:\Program Files\Java
2015-01-21 19:55 - 2015-01-21 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-01-21 18:06 - 2015-01-21 18:06 - 00000197 _____ () C:\windows\system32\2015-01-21-17-06-54.058-AvastVBoxSVC.exe-3024.log
2015-01-21 12:41 - 2015-01-28 18:11 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-21 12:41 - 2015-01-21 12:41 - 00002770 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-01-21 12:41 - 2015-01-21 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-21 12:04 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-21 12:03 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-21 12:03 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-21 12:03 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-21 12:03 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-21 12:03 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-21 12:03 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-21 12:02 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-21 12:02 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-21 12:02 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-21 12:02 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-21 12:02 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 21:07 - 2013-10-14 09:10 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-09 20:59 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-09 20:59 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-09 20:55 - 2011-08-13 21:17 - 01892149 _____ () C:\windows\WindowsUpdate.log
2015-02-09 20:54 - 2013-10-14 11:38 - 00000000 ____D () C:\Users\[mein Name]\AppData\Local\CrashDumps
2015-02-09 20:52 - 2013-11-18 18:35 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-09 20:50 - 2013-11-13 00:33 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-02-09 20:49 - 2013-10-14 09:10 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-09 20:49 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-09 16:47 - 2013-10-14 18:33 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\Skype
2015-02-09 15:29 - 2014-03-29 16:32 - 00000575 _____ () C:\Users\[mein Name]\AppData\Roaming\burnaware.ini
2015-02-09 11:56 - 2014-01-01 16:04 - 00000000 ____D () C:\ProgramData\Unity
2015-02-06 17:33 - 2013-11-25 19:07 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\vlc
2015-02-05 18:14 - 2014-01-01 16:04 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\Unity
2015-02-04 16:02 - 2013-10-14 09:10 - 00004106 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 16:02 - 2013-10-14 09:10 - 00003854 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 13:54 - 2011-08-13 21:02 - 00704256 _____ () C:\windows\system32\perfh007.dat
2015-02-04 13:54 - 2011-08-13 21:02 - 00153914 _____ () C:\windows\system32\perfc007.dat
2015-02-04 13:54 - 2009-07-14 06:13 - 01620836 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-04 13:08 - 2013-10-22 15:15 - 01637658 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-04 13:08 - 2013-10-22 15:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-02-03 16:43 - 2011-02-11 20:57 - 00000000 ____D () C:\windows\Panther
2015-02-02 21:24 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-01-29 21:54 - 2014-05-27 21:19 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\Audacity
2015-01-28 20:40 - 2013-10-10 03:02 - 00000000 ____D () C:\WinDiag
2015-01-28 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-28 18:52 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-28 18:49 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-01-28 18:07 - 2013-11-21 09:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-28 18:07 - 2013-11-21 09:37 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 18:06 - 2013-11-21 09:36 - 00000000 ____D () C:\Users\[mein Name]\AppData\Local\Adobe
2015-01-27 14:18 - 2011-08-13 05:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-27 14:06 - 2011-08-13 05:22 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-27 13:32 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Help
2015-01-23 16:41 - 2011-08-13 06:11 - 00000000 ____D () C:\windows\no
2015-01-23 11:15 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-01-22 22:43 - 2013-10-22 15:15 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\SoftGrid Client
2015-01-22 20:00 - 2014-03-03 19:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-22 20:00 - 2013-10-14 09:07 - 00000000 ____D () C:\ProgramData\Skype
2015-01-21 23:07 - 2013-10-14 09:03 - 00000000 ____D () C:\Users\[mein Name]
2015-01-21 20:42 - 2014-01-04 14:58 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2015-01-21 20:41 - 2013-12-02 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-01-21 19:56 - 2013-10-24 09:28 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-21 18:06 - 2013-10-14 09:09 - 00067904 _____ () C:\Users\[mein Name]\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-21 18:03 - 2009-07-14 05:45 - 00300168 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-21 12:51 - 2013-10-21 09:40 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt
2015-01-21 12:47 - 2014-04-13 22:34 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\FileZilla
2015-01-21 12:47 - 2014-02-14 19:42 - 00000000 ____D () C:\windows\Minidump
2015-01-21 12:35 - 2011-08-13 20:40 - 00000000 ____D () C:\windows\ShellNew
2015-01-21 12:34 - 2014-06-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaos Extreme Utilities
2015-01-21 12:25 - 2011-08-13 05:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-21 12:16 - 2011-08-13 06:25 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-21 11:39 - 2014-01-19 23:28 - 00000000 ____D () C:\Users\[mein Name]\AppData\Roaming\Foxit Software

==================== Files in the root of some directories =======

2014-03-29 16:32 - 2015-02-09 15:29 - 0000575 _____ () C:\Users\[mein Name]\AppData\Roaming\burnaware.ini
2014-06-03 07:52 - 2014-06-03 07:52 - 0049680 _____ () C:\Users\[mein Name]\AppData\Local\recently-used.xbel
2014-01-15 10:32 - 2014-01-15 10:32 - 0000017 _____ () C:\Users\[mein Name]\AppData\Local\resmon.resmoncfg
2011-08-13 06:31 - 2011-08-13 06:32 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-08-13 06:26 - 2011-08-13 06:26 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-08-13 06:29 - 2011-08-13 06:30 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-08-13 06:26 - 2011-08-13 06:29 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-08-13 06:30 - 2011-08-13 06:31 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\[mein Name]\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\[mein Name]\AppData\Local\Temp\Foxit Updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 00:30

==================== End Of Log ============================
         
Und die addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by [mein Name] at 2015-02-09 21:08:51
Running from C:\Users\[mein Name]\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Beyond Divinity (HKLM-x32\...\Steam App 219760) (Version:  - Larian Studios)
BurnAware Free 6.9.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Divine Divinity (HKLM-x32\...\Steam App 214170) (Version:  - Larian Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.16.13 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.36 - Samsung)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Football Manager 2014 Demo (HKLM-x32\...\Steam App 242380) (Version:  - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
jMonkeyEngine SDK (HKLM\...\nbi-jmonkeyplatform-3.0.0.0.4) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mausarm 1.0.1 (HKLM-x32\...\{7A690610-D345-4889-98E0-CC2153718A46}_is1) (Version:  - Clemens Conrad)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Puzzle Quest (HKLM-x32\...\Steam App 12500) (Version:  - Infinite Interactive)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stonehearth (HKLM-x32\...\{805BFAF9-CC2F-4360-B2A2-6CE344C54526}) (Version: 0.1.0.10 - Radiant Entertainment)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity (HKLM-x32\...\Unity) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-785650546-1832744181-4140763645-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.2 - )
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-785650546-1832744181-4140763645-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> D:\Programme\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BB9B490-29D7-4F25-B861-AF2C06A4E627} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-06] (Samsung Electronics Co., Ltd.)
Task: {1FEB90C4-B3C5-4760-B656-55DD37AE2BAC} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-07-29] (SAMSUNG Electronics)
Task: {20BE1F54-D472-48F1-B202-60A66362F797} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-08-06] (Samsung Electronics)
Task: {2ECEEF25-A4AC-4F9C-B197-C24405CB7E09} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-08-08] (Samsung Electronics Co., Ltd.)
Task: {2FE776C4-204F-4176-8B31-B8E75BFB9185} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {5116D1C0-F382-43A8-B329-077073FB3245} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-05] (SAMSUNG Electronics co., LTD.)
Task: {513C0B3B-6172-4CBA-911F-2A52022770B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {55B421D8-35B0-4415-ABC9-8D98A1DDA88B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-14] (Google Inc.)
Task: {8F4FA524-327B-4DDA-B181-732DD331994B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-08-08] (Samsung Electronics Co., Ltd.)
Task: {AEE3823D-9678-4DC6-9D1D-F8D0669F062E} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-08] (Samsung Electronics Co., Ltd.)
Task: {B97E8C52-1E77-41D3-9D25-6395F1B8EFE8} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2011-07-29] (Samsung)
Task: {CE2BD4EE-B84F-4040-8785-768F7471BD70} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-23] (AVAST Software)
Task: {D6320189-42BB-4FC4-8581-D7D91024B7E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-14] (Google Inc.)
Task: {FA8FFC57-7875-4AA6-A647-35747EFCB201} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {FDB92CC3-A623-4142-ABC1-732AE14D0BDD} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-27 13:56 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-27 14:04 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-21 22:24 - 2014-12-17 21:23 - 00736962 _____ () D:\Programme\Git\git-cheetah\git_shell_ext64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-07-21 06:51 - 2010-12-16 10:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-23 17:56 - 2014-12-23 17:56 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-23 17:56 - 2014-12-23 17:56 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-08 23:36 - 2015-02-08 23:36 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020801\algo.dll
2014-12-23 17:56 - 2014-12-23 17:56 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-09 20:50 - 2015-02-09 20:50 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020900\algo.dll
2015-01-27 13:56 - 2015-01-10 09:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-08-13 05:30 - 2011-02-16 17:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-12-23 17:57 - 2014-12-23 17:57 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-08-13 05:30 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-08-13 05:39 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2014-03-28 10:35 - 2014-03-28 10:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-02-05 23:10 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 23:10 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 23:10 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-785650546-1832744181-4140763645-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\[mein Name]\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-785650546-1832744181-4140763645-500 - Administrator - Disabled)
Gast (S-1-5-21-785650546-1832744181-4140763645-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-785650546-1832744181-4140763645-1003 - Limited - Enabled)
[mein Name] (S-1-5-21-785650546-1832744181-4140763645-1001 - Administrator - Enabled) => C:\Users\[mein Name]

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/09/2015 08:54:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001fbe8
ID des fehlerhaften Prozesses: 0xfb4
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3

Error: (02/09/2015 08:52:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 11:59:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MonoDevelop.exe, Version 2.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18c0

Startzeit: 01d044574e862fdc

Endzeit: 16

Anwendungspfad: D:\Programme\Unity\MonoDevelop\bin\MonoDevelop.exe

Berichts-ID:

Error: (02/09/2015 10:37:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001fbe8
ID des fehlerhaften Prozesses: 0xffc
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3

Error: (02/09/2015 10:31:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 11:41:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.16.13, Zeitstempel: 0x4e31fcdb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001fbe8
ID des fehlerhaften Prozesses: 0x1614
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3

Error: (02/08/2015 11:36:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 08:21:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 08:20:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/08/2015 08:20:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]


System errors:
=============
Error: (02/06/2015 04:15:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (02/06/2015 04:15:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (02/06/2015 04:15:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Application Virtualization Client" ist vom Dienst "Application Virtualization Service Agent" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (02/06/2015 04:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Application Virtualization Service Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/06/2015 04:15:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Application Virtualization Service Agent erreicht.

Error: (02/06/2015 00:11:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎02.‎2015 um 00:07:16 unerwartet heruntergefahren.

Error: (02/05/2015 11:44:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (02/05/2015 05:38:28 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (02/05/2015 10:12:13 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/05/2015 08:57:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}


Microsoft Office Sessions:
=========================
Error: (02/09/2015 08:54:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe1.1.16.134e31fcdbSWMAgent.exe1.1.16.134e31fcdbc00000050001fbe8fb401d044a23ac920f7C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exeC:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe7ae8d8b6-b095-11e4-92b0-e8039aa6e719

Error: (02/09/2015 08:52:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 11:59:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: MonoDevelop.exe2.6.0.018c001d044574e862fdc16D:\Programme\Unity\MonoDevelop\bin\MonoDevelop.exe

Error: (02/09/2015 10:37:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe1.1.16.134e31fcdbSWMAgent.exe1.1.16.134e31fcdbc00000050001fbe8ffc01d0444bf60d7235C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exeC:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe360e1798-b03f-11e4-b647-e8039aa6e719

Error: (02/09/2015 10:31:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 11:41:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe1.1.16.134e31fcdbSWMAgent.exe1.1.16.134e31fcdbc00000050001fbe8161401d043f0669a1b34C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exeC:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exeaa780944-afe3-11e4-95fb-e8039aa6e719

Error: (02/08/2015 11:36:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 08:21:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2015 08:20:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/08/2015 08:20:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 4009.55 MB
Available physical RAM: 2022.27 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 5772.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73 GB) (Free:25.28 GB) NTFS
Drive d: () (Fixed) (Total:370.1 GB) (Free:203.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 44E55B82)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=370.1 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=22.6 GB) - (Type=27)

==================== End Of Log ============================
         

Alt 09.02.2015, 22:18   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TSULoader (getarnt als minecraftdl_25068) - Standard

TSULoader (getarnt als minecraftdl_25068)



Hi,

das Teil ist nur Adware. Wo genau wurde die gefunden?
__________________

__________________

Alt 09.02.2015, 22:51   #3
AquaClassic
 
TSULoader (getarnt als minecraftdl_25068) - Standard

TSULoader (getarnt als minecraftdl_25068)



Danke für deine schnelle Antwort!

Das ist schonmal beruhigend. Selbst wenn sie ausgeführt worden ist, kann also nichts Weltbewegendes passiert sein, ja?

Die Datei liegt in einem Ordner, den ich selbst angelegt habe, in den ich im Januar 2014 den Inhalt meines normalen Download-Ordners verschoben habe. Stammt also aus dem Download-Ordner. Ich weiß nicht, ob sie sich selbst runtergeladen hat oder ob ich das war, aber zumindest habe ich sie ziemlich sicher nie selbst ausgeführt.
__________________

Antwort

Themen zu TSULoader (getarnt als minecraftdl_25068)
adware, akamai, antivirus, browser, ccsetup, cpu, device driver, failed, flash player, ftp, google, home, hängt, installation, malware, mozilla, problem, prozess, realtek, registry, rundll, scan, security, software, svchost.exe, system, windows




Ähnliche Themen: TSULoader (getarnt als minecraftdl_25068)


  1. Trojaner als GTA IV-Mod getarnt!
    Log-Analyse und Auswertung - 02.02.2015 (2)
  2. Trojaner als zip-Datei getarnt?
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (8)
  3. Trojaner als Flash Player (32 bit) getarnt
    Antiviren-, Firewall- und andere Schutzprogramme - 17.12.2013 (5)
  4. Virenpost als MMS getarnt
    Nachrichten - 05.11.2012 (0)
  5. gefälschte email 1&1 GmbH mit Anhang als getarnt
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (8)
  6. Verschlüsselungstrojaner als .pif getarnt
    Diskussionsforum - 22.05.2012 (1)
  7. Facebook Virus als JPG getarnt
    Log-Analyse und Auswertung - 25.10.2011 (1)
  8. Spyware als Windowsdienst getarnt
    Plagegeister aller Art und deren Bekämpfung - 27.03.2011 (8)
  9. Virus im Browser getarnt XXL
    Plagegeister aller Art und deren Bekämpfung - 19.01.2011 (1)
  10. Virus getarnt als cmd.exe?
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (2)
  11. Vermute Trojaner getarnt als MDM.EXE.Bitte um Hilfe
    Log-Analyse und Auswertung - 23.01.2009 (9)
  12. Virus als Antivirus XP 2008 getarnt
    Plagegeister aller Art und deren Bekämpfung - 30.08.2008 (38)
  13. Trojaner getarnt als Anti virus System
    Mülltonne - 22.06.2007 (0)
  14. Getarnt als HP driver???
    Plagegeister aller Art und deren Bekämpfung - 02.06.2005 (1)
  15. Trojaner getarnt als wuauclt.exe?
    Plagegeister aller Art und deren Bekämpfung - 17.10.2004 (5)
  16. Trojaner gut getarnt!
    Plagegeister aller Art und deren Bekämpfung - 20.03.2004 (5)
  17. Trojaner als Office-konfiguration getarnt?
    Archiv - 21.01.2003 (2)

Zum Thema TSULoader (getarnt als minecraftdl_25068) - Hallo liebe Helferlein, ich habe ein kleines Problem mit meinem Notebook. Und zwar habe ich gerade eine Kaspersky-Rescue-CD rüberlaufen lassen und die hat Malware entdeckt, genauer gesagt folgende Datei: https://www.virustotal.com/de/file/3ccccc85ce5ef3a07d1c3e537f12322d918ec93b7a14000502e3d413fdc3f47b/analysis/1423511652/ - TSULoader (getarnt als minecraftdl_25068)...
Archiv
Du betrachtest: TSULoader (getarnt als minecraftdl_25068) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.