Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8: Win32:BProtect-J [Trj] (https://www.trojaner-board.de/157338-windows-8-win32-bprotect-j-trj.html)

onomto 07.08.2014 16:47
Windows 8: Win32:BProtect-J [Trj]
 
Hallo,

Avast meldete vor 2 Tagen das Blockieren des Trojaners Win32:BProtect-J [Trj]. Nach einem kompletten Systemscan wurde die Datei C:\ProgramData\374311380\BIT523E.tmp gefunden und mit der Funktion 'automoatisch in Ordnung bringen' behandelt.

Später am selben Tag erfolge wieder die Meldung, dass dem Trojaner Win32:BProtect-J [Trj] der Zugriff verweigert wurde.

PC wurde seit den Scans nicht mehr benutzt.

Gmer und Avast Log sind beide leider zu groß, daher als Anhang.


Schon mal im Vorraus :dankeschoen:


defogger_disable.log
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:58 on 04/08/2014 (Bianca)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Bianca (administrator) on MUFFINPC on 04-08-2014 11:59:46
Running from C:\Users\Bianca\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Flux Software LLC) C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [677616 2013-03-01] (Synaptics)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-01] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\Run: [f.lux] => C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\MountPoints2: {54cff26c-f988-11e3-be84-089e01f64a4d} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK
SearchScopes: HKLM - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bianca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-23]

Chrome:
=======
CHR StartupUrls: "hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK"
CHR Extension: (Google Docs) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-14]
CHR Extension: (Google Drive) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-14]
CHR Extension: (YouTube) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (Google-Suche) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-21] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [689032 2014-07-14] (Cherished Technololgy LIMITED)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [542912 2014-07-16] (Valve Corporation) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-28] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-17] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [86472 2013-04-25] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-01] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-24] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-04] ()
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 11:59 - 2014-08-04 12:00 - 00021376 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-04 11:59 - 2014-08-04 11:59 - 00000000 ____D () C:\FRST
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 11:48 - 2014-08-04 11:48 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-04 11:43 - 2014-08-04 10:35 - 194609928 _____ () C:\Users\Bianca\Desktop\aswAr1.log
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:43 - 2014-07-26 14:47 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:37 - 2014-07-26 14:38 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:29 - 2014-07-26 14:33 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-14 00:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-14 00:39 - 2014-08-04 11:54 - 00000000 ____D () C:\ProgramData\374311380
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:21 - 2014-07-14 00:25 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:21 - 2014-07-14 00:21 - 00003248 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2014-07-14 00:21 - 2014-07-14 00:21 - 00000000 ____D () C:\Users\Bianca\Documents\Optimizer Pro
2014-07-14 00:16 - 2014-07-14 00:39 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-14 00:16 - 2014-07-14 00:16 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:10 - 2014-07-14 00:11 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:14 - 2014-07-13 23:17 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 23:08 - 2014-07-14 00:12 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 21:09 - 2014-07-28 21:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet
2014-07-10 21:43 - 2014-07-10 21:43 - 00004520 _____ () C:\Users\Bianca\AppData\Roaming\CamStudio.cfg
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamShapes.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamLayout.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000046 _____ () C:\Users\Bianca\AppData\Roaming\Camdata.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-07-10 15:52 - 2014-07-10 15:52 - 08351107 _____ () C:\Users\Bianca\Downloads\OBS_0_625b_Installer.exe
2014-07-10 15:25 - 2014-07-10 15:25 - 06151027 _____ () C:\Users\Bianca\Downloads\2014-07-03_1425.swf
2014-07-09 11:10 - 2014-07-09 11:15 - 403019560 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectDeveloperToolkit-v1.8.0-Setup.exe
2014-07-09 11:09 - 2014-07-09 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinect for Windows SDK v1.8
2014-07-09 11:09 - 2014-07-09 11:09 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-07-09 11:04 - 2014-07-09 11:07 - 233216824 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectSDK-v1.8-Setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 03099532 _____ (CamStudio Open Source ) C:\Users\Bianca\Downloads\CamStudio_2.7_r316_setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\Program Files (x86)\CamStudio 2.7

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 12:00 - 2014-08-04 11:59 - 00021376 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-04 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-04 11:59 - 2014-08-04 11:59 - 00000000 ____D () C:\FRST
2014-08-04 11:59 - 2014-05-23 23:30 - 01689614 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-04 11:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:58 - 2014-05-23 23:38 - 00000000 ____D () C:\Users\Bianca
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 11:54 - 2014-07-14 00:39 - 00000000 ____D () C:\ProgramData\374311380
2014-08-04 11:53 - 2014-05-14 21:20 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1177300449-2652255412-3501273659-1002
2014-08-04 11:52 - 2014-05-23 19:02 - 00760376 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-08-04 11:52 - 2014-05-23 19:02 - 00169120 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-08-04 11:52 - 2014-03-18 12:03 - 02820872 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-04 11:52 - 2014-03-18 11:25 - 00808234 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-04 11:52 - 2014-03-18 11:25 - 00177208 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-04 11:49 - 2014-05-14 02:22 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-04 11:48 - 2014-08-04 11:48 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-04 11:48 - 2014-06-23 15:50 - 00000000 ____D () C:\Users\Bianca\AppData\Local\HTC MediaHub
2014-08-04 11:48 - 2013-10-28 07:48 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-08-04 11:48 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-04 11:47 - 2014-03-18 03:50 - 00007278 _____ () C:\WINDOWS\PFRO.log
2014-08-04 11:47 - 2013-10-28 08:00 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-08-04 11:32 - 2014-05-14 02:22 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-04 10:35 - 2014-08-04 11:43 - 194609928 _____ () C:\Users\Bianca\Desktop\aswAr1.log
2014-08-04 09:55 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\.VirtualBox
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-30 00:11 - 2014-06-12 20:13 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Skype
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-28 21:20 - 2014-07-13 21:09 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-28 19:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-28 00:19 - 2014-05-30 10:28 - 00000000 ____D () C:\Users\Bianca\Studium
2014-07-27 19:58 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-07-27 14:48 - 2014-07-27 14:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:47 - 2014-05-14 02:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 22:48 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Genymobile
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:51 - 2014-05-28 12:21 - 00000000 ____D () C:\Program Files (x86)\Android
2014-07-26 14:47 - 2014-07-26 14:43 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:38 - 2014-07-26 14:37 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:33 - 2014-07-26 14:29 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-25 23:22 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-22 12:08 - 2014-07-01 23:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 23:31 - 2014-06-15 15:58 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Battle.net
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-19 23:44 - 2014-06-15 15:57 - 00000000 ____D () C:\Spiele
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:49 - 2014-05-23 21:40 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-17 13:48 - 2014-05-23 21:40 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-17 13:48 - 2014-05-23 21:40 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-14 00:40 - 2014-05-25 01:21 - 00027560 _____ () C:\WINDOWS\DirectX.log
2014-07-14 00:39 - 2014-07-14 00:16 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-14 00:38 - 2014-05-24 01:22 - 00001465 _____ () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:25 - 2014-07-14 00:21 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:21 - 2014-07-14 00:21 - 00003248 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2014-07-14 00:21 - 2014-07-14 00:21 - 00000000 ____D () C:\Users\Bianca\Documents\Optimizer Pro
2014-07-14 00:16 - 2014-07-14 00:16 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-14 00:12 - 2014-07-13 23:08 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:11 - 2014-07-14 00:10 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:17 - 2014-07-13 23:14 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 21:09 - 2013-08-22 16:46 - 00345024 _____ () C:\WINDOWS\setupact.log
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet
2014-07-11 15:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-11 11:02 - 2014-06-20 16:58 - 00000000 ____D () C:\Users\Bianca\Documents\Visual Studio 2013
2014-07-11 00:04 - 2014-06-11 15:42 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\.purple
2014-07-10 21:43 - 2014-07-10 21:43 - 00004520 _____ () C:\Users\Bianca\AppData\Roaming\CamStudio.cfg
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamShapes.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamLayout.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000046 _____ () C:\Users\Bianca\AppData\Roaming\Camdata.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-07-10 15:52 - 2014-07-10 15:52 - 08351107 _____ () C:\Users\Bianca\Downloads\OBS_0_625b_Installer.exe
2014-07-10 15:25 - 2014-07-10 15:25 - 06151027 _____ () C:\Users\Bianca\Downloads\2014-07-03_1425.swf
2014-07-09 11:16 - 2014-07-09 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinect for Windows SDK v1.8
2014-07-09 11:16 - 2013-10-28 07:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-09 11:15 - 2014-07-09 11:10 - 403019560 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectDeveloperToolkit-v1.8.0-Setup.exe
2014-07-09 11:09 - 2014-07-09 11:09 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-07-09 11:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-09 11:07 - 2014-07-09 11:04 - 233216824 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectSDK-v1.8-Setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 03099532 _____ (CamStudio Open Source ) C:\Users\Bianca\Downloads\CamStudio_2.7_r316_setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\Program Files (x86)\CamStudio 2.7

Some content of TEMP:
====================
C:\Users\Bianca\AppData\Local\Temp\jna4019666720585412627.dll
C:\Users\Bianca\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Bianca\AppData\Local\Temp\restarter2786303555516675398.exe
C:\Users\Bianca\AppData\Local\Temp\smt_omiga-plus_new.exe
C:\Users\Bianca\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 16:25

==================== End Of Log ============================

Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Bianca at 2014-08-04 12:00:33
Running from C:\Users\Bianca\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Energy Manager (x32 Version: 1.0.0.24 - Lenovo) Hidden
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
f.lux (HKCU\...\Flux) (Version:  - )
Genymotion version 2.2.2 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.2.2 - Genymobile)
Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Experience Center Driver (Version: 1.9.0.8 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.0.1.0037 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.4.1001 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Kinect for Windows Developer Toolkit v1.8.0 (HKLM\...\{44E46B4E-CB12-42A9-8784-BBE390EB9C0B}) (Version: 1.8.0.572 - Microsoft Corporation)
Kinect for Windows Drivers v1.8 (HKLM\...\{AA62B868-5D5C-46CF-BA88-386BE71D4F87}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Runtime v1.8 (HKLM\...\{2700FAD3-F82C-4ED1-862C-5F425B2A88E6}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows SDK v1.8 (HKLM\...\{6702DAC4-51E7-440C-8012-9C0AE9D524DB}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.4241 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
LibreOffice 4.1.6.2 (HKLM-x32\...\{146232A9-AB53-48A7-A102-56624D92C80D}) (Version: 4.1.6.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone 8.1 XAML - DEU (x32 Version: 8.1.40427.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.40402.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 - deu (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - DEU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.1 (x32 Version: 15.0.847.30 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - DEU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2013 CoreRes - DEU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools für Microsoft Visual Studio (x64) - DEU Sprachpaket (Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools for Visual Studio (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools für Visual Studio DEU Sprachpaket (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - chs (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - cht (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - csy (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - esn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - fra (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - kor (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - plk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - rus (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - trk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Update 2-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Diagnosetools - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-XAML-Benutzeroberflächen-Designer - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c81217f5-344b-4b07-895e-97468942d363}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Module Microsoft Report Viewer pour Visual Studio*2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Nidhogg v1.004 (HKLM-x32\...\TmlkaG9nZ3YxMDA0_is1) (Version: 1 - )
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7133 - Realtek Semiconductor Corp.)
Ruby 2.0.0-p481 (HKCU\...\{ABAA9781-845A-43CC-BABA-76CB580FE35D}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
TowerFall Ascension (HKLM-x32\...\Steam App 251470) (Version:  - Matt Thorson)
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 SDK Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2012 Verification SDK (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - DEU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
Visual Studio 2013 的 Microsoft Report Viewer 附加元件 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Visual Studio 2013용 Microsoft Report Viewer 추가 기능 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30501.00 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.20401.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden
Windows Azure Mobile Services-Tools für Visual Studio Language Pack - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20311.1602 - Microsoft) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - Update März 2014 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.2.20311.1602 - Microsoft) Hidden
Windows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.0-Tools für Visual Studio 2013 - DEU Sprachpaket (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - ARM (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - Desktop (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x64 (Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x86 (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1 Tools for Visual Studio Professional 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1-Tools für Visual Studio 2013 - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1-Tools für Visual Studio Professional 2013 - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1177300449-2652255412-3501273659-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1177300449-2652255412-3501273659-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

13-07-2014 22:39:08 DirectX wurde installiert
17-07-2014 11:48:16 avast! antivirus system restore point
27-07-2014 20:25:59 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {12FA7707-B7AE-470F-B5AC-C68FDF7AA40B} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {1438B88F-325D-4F2B-AB04-55145BAFA345} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2F264F3E-F973-4FA2-BD3C-9BFE28234D0A} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5BBE62C4-05A9-470A-9A77-70F9746599A4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {688018E3-4FCC-41DA-B7BD-621472EB6947} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {7CDC2B5C-7EE7-4F66-9913-89947B381221} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-14] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9E142196-9B38-4ADB-8565-D90111448EFE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A2A3699B-7B14-45C6-8B5A-A6AF7610C813} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17] (AVAST Software)
Task: {CA9BB2AE-ABDD-4505-98B8-89C00DD178E8} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {CE6210B3-9CD7-4C04-8D88-09808EAE76BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-14] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-10-28 08:00 - 2013-10-28 08:00 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-10-28 08:00 - 2013-10-28 08:00 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-10-28 08:00 - 2013-10-28 08:00 - 00172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-07-17 13:48 - 2014-07-17 13:48 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-03 17:03 - 2014-08-03 17:03 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080300\algo.dll
2014-08-04 11:54 - 2014-08-04 11:54 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080301\algo.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:44 - 2014-05-27 12:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:45 - 2014-05-27 12:45 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-28 08:00 - 2013-10-28 08:00 - 01623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-28 08:00 - 2013-10-28 08:00 - 00030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2014-07-17 13:48 - 2014-07-17 13:48 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-28 07:22 - 2013-05-09 14:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-07-18 12:34 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 12:34 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 12:34 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 12:34 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 12:34 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2014 03:11:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MotionControl.exe, Version: 0.0.0.0, Zeitstempel: 0x51544e6d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x05929829
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xMotionControl.exe0
Pfad der fehlerhaften Anwendung: MotionControl.exe1
Pfad des fehlerhaften Moduls: MotionControl.exe2
Berichtskennung: MotionControl.exe3
Vollständiger Name des fehlerhaften Pakets: MotionControl.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MotionControl.exe5

Error: (07/27/2014 03:11:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MotionControl.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
  bei <Module>.AnimationManager.Step(AnimationManager*)
  bei <Module>.AnimationManager.SetAnimation(AnimationManager*, Int32)
  bei <Module>.BannerControl.HandleAction(Int32, tagFrame*)
  bei <Module>.RecognitionHandler.FrameReady(RecognitionHandler*, Byte*, Int32)

Error: (07/26/2014 10:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: player.exe, Version: 0.0.0.0, Zeitstempel: 0x53835717
Name des fehlerhaften Moduls: nvoglv32.DLL, Version: 9.18.13.2762, Zeitstempel: 0x526ed898
Ausnahmecode: 0xc0000005
Fehleroffset: 0x009bc805
ID des fehlerhaften Prozesses: 0xcc4
Startzeit der fehlerhaften Anwendung: 0xplayer.exe0
Pfad der fehlerhaften Anwendung: player.exe1
Pfad des fehlerhaften Moduls: player.exe2
Berichtskennung: player.exe3
Vollständiger Name des fehlerhaften Pakets: player.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: player.exe5

Error: (07/25/2014 00:17:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mmc.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e38

Startzeit: 01cfa7f1917668c9

Endzeit: 15

Anwendungspfad: C:\WINDOWS\system32\mmc.exe

Berichts-ID: e45f9f7a-13e4-11e4-be88-089e01f64a4d

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/18/2014 04:09:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Lenovo Photos.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1820

Startzeit: 01cfa291dbe01f43

Endzeit: 44

Anwendungspfad: C:\Program Files (x86)\Lenovo DE\Lenovo Photos\Lenovo Photos.exe

Berichts-ID: 23b7680a-0e85-11e4-be88-089e01f64a4d

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/21/2014 11:16:07 PM) (Source: MsiInstaller) (EventID: 11704) (User: MUFFINPC)
Description: Produkt: Microsoft SQL Server 2012 Native Client  -- Fehler 1704. Eine Installation von Microsoft Visual C++ 2012 Core Libraries ist im Augenblick angehalten. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?

Error: (06/20/2014 01:58:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (06/14/2014 05:42:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.5.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1894

Startzeit: 01cf87e732ececa0

Endzeit: 9

Anwendungspfad: C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe

Berichts-ID: 80e4b1bc-f3da-11e3-be81-089e01f64a4d

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/14/2014 04:56:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.5.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1574

Startzeit: 01cf87e05f94c319

Endzeit: 7

Anwendungspfad: C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe

Berichts-ID: 0475d11f-f3d4-11e3-be81-089e01f64a4d

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/14/2014 03:46:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.5.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1880

Startzeit: 01cf87d6df92c490

Endzeit: 8

Anwendungspfad: C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe

Berichts-ID: 39361336-f3ca-11e3-be81-089e01f64a4d

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (08/04/2014 11:50:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/04/2014 11:50:20 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/04/2014 09:55:50 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "MUFFINPC" auf Transport "NetBT_Tcpip_{7AD69BF0-6DCD-4B81-B4AF-55C469CD2A5E}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (08/04/2014 09:29:06 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Controller der Familie Realtek PCIe GBE, {3B3DBA9D-BEAC-410B-8CE7-D6FD20E0C6B8}" ist das Ereignis "74" aufgetreten.

Error: (08/04/2014 00:30:30 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Realtek PCIe GBE Family Controller, {7AD69BF0-6DCD-4B81-B4AF-55C469CD2A5E}" ist das Ereignis "74" aufgetreten.

Error: (07/30/2014 03:00:56 PM) (Source: DCOM) (EventID: 10010) (User: MUFFINPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/30/2014 03:00:26 PM) (Source: DCOM) (EventID: 10010) (User: MUFFINPC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/30/2014 02:20:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (07/30/2014 02:20:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (07/30/2014 02:19:42 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (07/27/2014 03:11:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MotionControl.exe0.0.0.051544e6dunknown0.0.0.000000000c000000505929829cd001cfa99b2d31bedfC:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exeunknown94eb0ce7-158f-11e4-be89-089e01f64a4d

Error: (07/27/2014 03:11:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MotionControl.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
  bei <Module>.AnimationManager.Step(AnimationManager*)
  bei <Module>.AnimationManager.SetAnimation(AnimationManager*, Int32)
  bei <Module>.BannerControl.HandleAction(Int32, tagFrame*)
  bei <Module>.RecognitionHandler.FrameReady(RecognitionHandler*, Byte*, Int32)

Error: (07/26/2014 10:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: player.exe0.0.0.053835717nvoglv32.DLL9.18.13.2762526ed898c0000005009bc805cc401cfa90d4c338097C:\Program Files\Genymobile\Genymotion\player.exeC:\WINDOWS\system32\nvoglv32.DLL40a0fde9-1506-11e4-be89-089e01f64a4d

Error: (07/25/2014 00:17:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mmc.exe6.3.9600.16384e3801cfa7f1917668c915C:\WINDOWS\system32\mmc.exee45f9f7a-13e4-11e4-be88-089e01f64a4d

Error: (07/18/2014 04:09:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Lenovo Photos.exe0.0.0.0182001cfa291dbe01f4344C:\Program Files (x86)\Lenovo DE\Lenovo Photos\Lenovo Photos.exe23b7680a-0e85-11e4-be88-089e01f64a4d

Error: (06/21/2014 11:16:07 PM) (Source: MsiInstaller) (EventID: 11704) (User: MUFFINPC)
Description: Produkt: Microsoft SQL Server 2012 Native Client  -- Fehler 1704. Eine Installation von Microsoft Visual C++ 2012 Core Libraries ist im Augenblick angehalten. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/20/2014 01:58:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (06/14/2014 05:42:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.5.13189401cf87e732ececa09C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe80e4b1bc-f3da-11e3-be81-089e01f64a4d

Error: (06/14/2014 04:56:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.5.13157401cf87e05f94c3197C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe0475d11f-f3d4-11e3-be81-089e01f64a4d

Error: (06/14/2014 03:46:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.5.13188001cf87d6df92c4908C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe39361336-f3ca-11e3-be81-089e01f64a4d


CodeIntegrity Errors:
===================================
  Date: 2014-08-04 09:55:24.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-29 23:15:47.838
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-29 17:50:00.760
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-29 14:48:33.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-28 00:12:52.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-27 14:00:56.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-27 13:54:47.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-26 22:50:57.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-26 22:08:02.082
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-26 22:07:39.823
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 7944.27 MB
Available physical RAM: 5881.05 MB
Total Pagefile: 9224.27 MB
Available Pagefile: 7065.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.39 GB) (Free:337.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 0D3B1278)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 07.08.2014 16:48
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

onomto 07.08.2014 18:43
Danke für die schnelle Antwort!

AdwCleaner.exe wurde nach dem Runterladen von Avast als Win32:Evo-gen[susp] eingestuft und in den Virus-Contaienr gepackt. Ein manuelles Überprüfen danach ergab 'kein Virus', Datei danach manuell zu den Ausnahmen hinzugefügt.

Beim Starten des AdwCleaners meldet Avast, dass das Object C:\Users\Name\AppData\Local\Temp\auto67FF.tmp des AdwCleaner-Prozesses in den Container verschoben wurde. Programm lief, hab den Suchlauf gestartet und danach auf 'Löschen' geklickt. Beim Ausführen des Löschens funktionierte Aut2Exe nicht mehr, Programm wurde geschlossen.

Soll ich die .tmp ebenfalls zu den Ausnahmen hinzufügen und den Schritte wiederholen oder mit erstmal weiter fortfahren?

Hier soweit erstmal der mbam log:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 07.08.2014
Suchlauf-Zeit: 19:09:31
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Bianca

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357227
Verstrichene Zeit: 11 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1792, Löschen bei Neustart, [84c5a75844365ed8201a83155fa29d63]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [84c5a75844365ed8201a83155fa29d63],
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, In Quarantäne, [410855aa9fdbb185bb96fbc86b9826da],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 4
PUP.Optional.ISearch.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK),Ersetzt,[57f2c13e3248fd3991e6e847fe0601ff]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}),Ersetzt,[95b40df2e496fe381e5b31feba4ad030]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK),Ersetzt,[074230cf84f6c07645320f20659f44bc]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK&q={searchTerms}),Ersetzt,[ea5f9b64b1c9c571a7d2e14e0bf9cc34]

Ordner: 1
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [cf7af10eaecc69cd1ac24b2bd0327987],

Dateien: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [84c5a75844365ed8201a83155fa29d63],
Rogue.Multiple, C:\ProgramData\374311380\BIT523E.tmp, In Quarantäne, [cf7af10eaecc69cd1ac24b2bd0327987],

Physische Sektoren: 0
(No malicious items detected)


(end)

schrauber 08.08.2014 16:18
Avast komplett abschalten, dann die andern beiden Programme machen :)

onomto 08.08.2014 17:25
Hab Avast abgeschaltet, AdwCleaner stürzte beim Löschen der Browser-Funde immer noch ab. Danach dann noch einmal als Administrator ausgeführt mit demselben Ergebnis: nicht abgefangene Windows-Exception.

Logfiles waren unter dem beschriebenen Pfad zu finden, sowohl AdwCleaner[Sx].txt als auch AdwCleaner[Rx].txt.
Hab nach den Löschversuchen einen Neustart gemacht und JRT und FRST laufen lassen.


AdwCleaner[S0]
Code:
# AdwCleaner v3.303 - Bericht erstellt am 07/08/2014 um 19:29:31
# Aktualisiert 06/08/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Bianca - MUFFINPC
# Gestartet von : C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\Users\Bianca\Documents\Optimizer Pro

***** [ Tasks ] *****

Task Gelöscht : Optimizer Pro Schedule

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\Software\supWPM

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK
AdwCleaner[S1]
Code:
# AdwCleaner v3.303 - Bericht erstellt am 08/08/2014 um 17:49:32
# Aktualisiert 06/08/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Bianca - MUFFINPC
# Gestartet von : C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK
AdwCleaner[S3]
Code:
# AdwCleaner v3.303 - Bericht erstellt am 08/08/2014 um 17:54:54
# Aktualisiert 06/08/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Bianca - MUFFINPC
# Gestartet von : C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK

JRT Log
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Bianca on 08.08.2014 at 17:58:47,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2014 at 18:06:55,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Bianca (administrator) on MUFFINPC on 08-08-2014 18:10:04
Running from C:\Users\Bianca\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Flux Software LLC) C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [677616 2013-03-01] (Synaptics)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-01] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\Run: [f.lux] => C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\MountPoints2: {54cff26c-f988-11e3-be84-089e01f64a4d} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bianca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-23]

Chrome:
=======
CHR StartupUrls: "hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK"
CHR Extension: (Google Docs) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-14]
CHR Extension: (Google Drive) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-14]
CHR Extension: (YouTube) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (Google-Suche) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-21] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [542912 2014-07-16] (Valve Corporation) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-28] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-17] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [86472 2013-04-25] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-01] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-24] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-08] ()
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 18:06 - 2014-08-08 18:06 - 00000615 _____ () C:\Users\Bianca\Desktop\JRT.txt
2014-08-08 17:58 - 2014-08-08 17:58 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-07 19:26 - 2014-08-08 17:54 - 00000000 ____D () C:\AdwCleaner
2014-08-07 19:25 - 2014-08-08 17:50 - 01475072 _____ () C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
2014-08-07 19:24 - 2014-08-07 19:24 - 00003591 _____ () C:\Users\Bianca\Desktop\mbam.txt
2014-08-07 19:22 - 2014-08-08 17:57 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-07 19:09 - 2014-08-07 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-07 19:08 - 2014-08-07 19:08 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-07 19:08 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-07 19:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-07 18:58 - 2014-08-07 18:56 - 01016261 _____ (Thisisu) C:\Users\Bianca\Desktop\JRT.exe
2014-08-07 18:58 - 2014-08-07 18:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bianca\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-04 12:06 - 2014-08-04 12:06 - 00595631 _____ () C:\Users\Bianca\Desktop\Gmer.txt
2014-08-04 12:00 - 2014-08-04 12:01 - 00065357 _____ () C:\Users\Bianca\Desktop\Addition.txt
2014-08-04 11:59 - 2014-08-08 18:10 - 00019546 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-04 11:59 - 2014-08-08 18:10 - 00000000 ____D () C:\FRST
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 11:43 - 2014-08-07 16:28 - 194609936 _____ () C:\Users\Bianca\Desktop\aswAr1_fund.log
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:43 - 2014-07-26 14:47 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:37 - 2014-07-26 14:38 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:29 - 2014-07-26 14:33 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-14 00:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:21 - 2014-07-14 00:25 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:10 - 2014-07-14 00:11 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:14 - 2014-07-13 23:17 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 23:08 - 2014-07-14 00:12 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 21:09 - 2014-07-28 21:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet
2014-07-10 21:43 - 2014-07-10 21:43 - 00004520 _____ () C:\Users\Bianca\AppData\Roaming\CamStudio.cfg
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamShapes.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamLayout.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000046 _____ () C:\Users\Bianca\AppData\Roaming\Camdata.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-07-10 15:52 - 2014-07-10 15:52 - 08351107 _____ () C:\Users\Bianca\Downloads\OBS_0_625b_Installer.exe
2014-07-10 15:25 - 2014-07-10 15:25 - 06151027 _____ () C:\Users\Bianca\Downloads\2014-07-03_1425.swf
2014-07-09 11:10 - 2014-07-09 11:15 - 403019560 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectDeveloperToolkit-v1.8.0-Setup.exe
2014-07-09 11:09 - 2014-07-09 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinect for Windows SDK v1.8
2014-07-09 11:09 - 2014-07-09 11:09 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-07-09 11:04 - 2014-07-09 11:07 - 233216824 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectSDK-v1.8-Setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 03099532 _____ (CamStudio Open Source ) C:\Users\Bianca\Downloads\CamStudio_2.7_r316_setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\Program Files (x86)\CamStudio 2.7

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 18:10 - 2014-08-04 11:59 - 00019546 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-08 18:10 - 2014-08-04 11:59 - 00000000 ____D () C:\FRST
2014-08-08 18:08 - 2014-05-14 21:20 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1177300449-2652255412-3501273659-1002
2014-08-08 18:06 - 2014-08-08 18:06 - 00000615 _____ () C:\Users\Bianca\Desktop\JRT.txt
2014-08-08 18:03 - 2014-05-23 19:02 - 00760376 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-08-08 18:03 - 2014-05-23 19:02 - 00169120 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-08-08 18:03 - 2014-03-18 12:03 - 02820872 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-08 18:03 - 2014-03-18 11:25 - 00808234 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-08 18:03 - 2014-03-18 11:25 - 00177208 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-08 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-08 17:58 - 2014-08-08 17:58 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-08 17:58 - 2014-05-23 23:30 - 01082556 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-08 17:57 - 2014-08-07 19:22 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-08 17:57 - 2014-06-23 15:50 - 00000000 ____D () C:\Users\Bianca\AppData\Local\HTC MediaHub
2014-08-08 17:57 - 2014-05-14 02:22 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-08 17:57 - 2014-03-18 03:50 - 00009146 _____ () C:\WINDOWS\PFRO.log
2014-08-08 17:57 - 2013-10-28 07:48 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-08-08 17:57 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-08 17:56 - 2013-10-28 08:00 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-08-08 17:54 - 2014-08-07 19:26 - 00000000 ____D () C:\AdwCleaner
2014-08-08 17:50 - 2014-08-07 19:25 - 01475072 _____ () C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
2014-08-08 00:33 - 2014-05-14 02:22 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-07 19:24 - 2014-08-07 19:24 - 00003591 _____ () C:\Users\Bianca\Desktop\mbam.txt
2014-08-07 19:23 - 2014-08-07 19:09 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-07 19:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\security
2014-08-07 19:21 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-07 19:08 - 2014-08-07 19:08 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-07 18:56 - 2014-08-07 18:58 - 01016261 _____ (Thisisu) C:\Users\Bianca\Desktop\JRT.exe
2014-08-07 18:55 - 2014-08-07 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bianca\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-07 16:28 - 2014-08-04 11:43 - 194609936 _____ () C:\Users\Bianca\Desktop\aswAr1_fund.log
2014-08-06 13:31 - 2013-08-22 16:46 - 00345819 _____ () C:\WINDOWS\setupact.log
2014-08-04 12:06 - 2014-08-04 12:06 - 00595631 _____ () C:\Users\Bianca\Desktop\Gmer.txt
2014-08-04 12:01 - 2014-08-04 12:00 - 00065357 _____ () C:\Users\Bianca\Desktop\Addition.txt
2014-08-04 11:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:58 - 2014-05-23 23:38 - 00000000 ____D () C:\Users\Bianca
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 09:55 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\.VirtualBox
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-30 00:11 - 2014-06-12 20:13 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Skype
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-28 21:20 - 2014-07-13 21:09 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-28 00:19 - 2014-05-30 10:28 - 00000000 ____D () C:\Users\Bianca\Studium
2014-07-27 19:58 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-07-27 14:48 - 2014-07-27 14:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:47 - 2014-05-14 02:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 22:48 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Genymobile
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:51 - 2014-05-28 12:21 - 00000000 ____D () C:\Program Files (x86)\Android
2014-07-26 14:47 - 2014-07-26 14:43 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:38 - 2014-07-26 14:37 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:33 - 2014-07-26 14:29 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-25 23:22 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-22 12:08 - 2014-07-01 23:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 23:31 - 2014-06-15 15:58 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Battle.net
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-19 23:44 - 2014-06-15 15:57 - 00000000 ____D () C:\Spiele
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:49 - 2014-05-23 21:40 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-17 13:48 - 2014-05-23 21:40 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-17 13:48 - 2014-05-23 21:40 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-14 00:40 - 2014-05-25 01:21 - 00027560 _____ () C:\WINDOWS\DirectX.log
2014-07-14 00:38 - 2014-05-24 01:22 - 00001465 _____ () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:25 - 2014-07-14 00:21 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:12 - 2014-07-13 23:08 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:11 - 2014-07-14 00:10 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:17 - 2014-07-13 23:14 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet
2014-07-11 15:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-11 11:02 - 2014-06-20 16:58 - 00000000 ____D () C:\Users\Bianca\Documents\Visual Studio 2013
2014-07-11 00:04 - 2014-06-11 15:42 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\.purple
2014-07-10 21:43 - 2014-07-10 21:43 - 00004520 _____ () C:\Users\Bianca\AppData\Roaming\CamStudio.cfg
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamShapes.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000408 _____ () C:\Users\Bianca\AppData\Roaming\CamLayout.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000046 _____ () C:\Users\Bianca\AppData\Roaming\Camdata.ini
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files\OBS
2014-07-10 21:43 - 2014-07-10 21:43 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-07-10 15:52 - 2014-07-10 15:52 - 08351107 _____ () C:\Users\Bianca\Downloads\OBS_0_625b_Installer.exe
2014-07-10 15:25 - 2014-07-10 15:25 - 06151027 _____ () C:\Users\Bianca\Downloads\2014-07-03_1425.swf
2014-07-09 11:16 - 2014-07-09 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinect for Windows SDK v1.8
2014-07-09 11:16 - 2013-10-28 07:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-09 11:15 - 2014-07-09 11:10 - 403019560 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectDeveloperToolkit-v1.8.0-Setup.exe
2014-07-09 11:09 - 2014-07-09 11:09 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-07-09 11:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-09 11:07 - 2014-07-09 11:04 - 233216824 _____ (Microsoft Corporation) C:\Users\Bianca\Downloads\KinectSDK-v1.8-Setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 03099532 _____ (CamStudio Open Source ) C:\Users\Bianca\Downloads\CamStudio_2.7_r316_setup.exe
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2014-07-09 10:42 - 2014-07-09 10:42 - 00000000 ____D () C:\Program Files (x86)\CamStudio 2.7

Some content of TEMP:
====================
C:\Users\Bianca\AppData\Local\Temp\jna4019666720585412627.dll
C:\Users\Bianca\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Bianca\AppData\Local\Temp\Quarantine.exe
C:\Users\Bianca\AppData\Local\Temp\restarter2786303555516675398.exe
C:\Users\Bianca\AppData\Local\Temp\smt_omiga-plus_new.exe
C:\Users\Bianca\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-06 15:50

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 09.08.2014 14:25

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

onomto 10.08.2014 16:02
ESET hat eine Bedrohung gefunden:
Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4131756fcb3b154c97d67ccce0cb2815
# engine=19578
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-09 07:13:39
# local_time=2014-08-09 09:13:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 465955 6737606 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6739534 8711617 0 0
# scanned=466374
# found=1
# cleaned=0
# scan_time=10437
sh=966E0358B7467C80E85C5324AE1C5361A60B6B03 ft=1 fh=6436d633558e165d vn="Variante von Win32/ELEX.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Bianca\AppData\Local\Temp\smt_omiga-plus_new.exe"

SecurityCheack lief leider nicht, hier der Log:
Code:
UNSUPPORTED OPERATING SYSTEM! ABORTED!

Und hier ein frische FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014 (ATTENTION: ====> FRST version is 8 days old and could be outdated)
Ran by Bianca (administrator) on MUFFINPC on 10-08-2014 16:54:57
Running from C:\Users\Bianca\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Flux Software LLC) C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [677616 2013-03-01] (Synaptics)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-01] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\Run: [f.lux] => C:\Users\Bianca\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1177300449-2652255412-3501273659-1002\...\MountPoints2: {54cff26c-f988-11e3-be84-089e01f64a4d} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {1584FFDF-3EF6-4D2F-AAF3-70EDE2C0569D} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bianca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-23]

Chrome:
=======
CHR StartupUrls: "hxxp://isearch.omiga-plus.com/?type=hp&ts=1405289778&from=smt&uid=ST500LX005-1CW162_W370KRDKXXXXW370KRDK"
CHR Extension: (Google Docs) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-14]
CHR Extension: (Google Drive) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-14]
CHR Extension: (YouTube) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (Google-Suche) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-21] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [542912 2014-07-16] (Valve Corporation) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-28] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-17] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [86472 2013-04-25] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-01] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-24] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-08] ()
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-09 18:15 - 2014-08-09 18:10 - 02347384 _____ (ESET) C:\Users\Bianca\Desktop\esetsmartinstaller_deu.exe
2014-08-09 18:15 - 2014-08-09 18:10 - 00854410 _____ () C:\Users\Bianca\Desktop\SecurityCheck.exe
2014-08-08 18:15 - 2014-08-08 17:55 - 00000771 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S2].txt
2014-08-08 18:15 - 2014-08-08 17:49 - 00000771 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S1].txt
2014-08-08 18:15 - 2014-08-07 19:29 - 00001873 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S0].txt
2014-08-08 18:06 - 2014-08-08 18:06 - 00000615 _____ () C:\Users\Bianca\Desktop\JRT.txt
2014-08-08 17:58 - 2014-08-08 17:58 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-07 19:26 - 2014-08-08 17:54 - 00000000 ____D () C:\AdwCleaner
2014-08-07 19:25 - 2014-08-08 17:50 - 01475072 _____ () C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
2014-08-07 19:24 - 2014-08-07 19:24 - 00003591 _____ () C:\Users\Bianca\Desktop\mbam.txt
2014-08-07 19:22 - 2014-08-08 17:57 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-07 19:09 - 2014-08-07 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-07 19:08 - 2014-08-07 19:08 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-07 19:08 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-07 19:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-07 18:58 - 2014-08-07 18:56 - 01016261 _____ (Thisisu) C:\Users\Bianca\Desktop\JRT.exe
2014-08-07 18:58 - 2014-08-07 18:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bianca\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-04 12:06 - 2014-08-04 12:06 - 00595631 _____ () C:\Users\Bianca\Desktop\Gmer.txt
2014-08-04 12:00 - 2014-08-04 12:01 - 00065357 _____ () C:\Users\Bianca\Desktop\Addition.txt
2014-08-04 11:59 - 2014-08-10 16:54 - 00019681 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-04 11:59 - 2014-08-10 16:54 - 00000000 ____D () C:\FRST
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 11:43 - 2014-08-07 16:28 - 194609936 _____ () C:\Users\Bianca\Desktop\aswAr1_fund.log
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:43 - 2014-07-26 14:47 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:37 - 2014-07-26 14:38 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:29 - 2014-07-26 14:33 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-14 00:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-14 00:40 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:21 - 2014-07-14 00:25 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:10 - 2014-07-14 00:11 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:14 - 2014-07-13 23:17 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 23:08 - 2014-07-14 00:12 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 21:09 - 2014-07-28 21:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 16:55 - 2014-08-04 11:59 - 00019681 _____ () C:\Users\Bianca\Desktop\FRST.txt
2014-08-10 16:54 - 2014-08-04 11:59 - 00000000 ____D () C:\FRST
2014-08-10 16:32 - 2014-05-14 02:22 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 14:24 - 2014-05-23 23:30 - 01392585 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-09 21:37 - 2014-05-14 21:20 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1177300449-2652255412-3501273659-1002
2014-08-09 21:32 - 2014-05-14 02:22 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-09 18:15 - 2014-05-23 19:02 - 00760376 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-08-09 18:15 - 2014-05-23 19:02 - 00169120 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-08-09 18:15 - 2014-03-18 12:03 - 02820872 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-09 18:15 - 2014-03-18 11:25 - 00808234 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-09 18:15 - 2014-03-18 11:25 - 00177208 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-09 18:10 - 2014-08-09 18:15 - 02347384 _____ (ESET) C:\Users\Bianca\Desktop\esetsmartinstaller_deu.exe
2014-08-09 18:10 - 2014-08-09 18:15 - 00854410 _____ () C:\Users\Bianca\Desktop\SecurityCheck.exe
2014-08-08 18:06 - 2014-08-08 18:06 - 00000615 _____ () C:\Users\Bianca\Desktop\JRT.txt
2014-08-08 17:58 - 2014-08-08 17:58 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-08 17:57 - 2014-08-07 19:22 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-08-08 17:57 - 2014-06-23 15:50 - 00000000 ____D () C:\Users\Bianca\AppData\Local\HTC MediaHub
2014-08-08 17:57 - 2014-03-18 03:50 - 00009146 _____ () C:\WINDOWS\PFRO.log
2014-08-08 17:57 - 2013-10-28 07:48 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-08-08 17:57 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-08 17:56 - 2013-10-28 08:00 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-08-08 17:55 - 2014-08-08 18:15 - 00000771 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S2].txt
2014-08-08 17:54 - 2014-08-07 19:26 - 00000000 ____D () C:\AdwCleaner
2014-08-08 17:50 - 2014-08-07 19:25 - 01475072 _____ () C:\Users\Bianca\Desktop\adwcleaner_3.303.exe
2014-08-08 17:49 - 2014-08-08 18:15 - 00000771 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S1].txt
2014-08-07 19:29 - 2014-08-08 18:15 - 00001873 _____ () C:\Users\Bianca\Desktop\AdwCleaner[S0].txt
2014-08-07 19:24 - 2014-08-07 19:24 - 00003591 _____ () C:\Users\Bianca\Desktop\mbam.txt
2014-08-07 19:23 - 2014-08-07 19:09 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-07 19:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\security
2014-08-07 19:21 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-07 19:08 - 2014-08-07 19:08 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 19:08 - 2014-08-07 19:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-07 18:56 - 2014-08-07 18:58 - 01016261 _____ (Thisisu) C:\Users\Bianca\Desktop\JRT.exe
2014-08-07 18:55 - 2014-08-07 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bianca\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-07 16:28 - 2014-08-04 11:43 - 194609936 _____ () C:\Users\Bianca\Desktop\aswAr1_fund.log
2014-08-06 13:31 - 2013-08-22 16:46 - 00345819 _____ () C:\WINDOWS\setupact.log
2014-08-04 12:06 - 2014-08-04 12:06 - 00595631 _____ () C:\Users\Bianca\Desktop\Gmer.txt
2014-08-04 12:01 - 2014-08-04 12:00 - 00065357 _____ () C:\Users\Bianca\Desktop\Addition.txt
2014-08-04 11:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 11:58 - 2014-08-04 11:58 - 00000474 _____ () C:\Users\Bianca\Desktop\defogger_disable.log
2014-08-04 11:58 - 2014-08-04 11:58 - 00000000 _____ () C:\Users\Bianca\defogger_reenable
2014-08-04 11:58 - 2014-05-23 23:38 - 00000000 ____D () C:\Users\Bianca
2014-08-04 11:57 - 2014-08-04 11:57 - 02094080 _____ (Farbar) C:\Users\Bianca\Desktop\FRST64.exe
2014-08-04 11:57 - 2014-08-04 11:57 - 00380416 _____ () C:\Users\Bianca\Desktop\35tqr5m3.exe
2014-08-04 11:56 - 2014-08-04 11:56 - 00050477 _____ () C:\Users\Bianca\Desktop\Defogger.exe
2014-08-04 09:55 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\.VirtualBox
2014-08-04 09:52 - 2014-08-04 09:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bianca\Downloads\spybot-2.4.exe
2014-08-04 09:45 - 2014-08-04 09:45 - 04387639 _____ () C:\Users\Bianca\Downloads\TierparkRallye.zip
2014-08-03 15:01 - 2014-08-03 15:01 - 00000015 _____ () C:\Users\Bianca\Desktop\txt.txt
2014-07-30 00:11 - 2014-06-12 20:13 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Skype
2014-07-28 23:37 - 2014-07-28 23:37 - 00597304 _____ () C:\Users\Bianca\Downloads\flux-setup.exe
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-28 23:37 - 2014-07-28 23:37 - 00000000 ____D () C:\Users\Bianca\AppData\Local\FluxSoftware
2014-07-28 21:20 - 2014-07-13 21:09 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\vlc
2014-07-28 00:19 - 2014-05-30 10:28 - 00000000 ____D () C:\Users\Bianca\Studium
2014-07-27 19:58 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-07-27 14:48 - 2014-07-27 14:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 14:47 - 2014-07-27 14:47 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Adobe
2014-07-27 14:47 - 2014-05-14 02:20 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Adobe
2014-07-27 14:44 - 2014-07-27 14:44 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-27 14:43 - 2014-07-27 14:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 23:05 - 2014-07-26 23:05 - 05771577 _____ () C:\Users\Bianca\Downloads\app-release-unaligned.apk
2014-07-26 23:00 - 2014-07-26 23:00 - 05771577 _____ () C:\Users\Bianca\Downloads\tierparkapp2.apk
2014-07-26 22:48 - 2014-06-23 16:43 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Genymobile
2014-07-26 16:52 - 2014-07-26 16:52 - 00002257 _____ () C:\Users\Bianca\tierparkApp.keystore
2014-07-26 14:53 - 2014-07-26 14:53 - 00000000 ____D () C:\Users\Bianca\.AndroidStudioBeta
2014-07-26 14:51 - 2014-07-26 14:51 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Android
2014-07-26 14:51 - 2014-05-28 12:21 - 00000000 ____D () C:\Program Files (x86)\Android
2014-07-26 14:47 - 2014-07-26 14:43 - 380000036 _____ (Google Inc.) C:\Users\Bianca\Downloads\android-studio-bundle-135.1245622-windows.exe
2014-07-26 14:38 - 2014-07-26 14:37 - 00000000 ____D () C:\Users\Bianca\Downloads\AppMap
2014-07-26 14:33 - 2014-07-26 14:29 - 00000000 ____D () C:\Users\Bianca\Downloads\androidstudio
2014-07-25 23:22 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-22 12:08 - 2014-07-01 23:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 23:31 - 2014-06-15 15:58 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Battle.net
2014-07-19 23:53 - 2014-07-19 23:53 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Blizzard
2014-07-19 23:44 - 2014-07-19 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-19 23:44 - 2014-06-15 15:57 - 00000000 ____D () C:\Spiele
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\tmp
2014-07-18 16:09 - 2014-07-18 16:09 - 00000000 ____D () C:\ProgramData\hps
2014-07-17 13:49 - 2014-05-23 21:40 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-17 13:48 - 2014-07-17 13:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-17 13:48 - 2014-05-23 21:40 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-17 13:48 - 2014-05-23 21:40 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-17 13:48 - 2014-05-23 21:40 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-14 00:40 - 2014-05-25 01:21 - 00027560 _____ () C:\WINDOWS\DirectX.log
2014-07-14 00:38 - 2014-05-24 01:22 - 00001465 _____ () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-14 00:37 - 2014-07-14 00:37 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{2B382DF3-BB2A-4B2F-A36D-99235FA394F3}
2014-07-14 00:36 - 2014-07-14 00:36 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-14 00:25 - 2014-07-14 00:21 - 00000081 _____ () C:\Users\Bianca\Documents\iwanController.cp
2014-07-14 00:12 - 2014-07-13 23:08 - 00000000 ____D () C:\Users\Bianca\Spiele
2014-07-14 00:11 - 2014-07-14 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-14 00:11 - 2014-07-14 00:10 - 04489075 _____ ( ) C:\Users\Bianca\Downloads\setup Project64 2.1.exe
2014-07-13 23:17 - 2014-07-13 23:14 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nidhogg
2014-07-13 23:14 - 2014-07-13 23:14 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2014-07-13 23:14 - 2014-07-13 23:14 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 21:17 - 2014-07-13 21:17 - 00000000 ____D () C:\Users\Bianca\AppData\Local\Unity
2014-07-13 21:16 - 2014-07-13 21:16 - 01080480 _____ (Unity Technologies ApS) C:\Users\Bianca\Downloads\UnityWebPlayer.exe
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-13 20:46 - 2014-07-13 20:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-13 20:45 - 2014-07-13 20:45 - 24677393 _____ () C:\Users\Bianca\Downloads\vlc-2.1.3-win32.exe
2014-07-13 17:34 - 2014-07-13 17:34 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\Nitro
2014-07-13 16:54 - 2014-07-13 16:54 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\NVIDIA
2014-07-11 17:13 - 2014-07-11 17:13 - 00000000 ____D () C:\Users\Bianca\AppData\Local\NuGet
2014-07-11 15:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-11 11:02 - 2014-06-20 16:58 - 00000000 ____D () C:\Users\Bianca\Documents\Visual Studio 2013
2014-07-11 00:04 - 2014-06-11 15:42 - 00000000 ____D () C:\Users\Bianca\AppData\Roaming\.purple

Some content of TEMP:
====================
C:\Users\Bianca\AppData\Local\Temp\jna4019666720585412627.dll
C:\Users\Bianca\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Bianca\AppData\Local\Temp\Quarantine.exe
C:\Users\Bianca\AppData\Local\Temp\restarter2786303555516675398.exe
C:\Users\Bianca\AppData\Local\Temp\smt_omiga-plus_new.exe
C:\Users\Bianca\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-06 15:50

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 10.08.2014 18:58
Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

onomto 11.08.2014 15:47
Hi,

alles erledigt und keine Fragen mehr. :)

Ganz großes Dankeschön! :dankeschoen:

schrauber 11.08.2014 21:17
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131