Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 13.01.2015, 22:13   #1
Deni664
 
Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert - Standard

Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert



Hallo liebes Trojaner-Board Team,

Seit heute hat mein Freund ein Problem mit seinem PC (Windows 8) und kann daher nicht mehr auf das Internet zugreifen. Jedes Mal, wenn er einen Browser öffnet, erscheint ihm die Fehlermeldung "Fehler: Proxy-Server verweigert die Verbindung" (getestet wurden IE und Firefox). Wir haben die Interneteinstellungen wie in eurem Thread "Probleme mit der Internetverbindung" beschrieben geändert; öffnete man den Browser danach, konnte man kurzzeitig auf eine Website zugreifen - als wir bei den Interneteinstellungen nachgesehen haben, stellten wir fest, dass jene wieder auf die vorherigen Einstellungen zurückgesetzt worden waren (einen Proxy-Server über unseren Localhost). Ich weiß nicht, ob das etwas zur Sache tut, aber vor einigen Tagen hatten wir die DNS auf die Google DNS geändert - selbst das haben wir in Folge der Fehlersuche heute wieder rückgängig gemacht, leider natürlich ohne Erfolg.
Avast hat leider nichts gefunden.

Gescannt haben wir den PC nun mit defogger und FRST, GMER verweigerte bei uns leider den Dienst und teilte mit, dass es nicht auf WINDOWS/system32/config/system zugreifen könne, da jene Datei von einem anderen Prozess verwendet wird.
Zum Glück kann er merkwürdigerweise noch auf Skype zugreifen, wodurch er mir die Logs schicken konnte.


Defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)

Log created at 21:45 on 13/01/2015 (Stefan)



Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.



Checking for services/drivers...





-=E.O.F=-
         
Frst:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Stefan (administrator) on STEFAN on 13-01-2015 21:45:38
Running from C:\Users\Stefan\Desktop
Loaded Profile: Stefan (Available profiles: Stefan)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\WINDOWS\INF\netrasa.inf,Ndis-Mp-AsyncMac
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Spotify Web Helper] => C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-15] (Spotify Ltd)
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [MKLOL] => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Stefan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-07-25] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49184;https=127.0.0.1:49184
ProxyEnable: [S-1-5-21-3178606706-2046197939-3586449545-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3178606706-2046197939-3586449545-1001] => http=127.0.0.1:49184;https=127.0.0.1:49184
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = 
SearchScopes: HKU\.DEFAULT -> {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = 
SearchScopes: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001 -> DefaultScope {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = 
SearchScopes: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001 -> {01AF324D-058C-4100-801E-8A0DEFF0C5F8} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BonanzaDeals -> {fe063412-bea4-4d76-8ed3-183be6220d17} -> C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: https://www.youtube.com/playlist?list=FLC09PSAMZ4Gvv80uEJ9ftwQ&feature=mh_lolz
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-3178606706-2046197939-3586449545-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Google search link fix - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2014-12-04]
FF Extension: Adblock Plus - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\epoz3lyz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-07]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]
FF HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

Chrome: 
=======
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Google-Suche) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (avast! Online Security) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07]
CHR Extension: (Google Mail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0266061391181945mcinstcleanup; C:\Users\Stefan\AppData\Local\Temp\026606~1.EXE [834664 2013-07-30] (McAfee, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-07] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-07] (BonanzaDeals)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-11-01] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Internet Enhancer Service; C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2014-12-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
S2 CGVPNCliService; "C:\Program Files\CyberGhost 5\Service.exe" [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2013-03-06] (Intel Corporation)
R3 LADF_DHP2; C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 wacomvhid; \SystemRoot\System32\drivers\wacomvhid.sys [X]
U3 kgldypob; \??\C:\Users\Stefan\AppData\Local\Temp\kgldypob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 21:45 - 2015-01-13 21:45 - 00020605 _____ () C:\Users\Stefan\Desktop\FRST.txt
2015-01-13 21:45 - 2015-01-13 21:45 - 00000474 _____ () C:\Users\Stefan\Desktop\defogger_disable.log
2015-01-13 21:44 - 2015-01-13 21:41 - 02124288 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe
2015-01-13 21:44 - 2015-01-13 21:41 - 00380416 _____ () C:\Users\Stefan\Desktop\snukj2jn.exe
2015-01-13 21:44 - 2015-01-13 21:41 - 00050477 _____ () C:\Users\Stefan\Desktop\Defogger.exe
2015-01-13 21:43 - 2015-01-13 21:43 - 00000000 _____ () C:\Users\Stefan\defogger_reenable
2015-01-13 21:41 - 2015-01-13 21:45 - 00000000 ____D () C:\FRST
2014-12-31 00:05 - 2014-12-31 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhance
2014-12-31 00:05 - 2014-12-31 00:05 - 00000000 ____D () C:\Program Files (x86)\WInterEnhance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 21:44 - 2013-11-02 01:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Skype
2015-01-13 21:43 - 2013-10-24 03:29 - 00000000 ____D () C:\Users\Stefan
2015-01-13 21:42 - 2013-12-12 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-13 21:34 - 2013-12-09 13:10 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B05073-D180-4E35-9E63-286D24EA8470}
2015-01-13 21:32 - 2013-10-07 18:27 - 00000940 _____ () C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2015-01-13 21:29 - 2014-08-07 12:09 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 21:26 - 2014-01-31 16:29 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-13 21:08 - 2013-10-07 18:25 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178606706-2046197939-3586449545-1001
2015-01-13 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-13 20:30 - 2014-08-07 12:09 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 20:19 - 2013-10-24 03:24 - 01441029 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-13 20:17 - 2014-07-01 19:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Steganos
2015-01-13 20:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-01-13 19:56 - 2013-10-24 04:23 - 00000000 __RDO () C:\Users\Stefan\SkyDrive
2015-01-13 19:52 - 2013-10-07 18:27 - 00000936 _____ () C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2015-01-13 19:51 - 2013-10-24 03:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-13 19:51 - 2013-09-29 20:04 - 00183624 _____ () C:\WINDOWS\PFRO.log
2015-01-13 19:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 19:51 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 19:42 - 2013-12-12 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-13 19:27 - 2013-10-07 18:27 - 00000000 ____D () C:\Program Files (x86)\BonanzaDeals
2015-01-12 22:44 - 2013-10-07 18:32 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client
2015-01-12 20:59 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Spotify
2015-01-12 20:59 - 2013-10-07 18:39 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Spotify
2015-01-11 18:47 - 2014-03-24 20:51 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Battle.net
2015-01-10 16:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-31 16:22 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-31 16:22 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-31 16:22 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-31 16:17 - 2014-09-19 15:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-31 16:17 - 2013-12-09 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-31 16:17 - 2013-10-07 18:27 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-12-30 17:59 - 2014-05-09 23:02 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-12-30 12:11 - 2013-11-02 00:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-29 20:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-29 12:02 - 2014-09-28 11:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-29 12:02 - 2013-11-02 01:22 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 15:50 - 2014-08-27 22:20 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Adobe
2014-12-18 21:58 - 2014-07-13 13:48 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\OBS

Some content of TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\0266061391181945mcinst.exe
C:\Users\Stefan\AppData\Local\Temp\bdfilters.dll
C:\Users\Stefan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpahadvq.dll
C:\Users\Stefan\AppData\Local\Temp\FileSystemView.dll
C:\Users\Stefan\AppData\Local\Temp\install_flashplayer11x32au_mssa_aaa_aih.exe
C:\Users\Stefan\AppData\Local\Temp\JavaRa.exe
C:\Users\Stefan\AppData\Local\Temp\jli.dll
C:\Users\Stefan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u67-windows-i586.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\keytool.exe
C:\Users\Stefan\AppData\Local\Temp\msvcr100.dll
C:\Users\Stefan\AppData\Local\Temp\NGMDll.dll
C:\Users\Stefan\AppData\Local\Temp\NGMResource.dll
C:\Users\Stefan\AppData\Local\Temp\NGMSetup.exe
C:\Users\Stefan\AppData\Local\Temp\node.exe
C:\Users\Stefan\AppData\Local\Temp\Player_Setup[1].exe
C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefan\AppData\Local\Temp\sqlite3.exe
C:\Users\Stefan\AppData\Local\Temp\unicows.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-13 21:08

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Stefan at 2015-01-13 21:46:10
Running from C:\Users\Stefan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adblock Plus für Firefox Packages (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Adblock Plus für Firefox Packages) (Version:  - ) <==== ATTENTION
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BitTorrent (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.)
Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections 17.2.153.0 (HKLM\...\PROSetDX) (Version: 17.2.153.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated)
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.3 - Smith Micro)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MKLOL (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\MKLOL) (Version:  - )
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.29 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Our Cruise Photos Digital Version 0.9.27 (HKLM-x32\...\{7460981E-FCC2-480B-ACB0-C75AE6201B7B}_is1) (Version: 0.9.27 - The Image Group)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Update_for_BonanzaDeals (HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\Bonanza) (Version:  - Update_for_BonanzaDeals) <==== ATTENTION
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
Wajam (HKLM-x32\...\WInterEnhance) (Version: 2.21.2.24 (i2.6) - WInterEnhance) <==== ATTENTION
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.25 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3178606706-2046197939-3586449545-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-12-2014 16:53:58 Geplanter Prüfpunkt
31-12-2014 17:20:44 Geplanter Prüfpunkt
09-01-2015 15:20:23 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C2132B1-4900-4FC0-9FAE-223145816D29} - System32\Tasks\{DB260CF8-66B3-47DD-A3E5-3BD4F86C5504} => pcalua.exe -a F:\Bin\demo32.exe -d F:\Bin
Task: {0CC80265-5C5A-425C-B09A-32015231228F} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {0EE0B897-7F04-4971-B929-F296E2425D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {12851282-83FF-444A-BB6A-FC0C3DE4574F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {3C5EF33C-D7C1-4226-92C7-5668E8725425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.)
Task: {4145606B-AE45-4C5D-ACBB-6C55CBBC3D07} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {53B47870-0B8B-4633-93EF-104A36281B1A} - System32\Tasks\{FB8F1885-F14A-4EF7-A750-52B7D19703C0} => pcalua.exe -a F:\install.exe -d F:\
Task: {5D5D5540-D375-4CF3-8CC4-E8171762F055} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07] (Google Inc.)
Task: {63700C6F-EA33-4393-8289-B482449CE6A5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {857BA6AC-AD95-4836-B94E-F9A97AED65A0} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-07] (BonanzaDeals) <==== ATTENTION
Task: {A2AFB03A-03AF-4D6B-B891-F193D39D73D0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {AA81E09B-8B5E-484D-9D5A-C9722C1B8944} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {B6120A0C-913C-411F-B649-32B3EFBB0AF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {B7F5DC09-3710-4047-A319-59A31A63A266} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)
Task: {BF735078-434B-46F2-9466-6DB8119E63B1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {E4813DB8-8F9A-4576-972A-6DEC66CFA0B5} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {ED7ABA4E-2266-48F6-BB4C-067408FC034F} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-07] (BonanzaDeals) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-19 17:56 - 2014-12-19 17:56 - 00312320 _____ () C:\Program Files (x86)\WInterEnhance\WInterEnhance Internet Enhancer\InternetEnhancerService.exe
2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-01-25 15:01 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-08-06 14:23 - 2014-08-06 14:23 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-13 19:01 - 2015-01-13 19:01 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011302\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-06 14:24 - 2014-08-06 14:24 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-06 07:42 - 2012-07-18 04:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Stefan\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "OKAYFREEDOM_Agent"
HKU\S-1-5-21-3178606706-2046197939-3586449545-1001\...\StartupApproved\Run: => "CyberGhost"

========================= Accounts: ==========================

Administrator (S-1-5-21-3178606706-2046197939-3586449545-500 - Administrator - Disabled)
Gast (S-1-5-21-3178606706-2046197939-3586449545-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3178606706-2046197939-3586449545-1006 - Limited - Enabled)
Stefan (S-1-5-21-3178606706-2046197939-3586449545-1001 - Administrator - Enabled) => C:\Users\Stefan
UpdatusUser (S-1-5-21-3178606706-2046197939-3586449545-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2015 09:29:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 09:09:15 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (01/13/2015 08:29:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi

Error: (01/13/2015 08:10:14 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={B948ACD8-67FD-4BE2-B77A-AD641ECCAE98}: Der Benutzer "SYSTEM" hat eine Verbindung mit dem Namen "Stefanohl" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (01/13/2015 08:09:52 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={390F6FFE-2E5A-4F72-98CA-E4CADD8A79C5}: Der Benutzer "SYSTEM" hat eine Verbindung mit dem Namen "Stefanohl" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.


System errors:
=============
Error: (01/13/2015 08:17:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/13/2015 07:52:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Application Installer Cleanup (0266061391181945)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/13/2015 07:51:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/13/2015 07:51:05 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/13/2015 07:51:05 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/13/2015 07:41:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/13/2015 07:41:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/13/2015 07:37:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/13/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/13/2015 07:24:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Application Installer Cleanup (0266061391181945)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (01/13/2015 09:29:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (01/13/2015 09:10:46 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (01/13/2015 09:09:16 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (01/13/2015 09:09:15 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (01/13/2015 08:29:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.25.11\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/13/2015 08:10:14 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {B948ACD8-67FD-4BE2-B77A-AD641ECCAE98}SYSTEMStefanohl651

Error: (01/13/2015 08:09:52 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {390F6FFE-2E5A-4F72-98CA-E4CADD8A79C5}SYSTEMStefanohl0


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 19%
Total physical RAM: 8134.06 MB
Available physical RAM: 6536.91 MB
Total Pagefile: 11078.06 MB
Available Pagefile: 9223.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:452.75 GB) (Free:267.85 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.61 GB) (Free:452.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9F87AAB2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Vielen Dank für eure Hilfe!

 

Themen zu Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert
automatisch, autostart, browser, code, cyberghost, datei, dienst, dllhost.exe, dns, einstellungen, fehlermeldung, firefox, folge, gen, gmer, google, install.exe, internet, internetverbindung, localhost, nicht mehr, nichts, problem, probleme, proxy-server, prozess, tablet, verbindung, windows, öffnet




Ähnliche Themen: Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert


  1. Windows 7: Internet: Proxy-Server verweigert die Verbindung
    Log-Analyse und Auswertung - 19.09.2014 (15)
  2. Firefox: Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 13.09.2014 (1)
  3. Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 19.08.2014 (15)
  4. Verbindung zum Proxy Server kann nicht hergestellt werden
    Log-Analyse und Auswertung - 06.07.2014 (3)
  5. Firefox: Proxy-Server verweigert die Verbindung
    Log-Analyse und Auswertung - 19.05.2014 (12)
  6. Windows 7: Firefox fehlermeldung : Proxy-Server verweigert die Verbindung, Internet Explorer falsche Startseite, viel werbung
    Log-Analyse und Auswertung - 22.04.2014 (23)
  7. proxy server verweigert die verbindung
    Log-Analyse und Auswertung - 14.04.2014 (12)
  8. Firefox: Ein Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (13)
  9. Firefox: Verbindung zum Proxy Server kann nicht hergestellt werden
    Plagegeister aller Art und deren Bekämpfung - 20.02.2014 (3)
  10. Firefox-Fehler: Proxy-Server verweigert die Verbindung
    Log-Analyse und Auswertung - 03.01.2014 (24)
  11. Proxy Server verweigert die Verbindung
    Mülltonne - 27.10.2013 (3)
  12. Firefox: "Proxy-Server verweigert die Verbindung"
    Log-Analyse und Auswertung - 01.09.2013 (9)
  13. Firefox: Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 07.04.2013 (20)
  14. Firefox: Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 16.12.2012 (3)
  15. Firefox: Proxy Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (5)
  16. Firefox fehlermeldung : Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (36)
  17. Firefox - Fehler: Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 30.01.2011 (1)

Zum Thema Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert - Hallo liebes Trojaner-Board Team, Seit heute hat mein Freund ein Problem mit seinem PC (Windows 8) und kann daher nicht mehr auf das Internet zugreifen. Jedes Mal, wenn er einen - Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert...
Archiv
Du betrachtest: Proxy-Server verweigert die Verbindung; Interneteinstellungen werden automatisch wieder geändert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.