Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten...

StefanoD · 06.01.2014, 19:28

Wie schon gesagt, Internet Explorer öffnet sich nach dem start und die Lautstärke geht auch andauernd runter
Nach ner weile schlisst sich das Zeug auch und die Lautstärke geht wieder nach oben.
Beim Internet Explorer kommt da keine Werbung und so es wird nur als Prozess bezeichnet überlastet mein Laptop und nervt einfach :/
Und ja sonst die Lautstärke geht andauernd runter und wenn das nicht mehr da herum spielt kann ich es selber "steuern"...

Ich hab mir was falsches heruntergeladen, da stimm ich zu :/
Ich hab in Google nachgeschaut aber wenn sie mir etwas zum herunterladen anbieten dann lass ich es lieber (ich will es nicht das es noch schlimmer kommt ;/).

Ich habe nur so zu sagen Windows 8 64-Bit und ein Avira Free Antivirus.

Ich habe schon etwas deinstalliert kann aber euch nicht sagen was das genau war
Beim Autostart hatte ich eine Datei mit dem Namen "DeleteMe1.exe" die hab ich auch gelöscht...
Und nun scheint es immer noch weiter zu machen...

Ich Hoffe ihr könnt mir helfen...
(Schreibfehler behalten)

aharonov · 06.01.2014, 21:35

Hi,

Zitat:

Ich hab mir was falsches heruntergeladen, da stimm ich zu :/

Was genau?

Mach bitte einen FRST-Scan:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

StefanoD · 06.01.2014, 21:39

Zitat:

Zitat von aharonov

Hi,

Was genau?

Mach bitte einen FRST-Scan:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Ich wollte mir eine Sims 3 Map holen...
Ich mache jetzt den Scan und sage danach bescheid

aharonov · 06.01.2014, 21:40

Hast du diesen Download noch?

StefanoD · 06.01.2014, 21:45

Zitat:

Zitat von aharonov

Hast du diesen Download noch?

Nein denn hab ich nicht aber ich kann schnell denn suchen.
Soll ich es suchen ?

Zitat:

Zitat von aharonov

Hi,

Was genau?

Mach bitte einen FRST-Scan:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Stefano (administrator) on ******* on 06-01-2014 21:40:31
Running from C:\Users\Stefano\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-01-26] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [216448 2013-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] - C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKCU\...\Run: [Win8StartScreen] - C:\Program Files (x86)\Windows 8 Start Screen Customizer\ModernUIStartScreen.exe [3461632 2012-12-06] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [taskhost] - C:\ProgramData\taskhost\taskhost.exe [414720 2012-04-07] (Miorcsoft Corporation)
HKCU\...\Run: [svchost] - C:\Users\Public\Documents\svchost\svchost.exe [414720 2013-05-06] (Miorcsoft Corporation)
HKCU\...\Run: [wncmanager] - C:\Users\Stefano\AppData\Roaming\wncmanager\wncmanager.exe [414720 2010-04-08] (Miorcsoft Corporation)
HKCU\...\Run: [sppsvcsw] - C:\Users\Stefano\AppData\Roaming\Microsoft\sppsvcsw.exe [414720 2013-12-31] (Miorcsoft Corporation)
HKCU\...\Run: [GeZfSnGo] - C:\Users\Stefano\AppData\Roaming\GeZfSnGo\GeZfSnGo.exe [414720 2011-03-12] (Miorcsoft Corporation)
HKCU\...\Run: [290445034086] - C:\Users\Stefano\AppData\Local\Temp\290445034086\290445034086.exe [414720 2014-01-01] (Miorcsoft Corporation) <===== ATTENTION
MountPoints2: {331bfdd1-f9e1-11e2-be7c-f4b7e2a360ce} - "H:\SETUP.EXE" 
MountPoints2: {75b600ed-c932-11e2-be71-f4b7e2a360ce} - "E:\SETUP.EXE" 
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-10-16] (NVIDIA Corporation)
Startup: C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=44444&tt=gc_&babsrc=HP_ss_din2g&mntrId=F66DF4B7E2A360CE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=44444&tt=gc_&babsrc=HP_ss&mntrId=F66DF4B7E2A360CE
SearchScopes: HKLM - DefaultScope {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = 
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.230.55.96 212.98.37.130

Chrome: 
=======
CHR HomePage: hxxp://google.ch/
CHR RestoreOnStartup: "hxxp://google.ch/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance\1.2_0
CHR Extension: (Google Docs) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0
CHR Extension: (YouTube) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1312.1.2_0
CHR Extension: (AdBlock) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Self-stick notes) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdihnnnfbdeinkamogggghnmcfaebca\1.5.0.0_0
CHR Extension: (Fast Note) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehbplmdjbmcbbdlghcphdhfakcgaiaj\1.2.0_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Google Wallet) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-04] (Futuremark)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-04] ()
S2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-01-26] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-29] (Disc Soft Ltd)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-26] (Dritek System Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-03] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 ajr6hgcu; C:\Windows\System32\Drivers\ajr6hgcu.sys [0 ] (Broadcom Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]
S1 lokguzeo; \??\C:\Windows\system32\drivers\lokguzeo.sys [x]
S1 xtniuzzl; \??\C:\Windows\system32\drivers\xtniuzzl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 21:40 - 2014-01-06 21:40 - 00018518 _____ C:\Users\Stefano\Downloads\FRST.txt
2014-01-06 21:38 - 2014-01-06 21:38 - 00000000 ____D C:\FRST
2014-01-06 19:44 - 2014-01-06 19:44 - 01931762 _____ (Farbar) C:\Users\Stefano\Downloads\FRST64.exe
2014-01-03 20:27 - 2014-01-03 20:27 - 00005278 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands2.lnk
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-03 11:33 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-03 11:33 - 2014-01-03 11:33 - 00000000 __RHD C:\MSOCache
2014-01-03 11:09 - 2014-01-03 11:20 - 361279488 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Word x64 64bit.iso
2014-01-03 10:50 - 2014-01-03 11:00 - 341735424 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Excel x64 64bit.iso
2014-01-02 22:35 - 2013-05-06 18:54 - 00000000 ___HD C:\Users\Public\Documents\svchost
2014-01-02 22:35 - 2012-04-07 18:54 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-02 22:35 - 2012-04-07 18:54 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-02 22:35 - 2011-03-12 18:54 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-02 14:21 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 14:21 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-02 14:21 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-02 14:21 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-02 14:21 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-02 14:21 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-02 14:21 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-02 14:21 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-02 14:21 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-02 14:21 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-02 14:20 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-02 14:20 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-02 14:20 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-02 14:20 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-02 14:20 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-02 14:20 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-01-02 14:20 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-02 14:20 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-02 14:20 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-02 14:20 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-01-02 14:20 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-02 14:20 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-01-02 14:20 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-01-02 14:20 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-01-02 14:20 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-01-02 14:20 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-01-02 14:20 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2014-01-02 14:20 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-01-02 14:20 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-02 14:20 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-01-02 14:20 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-02 14:20 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-01-02 14:20 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-01-02 14:20 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-01-02 14:20 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-01-02 14:12 - 2014-01-02 14:12 - 00001524 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TW.lnk
2014-01-02 13:43 - 2014-01-02 13:43 - 00001632 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GodMode.lnk
2014-01-02 13:35 - 2014-01-02 13:35 - 00001607 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\left4dead2.lnk
2014-01-01 19:44 - 2014-01-01 19:44 - 00000000 ____D C:\Users\Stefano\Documents\Zen Studios
2014-01-01 13:55 - 2014-01-01 13:55 - 00302218 _____ C:\Users\Stefano\Downloads\edmDistrict Community Connect Channel Icon Template.psd
2013-12-29 21:56 - 2013-12-29 21:56 - 00000000 ____D C:\Users\Stefano\Desktop\Torchlight 2 BackUP
2013-12-29 21:34 - 2013-12-29 22:33 - 141975397 _____ C:\Users\Stefano\Downloads\Torchlight 2 v1.16.5.3.rar
2013-12-29 21:13 - 2013-12-29 21:22 - 19837968 _____ C:\Users\Stefano\Downloads\Torchlight-II_patch_1.25.5.2_nosTEAM.exe
2013-12-26 15:10 - 2014-01-01 11:20 - 00000000 ____D C:\Users\Stefano\AppData\Local\Game Dev Tycoon - Steam
2013-12-26 15:05 - 2014-01-03 20:23 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-24 23:58 - 2013-12-24 23:58 - 00000132 _____ C:\Users\Stefano\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Users\Stefano\Documents\AutomaticSolution Software
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Program Files (x86)\AutoClickerbyShocker
2013-12-22 17:15 - 2013-12-22 17:15 - 00923784 _____ (CNET Download.com) C:\Users\Stefano\Downloads\cbsidlm-cbsi145-Auto_Clicker_by_Shocker-ORG-75742161.exe
2013-12-22 17:11 - 2013-12-22 17:15 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-12-22 17:10 - 2013-12-22 17:10 - 00910736 _____ (ghost-mouse.com                                             ) C:\Users\Stefano\Downloads\GhostMouse321-Setup.exe
2013-12-18 20:39 - 2013-12-18 20:39 - 00022876 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerProgression_V122.zip
2013-12-18 20:36 - 2013-12-18 20:36 - 00037239 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerIntegration_V124.zip
2013-12-18 20:31 - 2013-12-18 20:32 - 00764078 _____ C:\Users\Stefano\Downloads\NRaas_MasterController_V127.zip
2013-12-18 18:13 - 2013-12-27 20:33 - 00000000 ____D C:\Users\Stefano\Downloads\Foto
2013-12-15 00:04 - 2013-12-23 15:05 - 00000000 ____D C:\Users\Stefano\Desktop\Sims 3 Backup
2013-12-14 20:43 - 2013-12-14 20:43 - 00001529 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TS3W.lnk
2013-12-14 20:40 - 2013-12-14 20:40 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2013-12-14 20:39 - 2013-12-14 20:39 - 02766848 _____ (Crystal Dew World                                           ) C:\Users\Stefano\Downloads\CrystalDiskInfo6_0_4-en.exe
2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-14 20:30 - 2013-12-14 20:31 - 00301272 _____ C:\Windows\Minidump\121413-51328-01.dmp
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-08 16:22 - 2013-12-14 15:40 - 3554922713 ____R C:\Users\Stefano\Downloads\The Sims 3 - Into the Future.rar
2013-12-08 13:06 - 2013-12-08 13:53 - 1691505085 ____R C:\Users\Stefano\Downloads\The Sims 3 - Movie Stuff.rar
2013-12-08 11:41 - 2013-12-08 13:04 - 2965211817 ____R C:\Users\Stefano\Downloads\The Sims 3 - Island Paradise.rar
2013-12-07 22:14 - 2013-12-07 22:14 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3914f499815.job

==================== One Month Modified Files and Folders =======

2014-01-06 21:40 - 2014-01-06 21:40 - 00018518 _____ C:\Users\Stefano\Downloads\FRST.txt
2014-01-06 21:38 - 2014-01-06 21:38 - 00000000 ____D C:\FRST
2014-01-06 21:35 - 2013-05-26 22:03 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Skype
2014-01-06 21:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-06 20:32 - 2013-05-27 07:34 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-06 20:09 - 2013-05-27 08:20 - 00000000 ___RD C:\Users\Stefano\Desktop\Stefano
2014-01-06 20:07 - 2013-07-27 12:30 - 00000000 ____D C:\Users\Stefano\Desktop\Cra FL
2014-01-06 19:44 - 2014-01-06 19:44 - 01931762 _____ (Farbar) C:\Users\Stefano\Downloads\FRST64.exe
2014-01-05 11:17 - 2013-05-25 10:41 - 00000000 ____D C:\Users\Stefano
2014-01-05 11:06 - 2013-07-27 20:06 - 00000000 ____D C:\Users\Stefano\AppData\Local\Sony
2014-01-05 11:06 - 2013-07-27 20:06 - 00000000 ____D C:\ProgramData\Sony
2014-01-04 14:41 - 2013-05-26 17:31 - 00000000 ____D C:\Users\Stefano\AppData\Local\Deployment
2014-01-04 14:30 - 2013-07-24 19:13 - 00000000 ____D C:\Windows\system32\MRT
2014-01-04 14:29 - 2013-01-26 18:34 - 00753134 _____ C:\Windows\system32\perfh007.dat
2014-01-04 14:29 - 2013-01-26 18:34 - 00155826 _____ C:\Windows\system32\perfc007.dat
2014-01-04 14:29 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 14:20 - 2012-12-14 02:33 - 00154742 _____ C:\Windows\PFRO.log
2014-01-04 14:19 - 2012-07-26 06:26 - 00786432 ___SH C:\Windows\system32\config\BBI
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2014-01-04 14:17 - 2013-05-25 10:39 - 01545914 _____ C:\Windows\WindowsUpdate.log
2014-01-04 14:15 - 2013-05-28 10:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-04 14:03 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2014-01-03 20:27 - 2014-01-03 20:27 - 00005278 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands2.lnk
2014-01-03 20:23 - 2013-12-26 15:05 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-03 18:53 - 2013-05-27 10:40 - 00000000 ____D C:\Users\Stefano\Documents\My Games
2014-01-03 17:12 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 16:28 - 2013-06-02 12:38 - 00000000 ____D C:\Users\Stefano\AppData\Local\CrashDumps
2014-01-03 14:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-03 11:54 - 2013-05-27 07:50 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\uTorrent
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-03 11:45 - 2012-07-26 08:52 - 00000000 ____D C:\Windows\ShellNew
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-03 11:36 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-03 11:35 - 2014-01-03 11:33 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-03 11:33 - 2014-01-03 11:33 - 00000000 __RHD C:\MSOCache
2014-01-03 11:33 - 2013-01-26 19:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-03 11:20 - 2014-01-03 11:09 - 361279488 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Word x64 64bit.iso
2014-01-03 11:00 - 2014-01-03 10:50 - 341735424 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Excel x64 64bit.iso
2014-01-02 23:02 - 2013-05-26 17:36 - 00000000 ____D C:\Users\Stefano\AppData\Local\LogMeIn Hamachi
2014-01-02 22:35 - 2013-05-25 10:42 - 00000000 ___RD C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:15 - 2013-05-27 08:22 - 00000000 ___RD C:\Users\Stefano\Desktop\Games
2014-01-02 14:12 - 2014-01-02 14:12 - 00001524 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TW.lnk
2014-01-02 13:43 - 2014-01-02 13:43 - 00001632 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GodMode.lnk
2014-01-02 13:39 - 2013-10-12 18:42 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-02 13:35 - 2014-01-02 13:35 - 00001607 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\left4dead2.lnk
2014-01-02 10:27 - 2013-06-01 18:55 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 19:44 - 2014-01-01 19:44 - 00000000 ____D C:\Users\Stefano\Documents\Zen Studios
2014-01-01 13:55 - 2014-01-01 13:55 - 00302218 _____ C:\Users\Stefano\Downloads\edmDistrict Community Connect Channel Icon Template.psd
2014-01-01 11:20 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Stefano\AppData\Local\Game Dev Tycoon - Steam
2014-01-01 10:04 - 2013-05-26 05:56 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Atheros
2013-12-31 20:42 - 2013-05-26 04:34 - 00000000 ____D C:\Users\Stefano\Documents\Bluetooth Folder
2013-12-29 22:33 - 2013-12-29 21:34 - 141975397 _____ C:\Users\Stefano\Downloads\Torchlight 2 v1.16.5.3.rar
2013-12-29 21:57 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\Torchlight II
2013-12-29 21:56 - 2013-12-29 21:56 - 00000000 ____D C:\Users\Stefano\Desktop\Torchlight 2 BackUP
2013-12-29 21:54 - 2013-07-04 08:14 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Notepad++
2013-12-29 21:22 - 2013-12-29 21:13 - 19837968 _____ C:\Users\Stefano\Downloads\Torchlight-II_patch_1.25.5.2_nosTEAM.exe
2013-12-29 20:55 - 2013-05-27 18:43 - 00000000 ____D C:\Users\Stefano\AppData\Local\Paint.NET
2013-12-27 20:33 - 2013-12-18 18:13 - 00000000 ____D C:\Users\Stefano\Downloads\Foto
2013-12-24 23:58 - 2013-12-24 23:58 - 00000132 _____ C:\Users\Stefano\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-12-23 15:05 - 2013-12-15 00:04 - 00000000 ____D C:\Users\Stefano\Desktop\Sims 3 Backup
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Users\Stefano\Documents\AutomaticSolution Software
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Program Files (x86)\AutoClickerbyShocker
2013-12-22 17:15 - 2013-12-22 17:15 - 00923784 _____ (CNET Download.com) C:\Users\Stefano\Downloads\cbsidlm-cbsi145-Auto_Clicker_by_Shocker-ORG-75742161.exe
2013-12-22 17:15 - 2013-12-22 17:11 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-12-22 17:10 - 2013-12-22 17:10 - 00910736 _____ (ghost-mouse.com                                             ) C:\Users\Stefano\Downloads\GhostMouse321-Setup.exe
2013-12-20 18:09 - 2013-05-26 22:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-20 18:09 - 2013-05-26 22:03 - 00000000 ____D C:\ProgramData\Skype
2013-12-18 20:39 - 2013-12-18 20:39 - 00022876 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerProgression_V122.zip
2013-12-18 20:36 - 2013-12-18 20:36 - 00037239 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerIntegration_V124.zip
2013-12-18 20:32 - 2013-12-18 20:31 - 00764078 _____ C:\Users\Stefano\Downloads\NRaas_MasterController_V127.zip
2013-12-17 11:21 - 2013-05-26 04:28 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 11:21 - 2013-05-26 04:28 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 11:21 - 2013-05-26 04:28 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-14 20:43 - 2013-12-14 20:43 - 00001529 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TS3W.lnk
2013-12-14 20:40 - 2013-12-14 20:40 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2013-12-14 20:39 - 2013-12-14 20:39 - 02766848 _____ (Crystal Dew World                                           ) C:\Users\Stefano\Downloads\CrystalDiskInfo6_0_4-en.exe
2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-14 20:31 - 2013-12-14 20:30 - 00301272 _____ C:\Windows\Minidump\121413-51328-01.dmp
2013-12-14 20:30 - 2013-09-15 17:11 - 678102796 _____ C:\Windows\MEMORY.DMP
2013-12-14 20:30 - 2013-09-14 09:14 - 00000000 ____D C:\Windows\Minidump
2013-12-14 15:49 - 2013-06-02 12:46 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-14 15:49 - 2012-12-14 03:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-14 15:40 - 2013-12-08 16:22 - 3554922713 ____R C:\Users\Stefano\Downloads\The Sims 3 - Into the Future.rar
2013-12-14 14:50 - 2013-01-26 18:47 - 00313132 ____N C:\Windows\Minidump\121413-38234-01.dmp
2013-12-14 14:25 - 2013-05-27 15:15 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-14 14:25 - 2013-05-27 15:02 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-14 14:24 - 2013-05-27 15:02 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-14 14:24 - 2013-05-27 08:16 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-14 00:28 - 2013-05-26 17:31 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-08 13:53 - 2013-12-08 13:06 - 1691505085 ____R C:\Users\Stefano\Downloads\The Sims 3 - Movie Stuff.rar
2013-12-08 13:04 - 2013-12-08 11:41 - 2965211817 ____R C:\Users\Stefano\Downloads\The Sims 3 - Island Paradise.rar
2013-12-07 22:14 - 2013-12-07 22:14 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3914f499815.job

Files to move or delete:
====================
C:\Users\Stefano\AppData\Local\Temp\290445034086\290445034086.exe
C:\Users\Stefano\AppData\Roaming\GoodnightTimer.ini


Some content of TEMP:
====================
C:\Users\Stefano\AppData\Local\Temp\aacdec.exe
C:\Users\Stefano\AppData\Local\Temp\AEk64Mi37A.exe
C:\Users\Stefano\AppData\Local\Temp\avgnt.exe
C:\Users\Stefano\AppData\Local\Temp\bitool.dll
C:\Users\Stefano\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Stefano\AppData\Local\Temp\DeltaTB.exe
C:\Users\Stefano\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\Stefano\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\Stefano\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Stefano\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\Stefano\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\Stefano\AppData\Local\Temp\ose00000.exe
C:\Users\Stefano\AppData\Local\Temp\ose00002.exe
C:\Users\Stefano\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefano\AppData\Local\Temp\sonarinst.exe
C:\Users\Stefano\AppData\Local\Temp\SRLDetectionLibrary1642165876723472202.dll
C:\Users\Stefano\AppData\Local\Temp\ubi3E13.tmp.exe
C:\Users\Stefano\AppData\Local\Temp\ubi7369.tmp.exe
C:\Users\Stefano\AppData\Local\Temp\uninst1.exe
C:\Users\Stefano\AppData\Local\Temp\vpsetup.exe
C:\Users\Stefano\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-30 16:39

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Stefano at 2014-01-06 21:41:36
Running from C:\Users\Stefano\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
µTorrent (x32 Version: 3.3.0.29677 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Backup Manager (x32 Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3012 - Acer Incorporated)
AcerCloud (x32 Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (x32 Version: 1.00.3204 - Acer Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo GetBack Photo v.1.0.0 (x32 Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ASIO4ALL (x32 Version: 2.11 Beta1 - Michael Tippach)
Auto Clicker by Shocker (x32 Version: V3.0 - shockingsoft.com)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Borderlands (x32 Version: 1.0.295 - 2K Games)
Borderlands 2 (x32 Version:  - Gearbox Software)
Broadcom Card Reader Driver Installer (Version: 15.4.7.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden
CastleStorm (x32 Version:  - Zen Studios)
clear.fi Media (x32 Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.01.3109 - Acer Incorporated)
Clover 3.0 (x32 Version: 3.0 - )
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CrystalDiskInfo 6.0.4 (x32 Version: 6.0.4 - Crystal Dew World)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version:  - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo III (x32 Version:  - Blizzard Entertainment)
Die Sims™ 3 (x32 Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (x32 Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (x32 Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (x32 Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (x32 Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (x32 Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (x32 Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Movie-Accessoires (x32 Version: 20.0.53 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (x32 Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (x32 Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (x32 Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (x32 Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126 - Electronic Arts)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dritek Radio Controller (x32 Version: 2.02.2001.0803 - Dritek System Inc.)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
ETDWare PS/2-X64 11.6.16.003_WHQL (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (x32 Version: 1.1.1 - SCS Software)
FL Studio 11 (x32 Version:  - Image-Line)
FlowStone FL 3.0 (x32 Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Futuremark SystemInfo (x32 Version: 4.21.201 - Futuremark)
Game Dev Tycoon (x32 Version:  - Greenheart Games)
GameRanger (HKCU Version:  - GameRanger Technologies)
God Mode (x32 Version:  - Old School Games)
Godus (x32 Version:  - )
Goodnight Timer 1.1 (x32 Version:  - Sebastian Fritsch)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (Version: 14.0 - HP)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Update (x32 Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (x32 Version: 2.00.3004 - Acer Incorporated)
IL Download Manager (x32 Version:  - Image-Line)
IL Shared Libraries (x32 Version:  - Image-Line)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 40 (64-bit) (Version: 7.0.400 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java 8 (64-bit) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.109 - Oracle, Inc.) Hidden
Launch Manager (x32 Version: 7.0.10 - Acer Inc.)
Left 4 Dead 2 (x32 Version:  - Valve)
LEGO Digital Designer (x32 Version:  - LEGO A/S)
Live Updater (x32 Version: 2.00.3006 - Acer Incorporated)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Excel 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Word 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (x32 Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero Burning ROM-Nero Express (x32 Version:  - )
Norton Online Backup (x32 Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
NTI Media Maker 9 (x32 Version: 9.0.2.9013 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9013 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 331.58 (Version: 331.58 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.58 (Version: 331.58 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (Version: 14.0 - HP)
Office Addin (x32 Version: 2.01.3202 - Acer)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Opera 12.15 (HKCU Version: 12.15.1748 - Opera Software ASA)
Origin (x32 Version: 9.1.15.109 - Electronic Arts, Inc.)
osu! (x32 Version: 0.0.0.0 - peppy)
Paint.NET v3.5.11 (Version: 3.61.0 - dotPDN LLC)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKCU Version:  - )
Prince of Persia The Forgotten Sands™ (x32 Version: 1.0 - Ubisoft)
PS_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Recuva (Version: 1.37 - Piriform)
Saints Row IV (x32 Version: 1 - )
Sanctum 2 (x32 Version:  - Coffee Stain Studios)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Shop for HP Supplies (Version: 14.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
TechPowerUp GPU-Z (x32 Version:  - TechPowerUp)
TERA (x32 Version: 7 - Gameforge Productions GmbH)
Titan Quest (x32 Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (x32 Version: 1.00.0000 - Iron Lore)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Torchlight II (c) Runic Games version 1 (x32 Version: 1 - )
Tower Wars (x32 Version:  - SuperVillain Studios)
TQ Defiler.NET (x32 Version: 1.3.7 - Soul's Software)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft Office 2010 (KB2553065) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition (Version:  - Microsoft)
VideoPad Video Editor (x32 Version: 3.14 - NCH Software)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
WavePad Sound Editor (x32 Version:  - NCH Software)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Windows 8 Start Screen Customizer version 1.3.6 (x32 Version: 1.3.6 - Codigobit.info)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

23-11-2013 12:20:37 Installed TQ Defiler.NET
30-11-2013 14:00:47 Installiert Prince of Persia The Forgotten Sands™
08-12-2013 10:31:59 Installiert The Sims 3
14-12-2013 14:48:47 Installiert TheSims3EP11
02-01-2014 12:38:16 Removed Livestream for Producers
03-01-2014 17:51:28 Microsoft Visual C++ 2005 Redistributable wird installiert
05-01-2014 10:05:54 Removed Vegas Pro 12.0 (64-bit)

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B350D20-A675-41C5-85A9-D27862EBA789} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4AC8B08D-B527-49D5-9DFF-AD3169366ABD} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {521FF5A1-FA4F-4838-AA7C-D083919EFFFE} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {5EB06237-CD4D-4B87-9B35-011EE56829C9} - \AdobeFlashPlayerUpdate No Task File
Task: {88905D78-F8CB-4D3B-85B0-3B9019C28180} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-26] (Google Inc.)
Task: {8D8D8DC8-12B5-42A1-9978-70747734D13A} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AAF47124-E168-4E5B-8430-06A46FFC77E1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {AB407D31-3406-4419-B424-703A519A04E0} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {B15FBADA-AAC2-4F8A-A361-3D6E23CE9F8D} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {BDB0AD9D-F6C4-496A-9704-F7FA985D8E50} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {BFD2E98F-B87A-458C-9CB8-C3D08D068535} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C969F2ED-6ABE-4194-8806-3E9A9DEBA920} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {E15B4CD7-0F0A-432E-8F78-96244B972DA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EF83DC5C-F06E-45C2-B943-EC7ADB94A9AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-26] (Google Inc.)
Task: {FE02F689-1860-4096-B52A-94316C5FAC26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-02] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3914f499815.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 08:58 - 2012-07-26 08:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-28 13:45 - 2013-01-28 13:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 13:42 - 2013-01-28 13:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-14 02:25 - 2012-10-23 19:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-26 04:09 - 2012-09-19 17:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-01-26 19:00 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-27 14:01 - 2013-10-16 01:48 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-06 17:46 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 17:46 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 17:46 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 17:46 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 17:46 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-06 17:46 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2014 09:41:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:41:55Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:41:25 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:41:25Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:40:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:40:55Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:40:25 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:40:25Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:39:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:39:55Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:39:25 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:39:25Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:38:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:38:55Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:38:25 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:38:25Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:37:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:37:55Z. Fehlercode: 0x80040154.

Error: (01/06/2014 09:37:25 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2113-12-13T20:37:25Z. Fehlercode: 0x80040154.


System errors:
=============
Error: (01/04/2014 02:22:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/26/2013 10:01:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/26/2013 10:01:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (12/21/2013 03:43:22 PM) (Source: DCOM) (User: ******)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/21/2013 03:43:22 PM) (Source: DCOM) (User: *******)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/21/2013 03:43:22 PM) (Source: DCOM) (User: ******)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/21/2013 03:43:22 PM) (Source: DCOM) (User: *******)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/15/2013 02:00:22 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.33 mit dem Computer mit der
Netzwerkhardwareadresse 00-0E-58-1C-AD-5C ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (12/14/2013 08:34:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/14/2013 08:31:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (01/06/2014 09:41:55 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:41:55Z

Error: (01/06/2014 09:41:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:41:25Z

Error: (01/06/2014 09:40:55 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:40:55Z

Error: (01/06/2014 09:40:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:40:25Z

Error: (01/06/2014 09:39:55 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:39:55Z

Error: (01/06/2014 09:39:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:39:25Z

Error: (01/06/2014 09:38:55 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:38:55Z

Error: (01/06/2014 09:38:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:38:25Z

Error: (01/06/2014 09:37:55 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:37:55Z

Error: (01/06/2014 09:37:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800401542113-12-13T20:37:25Z


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8007.27 MB
Available physical RAM: 5667.06 MB
Total Pagefile: 16199.27 MB
Available Pagefile: 13317.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:446.19 GB) (Free:151.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 46256E46)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---

aharonov · 06.01.2014, 21:55

Ja da läuft Malware..

Schritt 1

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Log von Adwcleaner
Log von Combofix
Log von FRST

StefanoD · 06.01.2014, 22:01

So ich habe mehrere Downloads deswegen denke ich es war einer von diesen hier:

hxxp://www.youtube.com/watch?v=8dnpfJ-gHow

hxxp://www.youtube.com/watch?v=YhmtoZNJFOY

hxxp://www.youtube.com/watch?v=F2CAFMa8wlE

Ich bedanke mich bei dir schon mal ganz herzlich jetzt

Ich werde alles morgen Abend machen

Gute Nacht

aharonov · 06.01.2014, 22:02

Ok, dann bis morgen. Gute Nacht.

StefanoD · 07.01.2014, 20:08

So ich habe jetzt fast alles gemacht

Kommt jetzt nichts mehr bei mir nach dem Start

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.016 - Bericht erstellt am 07/01/2014 um 19:21:04
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Stefano - ******
# Gestartet von : C:\Users\Stefano\Desktop\lolcrap\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\Stefano\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Stefano\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Stefano\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Stefano\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Stefano\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Datei Gelöscht : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\d0d88db23dba15
Schlüssel Gelöscht : HKLM\SOFTWARE\d0d88db23dba15
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\NCH Software

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4282 octets] - [07/01/2014 19:18:41]
AdwCleaner[S0].txt - [3593 octets] - [07/01/2014 19:21:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3653 octets] ##########

--- --- ---

Combofix (Datei) ist zu gross soll ich das uploaden ?

Ich mache noch denn letzten Test....

StefanoD · 07.01.2014, 20:21

Das ist Combofix

StefanoD · 07.01.2014, 20:22

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Stefano (administrator) on ***** on 07-01-2014 20:12:33
Running from C:\Users\Stefano\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-01-26] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [216448 2013-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Win8StartScreen] - C:\Program Files (x86)\Windows 8 Start Screen Customizer\ModernUIStartScreen.exe [3461632 2012-12-06] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-10-16] (NVIDIA Corporation)
Startup: C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = 
SearchScopes: HKCU - {E79A530D-2415-43E2-8CF0-13630A7B5CBD} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.230.55.96 212.98.37.130

Chrome: 
=======
CHR HomePage: hxxp://google.ch/
CHR RestoreOnStartup: "hxxp://google.ch/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance\1.2_0
CHR Extension: (Google Docs) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0
CHR Extension: (YouTube) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1312.1.2_0
CHR Extension: (AdBlock) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Self-stick notes) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdihnnnfbdeinkamogggghnmcfaebca\1.5.0.0_0
CHR Extension: (Fast Note) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehbplmdjbmcbbdlghcphdhfakcgaiaj\1.2.0_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Google Wallet) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-04] (Futuremark)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-04] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-01-26] (Dritek System INC.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-29] (Disc Soft Ltd)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-26] (Dritek System Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-03] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 ag6zrt8q; C:\Windows\System32\Drivers\ag6zrt8q.sys [0 ] (Broadcom Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]
S1 lokguzeo; \??\C:\Windows\system32\drivers\lokguzeo.sys [x]
S1 xtniuzzl; \??\C:\Windows\system32\drivers\xtniuzzl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-07 19:44 - 2014-01-07 19:44 - 00123192 _____ C:\ComboFix.txt
2014-01-07 19:31 - 2014-01-07 19:44 - 00000000 ____D C:\Qoobox
2014-01-07 19:31 - 2014-01-07 19:43 - 00000000 ____D C:\Windows\erdnt
2014-01-07 19:31 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-07 19:31 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-07 19:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-07 19:31 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-07 19:27 - 2014-01-07 19:27 - 00003732 _____ C:\Users\Stefano\Desktop\AdwCleaner[S0].txt
2014-01-07 19:23 - 2014-01-07 19:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-07 19:22 - 2014-01-07 19:23 - 04995456 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-07 19:18 - 2014-01-07 19:21 - 00000000 ____D C:\AdwCleaner
2014-01-07 19:17 - 2014-01-07 20:10 - 00000000 ____D C:\Users\Stefano\Desktop\lolcrap
2014-01-06 21:41 - 2014-01-06 21:42 - 00031571 _____ C:\Users\Stefano\Downloads\Addition.txt
2014-01-06 21:40 - 2014-01-07 20:12 - 00016784 _____ C:\Users\Stefano\Downloads\FRST.txt
2014-01-06 21:38 - 2014-01-06 21:38 - 00000000 ____D C:\FRST
2014-01-06 19:44 - 2014-01-06 19:44 - 01931762 _____ (Farbar) C:\Users\Stefano\Downloads\FRST64.exe
2014-01-03 20:27 - 2014-01-03 20:27 - 00005278 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands2.lnk
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-03 11:33 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-03 11:33 - 2014-01-03 11:33 - 00000000 ___RD C:\MSOCache
2014-01-03 11:09 - 2014-01-03 11:20 - 361279488 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Word x64 64bit.iso
2014-01-03 10:50 - 2014-01-03 11:00 - 341735424 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Excel x64 64bit.iso
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-02 14:21 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 14:21 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-01-02 14:21 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-02 14:21 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-02 14:21 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-02 14:21 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-02 14:21 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-02 14:21 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-02 14:21 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-02 14:21 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-02 14:21 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-02 14:21 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-02 14:21 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-02 14:20 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-02 14:20 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-02 14:20 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-02 14:20 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-02 14:20 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-02 14:20 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-01-02 14:20 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-02 14:20 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-02 14:20 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-02 14:20 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-01-02 14:20 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-02 14:20 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-01-02 14:20 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-01-02 14:20 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-01-02 14:20 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-01-02 14:20 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-01-02 14:20 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-01-02 14:20 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-01-02 14:20 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2014-01-02 14:20 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-01-02 14:20 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-02 14:20 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-01-02 14:20 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-02 14:20 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-01-02 14:20 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-01-02 14:20 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-01-02 14:20 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-01-02 14:12 - 2014-01-02 14:12 - 00001524 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TW.lnk
2014-01-02 13:43 - 2014-01-02 13:43 - 00001632 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GodMode.lnk
2014-01-02 13:35 - 2014-01-02 13:35 - 00001607 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\left4dead2.lnk
2014-01-01 19:44 - 2014-01-01 19:44 - 00000000 ____D C:\Users\Stefano\Documents\Zen Studios
2014-01-01 13:55 - 2014-01-01 13:55 - 00302218 _____ C:\Users\Stefano\Downloads\edmDistrict Community Connect Channel Icon Template.psd
2013-12-29 21:56 - 2013-12-29 21:56 - 00000000 ____D C:\Users\Stefano\Desktop\Torchlight 2 BackUP
2013-12-29 21:34 - 2013-12-29 22:33 - 141975397 _____ C:\Users\Stefano\Downloads\Torchlight 2 v1.16.5.3.rar
2013-12-29 21:13 - 2013-12-29 21:22 - 19837968 _____ C:\Users\Stefano\Downloads\Torchlight-II_patch_1.25.5.2_nosTEAM.exe
2013-12-26 15:10 - 2014-01-01 11:20 - 00000000 ____D C:\Users\Stefano\AppData\Local\Game Dev Tycoon - Steam
2013-12-26 15:05 - 2014-01-03 20:23 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-24 23:58 - 2013-12-24 23:58 - 00000132 _____ C:\Users\Stefano\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Users\Stefano\Documents\AutomaticSolution Software
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Program Files (x86)\AutoClickerbyShocker
2013-12-22 17:15 - 2013-12-22 17:15 - 00923784 _____ (CNET Download.com) C:\Users\Stefano\Downloads\cbsidlm-cbsi145-Auto_Clicker_by_Shocker-ORG-75742161.exe
2013-12-22 17:11 - 2013-12-22 17:15 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-12-22 17:10 - 2013-12-22 17:10 - 00910736 _____ (ghost-mouse.com                                             ) C:\Users\Stefano\Downloads\GhostMouse321-Setup.exe
2013-12-18 20:39 - 2013-12-18 20:39 - 00022876 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerProgression_V122.zip
2013-12-18 20:36 - 2013-12-18 20:36 - 00037239 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerIntegration_V124.zip
2013-12-18 20:31 - 2013-12-18 20:32 - 00764078 _____ C:\Users\Stefano\Downloads\NRaas_MasterController_V127.zip
2013-12-18 18:13 - 2013-12-27 20:33 - 00000000 ____D C:\Users\Stefano\Downloads\Foto
2013-12-15 00:04 - 2013-12-23 15:05 - 00000000 ____D C:\Users\Stefano\Desktop\Sims 3 Backup
2013-12-14 20:43 - 2013-12-14 20:43 - 00001529 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TS3W.lnk
2013-12-14 20:40 - 2013-12-14 20:40 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2013-12-14 20:39 - 2013-12-14 20:39 - 02766848 _____ (Crystal Dew World                                           ) C:\Users\Stefano\Downloads\CrystalDiskInfo6_0_4-en.exe
2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-14 20:30 - 2013-12-14 20:31 - 00301272 _____ C:\Windows\Minidump\121413-51328-01.dmp
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-08 16:22 - 2013-12-14 15:40 - 3554922713 ____R C:\Users\Stefano\Downloads\The Sims 3 - Into the Future.rar
2013-12-08 13:06 - 2013-12-08 13:53 - 1691505085 ____R C:\Users\Stefano\Downloads\The Sims 3 - Movie Stuff.rar
2013-12-08 11:41 - 2013-12-08 13:04 - 2965211817 ____R C:\Users\Stefano\Downloads\The Sims 3 - Island Paradise.rar

==================== One Month Modified Files and Folders =======

2014-01-07 20:12 - 2014-01-06 21:40 - 00016784 _____ C:\Users\Stefano\Downloads\FRST.txt
2014-01-07 20:10 - 2014-01-07 19:17 - 00000000 ____D C:\Users\Stefano\Desktop\lolcrap
2014-01-07 20:06 - 2013-05-26 22:03 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Skype
2014-01-07 20:05 - 2013-07-27 12:30 - 00000000 ____D C:\Users\Stefano\Desktop\Cra FL
2014-01-07 20:05 - 2013-05-25 10:39 - 01756828 _____ C:\Windows\WindowsUpdate.log
2014-01-07 20:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-07 19:57 - 2013-01-26 18:34 - 00753134 _____ C:\Windows\system32\perfh007.dat
2014-01-07 19:57 - 2013-01-26 18:34 - 00155826 _____ C:\Windows\system32\perfc007.dat
2014-01-07 19:57 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 19:51 - 2012-12-14 02:33 - 00156004 _____ C:\Windows\PFRO.log
2014-01-07 19:50 - 2012-07-26 06:26 - 00786432 ___SH C:\Windows\system32\config\BBI
2014-01-07 19:44 - 2014-01-07 19:44 - 00123192 _____ C:\ComboFix.txt
2014-01-07 19:44 - 2014-01-07 19:31 - 00000000 ____D C:\Qoobox
2014-01-07 19:44 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2014-01-07 19:43 - 2014-01-07 19:31 - 00000000 ____D C:\Windows\erdnt
2014-01-07 19:42 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini
2014-01-07 19:41 - 2014-01-02 22:35 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-07 19:41 - 2014-01-02 22:35 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-07 19:41 - 2014-01-02 22:35 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-07 19:27 - 2014-01-07 19:27 - 00003732 _____ C:\Users\Stefano\Desktop\AdwCleaner[S0].txt
2014-01-07 19:23 - 2014-01-07 19:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-07 19:23 - 2014-01-07 19:22 - 04995456 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-07 19:21 - 2014-01-07 19:18 - 00000000 ____D C:\AdwCleaner
2014-01-07 11:22 - 2013-05-26 05:56 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Atheros
2014-01-06 22:05 - 2013-05-26 04:34 - 00000000 ____D C:\Users\Stefano\Documents\Bluetooth Folder
2014-01-06 21:42 - 2014-01-06 21:41 - 00031571 _____ C:\Users\Stefano\Downloads\Addition.txt
2014-01-06 21:38 - 2014-01-06 21:38 - 00000000 ____D C:\FRST
2014-01-06 20:32 - 2013-05-27 07:34 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-06 20:09 - 2013-05-27 08:20 - 00000000 ___RD C:\Users\Stefano\Desktop\Stefano
2014-01-06 19:44 - 2014-01-06 19:44 - 01931762 _____ (Farbar) C:\Users\Stefano\Downloads\FRST64.exe
2014-01-05 11:17 - 2013-05-25 10:41 - 00000000 ____D C:\Users\Stefano
2014-01-05 11:06 - 2013-07-27 20:06 - 00000000 ____D C:\Users\Stefano\AppData\Local\Sony
2014-01-05 11:06 - 2013-07-27 20:06 - 00000000 ____D C:\ProgramData\Sony
2014-01-04 14:41 - 2013-05-26 17:31 - 00000000 ____D C:\Users\Stefano\AppData\Local\Deployment
2014-01-04 14:30 - 2013-07-24 19:13 - 00000000 ____D C:\Windows\system32\MRT
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-04 14:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2014-01-04 14:15 - 2013-05-28 10:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-04 14:03 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2014-01-03 20:27 - 2014-01-03 20:27 - 00005278 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands2.lnk
2014-01-03 20:23 - 2013-12-26 15:05 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-03 18:53 - 2013-05-27 10:40 - 00000000 ____D C:\Users\Stefano\Documents\My Games
2014-01-03 17:12 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 16:28 - 2013-06-02 12:38 - 00000000 ____D C:\Users\Stefano\AppData\Local\CrashDumps
2014-01-03 14:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-03 11:54 - 2013-05-27 07:50 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\uTorrent
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-03 11:45 - 2014-01-03 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-03 11:45 - 2012-07-26 08:52 - 00000000 ____D C:\Windows\ShellNew
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-03 11:36 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-03 11:35 - 2014-01-03 11:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-03 11:35 - 2014-01-03 11:33 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-03 11:33 - 2014-01-03 11:33 - 00000000 ___RD C:\MSOCache
2014-01-03 11:33 - 2013-01-26 19:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-03 11:20 - 2014-01-03 11:09 - 361279488 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Word x64 64bit.iso
2014-01-03 11:00 - 2014-01-03 10:50 - 341735424 ____R C:\Users\Stefano\Downloads\Microsoft Office 2010 Excel x64 64bit.iso
2014-01-02 23:02 - 2013-05-26 17:36 - 00000000 ____D C:\Users\Stefano\AppData\Local\LogMeIn Hamachi
2014-01-02 22:35 - 2013-05-25 10:42 - 00000000 ___RD C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:15 - 2013-05-27 08:22 - 00000000 ___RD C:\Users\Stefano\Desktop\Games
2014-01-02 14:12 - 2014-01-02 14:12 - 00001524 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TW.lnk
2014-01-02 13:43 - 2014-01-02 13:43 - 00001632 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GodMode.lnk
2014-01-02 13:39 - 2013-10-12 18:42 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-02 13:35 - 2014-01-02 13:35 - 00001607 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\left4dead2.lnk
2014-01-02 10:27 - 2013-06-01 18:55 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 19:44 - 2014-01-01 19:44 - 00000000 ____D C:\Users\Stefano\Documents\Zen Studios
2014-01-01 13:55 - 2014-01-01 13:55 - 00302218 _____ C:\Users\Stefano\Downloads\edmDistrict Community Connect Channel Icon Template.psd
2014-01-01 11:20 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Stefano\AppData\Local\Game Dev Tycoon - Steam
2013-12-29 22:33 - 2013-12-29 21:34 - 141975397 _____ C:\Users\Stefano\Downloads\Torchlight 2 v1.16.5.3.rar
2013-12-29 21:57 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\Torchlight II
2013-12-29 21:56 - 2013-12-29 21:56 - 00000000 ____D C:\Users\Stefano\Desktop\Torchlight 2 BackUP
2013-12-29 21:54 - 2013-07-04 08:14 - 00000000 ____D C:\Users\Stefano\AppData\Roaming\Notepad++
2013-12-29 21:22 - 2013-12-29 21:13 - 19837968 _____ C:\Users\Stefano\Downloads\Torchlight-II_patch_1.25.5.2_nosTEAM.exe
2013-12-29 20:55 - 2013-05-27 18:43 - 00000000 ____D C:\Users\Stefano\AppData\Local\Paint.NET
2013-12-27 20:33 - 2013-12-18 18:13 - 00000000 ____D C:\Users\Stefano\Downloads\Foto
2013-12-24 23:58 - 2013-12-24 23:58 - 00000132 _____ C:\Users\Stefano\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-12-23 15:05 - 2013-12-15 00:04 - 00000000 ____D C:\Users\Stefano\Desktop\Sims 3 Backup
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Users\Stefano\Documents\AutomaticSolution Software
2013-12-22 17:17 - 2013-12-22 17:17 - 00000000 ____D C:\Program Files (x86)\AutoClickerbyShocker
2013-12-22 17:15 - 2013-12-22 17:15 - 00923784 _____ (CNET Download.com) C:\Users\Stefano\Downloads\cbsidlm-cbsi145-Auto_Clicker_by_Shocker-ORG-75742161.exe
2013-12-22 17:15 - 2013-12-22 17:11 - 00000000 ____D C:\Program Files (x86)\GhostMouse
2013-12-22 17:10 - 2013-12-22 17:10 - 00910736 _____ (ghost-mouse.com                                             ) C:\Users\Stefano\Downloads\GhostMouse321-Setup.exe
2013-12-20 18:09 - 2013-05-26 22:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-20 18:09 - 2013-05-26 22:03 - 00000000 ____D C:\ProgramData\Skype
2013-12-18 20:39 - 2013-12-18 20:39 - 00022876 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerProgression_V122.zip
2013-12-18 20:36 - 2013-12-18 20:36 - 00037239 _____ C:\Users\Stefano\Downloads\NRaas_MasterControllerIntegration_V124.zip
2013-12-18 20:32 - 2013-12-18 20:31 - 00764078 _____ C:\Users\Stefano\Downloads\NRaas_MasterController_V127.zip
2013-12-17 11:21 - 2013-05-26 04:28 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 11:21 - 2013-05-26 04:28 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 11:21 - 2013-05-26 04:28 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-14 20:43 - 2013-12-14 20:43 - 00001529 _____ C:\Users\Stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TS3W.lnk
2013-12-14 20:40 - 2013-12-14 20:40 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2013-12-14 20:39 - 2013-12-14 20:39 - 02766848 _____ (Crystal Dew World                                           ) C:\Users\Stefano\Downloads\CrystalDiskInfo6_0_4-en.exe
2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-14 20:31 - 2013-12-14 20:30 - 00301272 _____ C:\Windows\Minidump\121413-51328-01.dmp
2013-12-14 20:30 - 2013-09-15 17:11 - 678102796 _____ C:\Windows\MEMORY.DMP
2013-12-14 20:30 - 2013-09-14 09:14 - 00000000 ____D C:\Windows\Minidump
2013-12-14 15:49 - 2013-06-02 12:46 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-14 15:49 - 2012-12-14 03:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-14 15:40 - 2013-12-08 16:22 - 3554922713 ____R C:\Users\Stefano\Downloads\The Sims 3 - Into the Future.rar
2013-12-14 14:50 - 2013-01-26 18:47 - 00313132 ____N C:\Windows\Minidump\121413-38234-01.dmp
2013-12-14 14:25 - 2013-05-27 15:15 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-14 14:25 - 2013-05-27 15:02 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-14 14:24 - 2013-05-27 15:02 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-14 14:24 - 2013-05-27 08:16 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-14 00:30 - 2013-12-14 00:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-14 00:28 - 2013-05-26 17:31 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-08 13:53 - 2013-12-08 13:06 - 1691505085 ____R C:\Users\Stefano\Downloads\The Sims 3 - Movie Stuff.rar
2013-12-08 13:04 - 2013-12-08 11:41 - 2965211817 ____R C:\Users\Stefano\Downloads\The Sims 3 - Island Paradise.rar

Files to move or delete:
====================
C:\Users\Stefano\AppData\Roaming\GoodnightTimer.ini


Some content of TEMP:
====================
C:\Users\Stefano\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-30 16:39

==================== End Of Log ============================

--- --- ---

--- --- ---

aharonov · 07.01.2014, 20:29

Wie läuft der Rechner jetzt?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-07 19:23 - 2014-01-07 19:23 - 00000000 ____D C:\ProgramData\boost_interprocess

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Fixlog von FRST
Log von MBAM
Log von ESET
Log von FRST

StefanoD · 07.01.2014, 20:33

Zitat:

Zitat von aharonov

Wie läuft der Rechner jetzt?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-07 19:23 - 2014-01-07 19:23 - 00000000 ____D C:\ProgramData\boost_interprocess

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Fixlog von FRST
Log von MBAM
Log von ESET
Log von FRST

Gut werd ich machen.
Mein PC läuft wieder, macht keine faxen

Ich werde das noch machen und sage wie immer bescheid

aharonov · 07.01.2014, 20:34

Alles klar.

StefanoD · 07.01.2014, 21:00

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-01-2014
Ran by Stefano at 2014-01-07 20:36:05 Run:1
Running from C:\Users\Stefano\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\wncmanager
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\Users\Stefano\AppData\Roaming\GeZfSnGo
2014-01-02 22:35 - 2014-01-07 19:41 - 00000000 ___HD C:\ProgramData\taskhost
2014-01-07 19:23 - 2014-01-07 19:23 - 00000000 ____D C:\ProgramData\boost_interprocess
*****************

C:\Users\Stefano\AppData\Roaming\wncmanager => Moved successfully.
C:\Users\Stefano\AppData\Roaming\GeZfSnGo => Moved successfully.
C:\ProgramData\taskhost => Moved successfully.

"C:\ProgramData\boost_interprocess" directory move:

C:\ProgramData\boost_interprocess\Nobu64AgentService => Moved successfully.
C:\ProgramData\boost_interprocess\Nobu64TrayIcon => Moved successfully.
"C:\ProgramData\boost_interprocess" => Directory moved successfully.

==== End of Fixlog ====

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.07.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Stefano :: ****** [Administrator]

Schutz: Aktiviert

07.01.2014 20:47:20
mbam-log-2014-01-07 (20-47-20).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 223220
Laufzeit: 5 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

06.01.2014, 21:40	#4
aharonov /// TB-Ausbilder	Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten... Hast du diesen Download noch? __________________ cheers, Leo

06.01.2014, 22:02	#8
aharonov /// TB-Ausbilder	Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten... Ok, dann bis morgen. Gute Nacht. __________________ cheers, Leo

07.01.2014, 20:34	#14
aharonov /// TB-Ausbilder	Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten... Alles klar. __________________ cheers, Leo

Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten...

Plagegeister aller Art und deren Bekämpfung: Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten...