Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: neuer Laptop Win 8.1 total langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.01.2015, 17:55   #1
boulderman
 
neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



Malwarebytes hab ich schon mal laufen lassen und folgende Logdatei bekommen.
HTML-Code:
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2015/01/24 17:25:14 +0100</date>

<logfile>mbam-log-2015-01-24 (17-25-14).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.4.1028</version>

<malware-database>v2015.01.24.09</malware-database>

<rootkit-database>v2015.01.14.01</rootkit-database>

<license>trial</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 8.1</osversion>

<arch>x64</arch>

<username>Arbeit Daniel</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>hyper</type>

<result>completed</result>

<objects>276448</objects>

<time>1157</time>

<processes>0</processes>

<modules>0</modules>

<keys>1</keys>

<values>0</values>

<datas>0</datas>

<folders>2</folders>

<files>4</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>disabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>


-<items>


-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{d924d8dc}</path>

<vendor>PUP.Optional.Booster.A</vendor>

<action/>

<hash>b287bb400881bd79db0dd0cbbb48827e</hash>

</key>


-<folder>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</folder>


-<folder>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi\1.0.1_0</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</folder>


-<file>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi\1.0.1_0\background.js</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</file>


-<file>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi\1.0.1_0\content.js</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</file>


-<file>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi\1.0.1_0\icon.png</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</file>


-<file>

<path>C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi\1.0.1_0\manifest.json</path>

<vendor>PUP.Optional.CommonShare.A</vendor>

<action/>

<hash>a7924fac3b4e9d993e841a5afa090bf5</hash>

</file>

</items>

</mbam-log>
Kann mir jemand helfen? Ich versteh das nicht

Alt 24.01.2015, 18:48   #2
schrauber
/// the machine
/// TB-Ausbilder
 

neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 24.01.2015, 19:40   #3
boulderman
 
neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel at 2015-01-24 19:36:49
Running from C:\Users\Arbeit Daniel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.04)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - )
BWSRappSev2 (HKLM-x32\...\BWSRappSev2) (Version: 1.36.01.22 - BroServix+2.3)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Pokki) (Version: 0.269.5.367 - Pokki)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.397 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-372149687-12892241-2324643792-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

23-01-2015 23:35:40 eBay Worldwide wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16F60ABF-AE90-4E90-A405-7D68C1B5625C} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {17D23CAC-F6D6-4672-9493-10F2343ABB41} - \upfs7235 No Task File <==== ATTENTION
Task: {3A6C939F-4E5F-4970-897F-E0C90901EC69} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-01-18] (Acer Incorporate)
Task: {404DA473-0786-4809-A915-4B03E6F70C95} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {4255E724-778F-4381-AFA7-B95845971801} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {4D57C262-A3BE-4432-BD18-346FFAE20A05} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {576F8236-280F-46B5-8612-FD9B56D84708} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {5FD06D2E-9369-42BA-9608-89DA3DBC1248} - System32\Tasks\QKTMVX => C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX.exe <==== ATTENTION
Task: {669E7F82-0EDD-46BF-9D2C-68B68A757F77} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {81E7E3BC-CCD0-4279-965F-AF784EAD2E28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {87F451BC-A213-4181-A433-BA3FB820B1C1} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-01-16] (Acer Incorporated)
Task: {AB2E7681-602A-4B95-BEEF-7D0BD14AFDF2} - System32\Tasks\WDXJHF => C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe [2015-01-23] (BroServix+2.3) <==== ATTENTION
Task: {AD6D8527-B0BA-433F-8F02-3E2E3FA0EEEE} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {B24EA0E0-7E1D-44C0-BA20-7B788F02D6F7} - System32\Tasks\SWRDAM => C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM.exe <==== ATTENTION
Task: {C1609FE0-D5C3-4294-8744-A99045673A65} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {D8B17051-4D8C-462F-9882-3EA4F4548916} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {E5D427CF-FF1C-480F-A91A-F819B4D9416A} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QKTMVX.job => C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX.exe <==== ATTENTION
Task: C:\Windows\Tasks\SWRDAM.job => C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM.exe <==== ATTENTION
Task: C:\Windows\Tasks\WDXJHF.job => C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2015-01-08 19:12 - 2015-01-08 19:12 - 02264576 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2014-02-18 19:02 - 2014-02-18 19:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-09-25 01:41 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-05-16 11:06 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00569856 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 01400846 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00151054 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avutil-51.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00222734 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avformat-54.dll
2014-09-25 01:22 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\StartupApproved\Run: => "Optimizer Pro"

========================= Accounts: ==========================

Administrator (S-1-5-21-372149687-12892241-2324643792-500 - Administrator - Disabled)
Arbeit Daniel (S-1-5-21-372149687-12892241-2324643792-1001 - Administrator - Enabled) => C:\Users\Arbeit Daniel
Gast (S-1-5-21-372149687-12892241-2324643792-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-372149687-12892241-2324643792-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2015 06:01:40 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/24/2015 05:18:46 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service has encountered an internal connection problem.

Error: (01/24/2015 05:17:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/24/2015 05:17:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/24/2015 05:17:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/24/2015 01:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: abengine.exe, Version: 2.3.1.2, Zeitstempel: 0x54812f7b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000417
Fehleroffset: 0x100c9383
ID des fehlerhaften Prozesses: 0x4a0
Startzeit der fehlerhaften Anwendung: 0xabengine.exe0
Pfad der fehlerhaften Anwendung: abengine.exe1
Pfad des fehlerhaften Moduls: abengine.exe2
Berichtskennung: abengine.exe3
Vollständiger Name des fehlerhaften Pakets: abengine.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: abengine.exe5

Error: (01/24/2015 01:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17037, Zeitstempel: 0x5312c26d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000065e8e
ID des fehlerhaften Prozesses: 0x1dd4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (01/24/2015 01:02:27 PM) (Source: MsiInstaller) (EventID: 11309) (User: Daniel)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (01/23/2015 11:01:23 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten von Windows Search für den Benutzer '<Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-01-23T22:01:23.000000000Z'/><EventRecordID>845</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Daniel</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440061006E00690065006C005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode %2.

%3.

Error: (01/23/2015 11:01:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014


System errors:
=============
Error: (01/24/2015 05:29:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/24/2015 05:14:16 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Error: (01/24/2015 05:14:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/24/2015 05:14:15 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Error: (01/24/2015 05:14:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/24/2015 05:14:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Error: (01/24/2015 05:14:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/24/2015 05:14:13 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Error: (01/24/2015 05:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/24/2015 05:14:12 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}


Microsoft Office Sessions:
=========================
Error: (01/24/2015 06:01:40 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/24/2015 05:18:46 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description: 

Error: (01/24/2015 05:17:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/24/2015 05:17:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/24/2015 05:17:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Temp\oct3B7.tmp.exe

Error: (01/24/2015 01:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: abengine.exe2.3.1.254812f7bunknown0.0.0.000000000c0000417100c93834a001d037cdd7a1dcbcC:\Program Files (x86)\Flwsrf\abengine.exeunknownba8a25c2-a3c5-11e4-825f-f0761c2d8656

Error: (01/24/2015 01:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.170375312c26dntdll.dll6.3.9600.17031530895afc00000050000000000065e8e1dd401d037cf4391c834C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dlla7c0165e-a3c2-11e4-825f-f0761c2d8656

Error: (01/24/2015 01:02:27 PM) (Source: MsiInstaller) (EventID: 11309) (User: Daniel)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/23/2015 11:01:23 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: <Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-01-23T22:01:23.000000000Z'/><EventRecordID>845</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Daniel</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440061006E00690065006C005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>

Error: (01/23/2015 11:01:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: a7f42014


CodeIntegrity Errors:
===================================
  Date: 2015-01-24 13:18:23.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:18:23.621
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:15:25.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:15:25.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:54.758
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:44.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:40.713
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:40.677
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:32.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-24 13:14:32.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 54%
Total physical RAM: 4019.27 MB
Available physical RAM: 1846.49 MB
Total Pagefile: 5427.27 MB
Available Pagefile: 3082.61 MB
         
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel (administrator) on DANIEL on 24-01-2015 19:35:56
Running from C:\Users\Arbeit Daniel\Downloads
Loaded Profiles: Arbeit Daniel (Available profiles: Arbeit Daniel)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(BroServix+2.3) C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bg.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe [14115328 2015-01-09] (zik.mu)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-372149687-12892241-2324643792-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://tikotin.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {DF9F6E42-A85C-42CC-82C6-BB102DEF23E1} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
BHO: BWSRappSev2 -> {11111111-1111-1111-1111-110611991117} -> C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bho64.dll (BroServix+2.3)
BHO-x32: BWSRappSev2 -> {11111111-1111-1111-1111-110611991117} -> C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bho.dll (BroServix+2.3)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 16 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-05-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-16]
FF HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Firefox\Extensions: [{7DEBE74A-F60E-1010-4430-598EAAAF698D}] - C:\Program Files (x86)\ver8SpeedChecker\186.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=55&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-24]
CHR Extension: (YouTube) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Adblock Plus) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]
CHR Extension: (CommonShare) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi [2015-01-24]
CHR Extension: (Google Search) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (SiteAdvisor) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-23]
CHR Extension: (AdBlock) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-24]
CHR Extension: (Google Wallet) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-06] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-09-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-09-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 19:35 - 2015-01-24 19:36 - 00022272 _____ () C:\Users\Arbeit Daniel\Downloads\FRST.txt
2015-01-24 19:35 - 2015-01-24 19:36 - 00000000 ____D () C:\FRST
2015-01-24 19:35 - 2015-01-24 19:35 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe
2015-01-24 19:34 - 2015-01-24 19:34 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64.exe
2015-01-24 17:22 - 2015-01-24 17:22 - 00000000 ____D () C:\ProgramData\186fef6e00000659
2015-01-24 17:21 - 2015-01-24 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-24 17:16 - 2015-01-24 17:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 17:14 - 2015-01-24 17:14 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-01-24 14:01 - 2015-01-24 14:01 - 00000000 ____D () C:\Users\Arbeit Daniel\Documents\Optimizer Pro
2015-01-24 13:33 - 2015-01-24 17:24 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Windows Live
2015-01-24 13:32 - 2015-01-24 13:32 - 01239752 _____ (Microsoft Corporation) C:\Users\Arbeit Daniel\Downloads\wlsetup-web.exe
2015-01-24 13:26 - 2015-01-24 17:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 13:26 - 2015-01-24 13:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-24 13:26 - 2015-01-24 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-24 13:25 - 2015-01-24 13:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-24 13:25 - 2015-01-24 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-24 13:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-24 13:24 - 2015-01-24 13:24 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Arbeit Daniel\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-24 13:14 - 2015-01-24 13:14 - 00000000 ____D () C:\ProgramData\43a438fc00001e7f
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Program Files\BubbleSound
2015-01-24 13:10 - 2015-01-24 13:10 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Acer Aspire R7 Tutorial
2015-01-24 13:08 - 2015-01-24 17:14 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\InetStat
2015-01-24 13:08 - 2015-01-24 13:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2015-01-24 13:04 - 2014-12-05 00:09 - 00370880 _____ (Abengine) C:\Windows\system32\abengine64.dll
2015-01-24 13:03 - 2015-01-24 13:03 - 00000002 _____ () C:\END
2015-01-24 13:02 - 2015-01-24 17:15 - 00001384 _____ () C:\Windows\Tasks\SWRDAM.job
2015-01-24 13:02 - 2015-01-24 13:02 - 00004402 _____ () C:\Windows\System32\Tasks\SWRDAM
2015-01-24 13:02 - 2015-01-24 13:02 - 00000000 ____D () C:\Program Files (x86)\99d5089f-8116-4850-8c55-0f51a9c108f8
2015-01-24 13:01 - 2015-01-24 17:14 - 00000000 ____D () C:\ProgramData\TPMRZi
2015-01-23 23:18 - 2015-01-24 19:29 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 23:18 - 2015-01-24 17:16 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 23:18 - 2015-01-23 23:24 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-23 23:18 - 2015-01-23 23:24 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Google
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 23:16 - 2015-01-24 14:00 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-23 23:15 - 2015-01-23 23:15 - 00003472 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2015-01-23 23:15 - 2015-01-23 23:15 - 00003208 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2015-01-23 23:15 - 2015-01-23 23:15 - 00000000 ____D () C:\Users\Arbeit Daniel\Documents\ProPCCleaner
2015-01-23 23:15 - 2015-01-23 23:15 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Pro_PC_Cleaner
2015-01-23 23:14 - 2015-01-24 17:58 - 00001384 _____ () C:\Windows\Tasks\QKTMVX.job
2015-01-23 23:14 - 2015-01-24 17:15 - 00001384 _____ () C:\Windows\Tasks\WDXJHF.job
2015-01-23 23:14 - 2015-01-24 17:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-23 23:14 - 2015-01-24 17:12 - 00000000 ____D () C:\Program Files (x86)\BWSRappSev2
2015-01-23 23:14 - 2015-01-23 23:14 - 01878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\QKTMVX
2015-01-23 23:14 - 2015-01-23 23:14 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\globalUpdate
2015-01-23 23:13 - 2015-01-23 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-01-23 23:11 - 2015-01-24 19:11 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0236F925-95AD-4D52-86AE-38EFBEF32D33}
2015-01-23 23:11 - 2015-01-24 18:10 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-372149687-12892241-2324643792-1001
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieUserList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieSiteList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Macromedia
2015-01-23 23:09 - 2015-01-24 13:01 - 00002163 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Public\Pokki
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\AOP SDK
2015-01-23 23:08 - 2015-01-24 17:17 - 00002334 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-23 23:07 - 2015-01-23 23:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\clear.fi
2015-01-23 23:07 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel\PicStream
2015-01-23 23:06 - 2015-01-23 23:06 - 00001272 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-01-23 23:05 - 2015-01-23 23:38 - 00001450 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 23:05 - 2015-01-23 23:06 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Packages
2015-01-23 23:05 - 2015-01-23 23:05 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-23 23:05 - 2015-01-23 23:05 - 00000020 ___SH () C:\Users\Arbeit Daniel\ntuser.ini
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Vorlagen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Startmenü
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Netzwerkumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Lokale Einstellungen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Eigene Dateien
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Druckumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Musik
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Bilder
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Verlauf
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Adobe
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\VirtualStore
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Program Files\Accessory Store
2015-01-23 23:04 - 2015-01-24 17:18 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Pokki
2015-01-23 23:04 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel
2015-01-23 23:04 - 2014-09-25 10:54 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-23 23:04 - 2014-03-18 11:33 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-23 23:01 - 2015-01-24 17:31 - 00280983 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-24 17:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-24 17:20 - 2014-09-25 10:46 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-24 17:20 - 2014-09-25 10:46 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-24 17:20 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 17:15 - 2014-05-16 10:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-24 17:15 - 2014-03-18 10:54 - 00131226 _____ () C:\Windows\PFRO.log
2015-01-24 17:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 17:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\tracing
2015-01-24 17:14 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-24 17:12 - 2014-05-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-24 17:12 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-24 17:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-24 13:09 - 2013-08-22 15:46 - 00021366 _____ () C:\Windows\setupact.log
2015-01-24 13:06 - 2014-05-16 10:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-23 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-23 23:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-23 23:09 - 2014-05-16 11:03 - 00000000 ___HD () C:\OEM
2015-01-23 23:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-23 23:05 - 2014-05-16 11:09 - 00000000 ____D () C:\Windows\Panther
2015-01-23 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-23 22:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-23 22:59 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

==================== Files in the root of some directories =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 1878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2014-09-25 01:18 - 2014-09-25 01:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Arbeit Daniel\AppData\Local\Temp\60B625C8-ACFD-E501-3BD2-DB933563EF4C.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.dll
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\Launcher__10272.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\oct3B7.tmp.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\optprosetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\setup_337.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-05-16 10:10

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 25.01.2015, 08:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



MBAM updaten, scannen , Funde löschen.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.01.2015, 17:06   #5
boulderman
 
neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 16:38:37
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-24.3 [Local]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Arbeit Daniel - DANIEL
# Gestartet von : C:\Users\Arbeit Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\LFGU6VHS\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Windows\System32\abengine64.dll
Ordner Gefunden : C:\Program Files (x86)\BWSRappSev2
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\ProgramData\186fef6e00000659
Ordner Gefunden : C:\ProgramData\43a438fc00001e7f
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Pro_PC_Cleaner
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Roaming\InetStat
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gefunden : C:\Users\Arbeit Daniel\Documents\Optimizer Pro
Ordner Gefunden : C:\Users\Arbeit Daniel\Documents\ProPCCleaner
Ordner Gefunden : C:\Users\ARBEIT~1\AppData\Local\Temp\CommonShare

***** [ Tasks ] *****

Task Gefunden : ProPCCleaner_Start
Task Gefunden : ProPCCleaner_Popup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BWSRappSev2
Schlüssel Gefunden : HKCU\Software\Classes\Applications\inetstat.exe
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\GAMESDESKTOP
Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\InetStat
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF9F6E42-A85C-42CC-82C6-BB102DEF23E1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\Pokki
Schlüssel Gefunden : HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : HKCU\Software\Super Optimizer
Schlüssel Gefunden : HKCU\Software\Tutorials
Schlüssel Gefunden : HKCU\Software\Wnkey
Schlüssel Gefunden : [x64] HKCU\Software\GAMESDESKTOP
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\InetStat
Schlüssel Gefunden : [x64] HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF9F6E42-A85C-42CC-82C6-BB102DEF23E1}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro
Schlüssel Gefunden : [x64] HKCU\Software\Pokki
Schlüssel Gefunden : [x64] HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : [x64] HKCU\Software\Super Optimizer
Schlüssel Gefunden : [x64] HKCU\Software\Tutorials
Schlüssel Gefunden : [x64] HKCU\Software\Wnkey
Schlüssel Gefunden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\BWSRappSev2
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Schlüssel Gefunden : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gefunden : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d50b5ca-fe9d-4541-9d77-3d5b61048592}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae85ed90-359d-4da3-b794-6936929b7340}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BWSRappSev2
Schlüssel Gefunden : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d50b5ca-fe9d-4541-9d77-3d5b61048592}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae85ed90-359d-4da3-b794-6936929b7340}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://tikotin.com

-\\ Google Chrome v40.0.2214.91

[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=58&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&q={searchTerms}&SSPV=
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=58&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [13134 octets] - [25/01/2015 16:38:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13195 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Arbeit Daniel on 25.01.2015 at 16:46:59,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611991117}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622992217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655995517}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666996617}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644994417}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611991117}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622992217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655995517}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666996617}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644994417}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611991117}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611991117}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655995517}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666996617}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644994417}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DF9F6E42-A85C-42CC-82C6-BB102DEF23E1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}



~~~ Files

Successfully deleted: [File] "C:\Users\Arbeit Daniel\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Arbeit Daniel\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Arbeit Daniel\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Users\Arbeit Daniel\appdata\local\pro_pc_cleaner"
Successfully deleted: [Folder] "C:\Program Files (x86)\globalupdate"
Successfully deleted: [Folder] "C:\Users\Arbeit Daniel\documents\optimizer pro"
Successfully deleted: [Folder] "C:\Users\Arbeit Daniel\documents\propccleaner"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2015 at 16:49:53,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel (administrator) on DANIEL on 25-01-2015 17:05:16
Running from C:\Users\Arbeit Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\4GC2J6PJ
Loaded Profiles: Arbeit Daniel (Available profiles: Arbeit Daniel)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(BroServix+2.3) C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe [14115328 2015-01-09] (zik.mu)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-372149687-12892241-2324643792-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://tikotin.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: BWSRappSev2 -> {11111111-1111-1111-1111-110611991117} -> C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bho64.dll (BroServix+2.3)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 16 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-05-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-16]
FF HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Firefox\Extensions: [{7DEBE74A-F60E-1010-4430-598EAAAF698D}] - C:\Program Files (x86)\ver8SpeedChecker\186.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=55&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-24]
CHR Extension: (YouTube) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Adblock Plus) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]
CHR Extension: (Google Search) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (SiteAdvisor) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-23]
CHR Extension: (AdBlock) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-24]
CHR Extension: (Google Wallet) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-06] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-09-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-09-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 16:56 - 2015-01-25 16:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-25 16:49 - 2015-01-25 16:49 - 00004566 _____ () C:\Users\Arbeit Daniel\Desktop\JRT.txt
2015-01-25 16:46 - 2015-01-25 16:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 14:30 - 2015-01-25 16:39 - 00000000 ____D () C:\AdwCleaner
2015-01-24 19:36 - 2015-01-24 19:37 - 00030357 _____ () C:\Users\Arbeit Daniel\Downloads\Addition.txt
2015-01-24 19:35 - 2015-01-25 17:05 - 00000000 ____D () C:\FRST
2015-01-24 19:35 - 2015-01-24 19:37 - 00039811 _____ () C:\Users\Arbeit Daniel\Downloads\FRST.txt
2015-01-24 19:35 - 2015-01-24 19:35 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe
2015-01-24 19:34 - 2015-01-24 19:34 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64.exe
2015-01-24 17:22 - 2015-01-24 17:22 - 00000000 ____D () C:\ProgramData\186fef6e00000659
2015-01-24 17:21 - 2015-01-24 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-24 17:16 - 2015-01-24 17:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 17:14 - 2015-01-24 17:14 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-01-24 13:33 - 2015-01-24 17:24 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Windows Live
2015-01-24 13:32 - 2015-01-24 13:32 - 01239752 _____ (Microsoft Corporation) C:\Users\Arbeit Daniel\Downloads\wlsetup-web.exe
2015-01-24 13:26 - 2015-01-24 17:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 13:26 - 2015-01-24 13:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-24 13:26 - 2015-01-24 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-24 13:25 - 2015-01-24 13:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-24 13:25 - 2015-01-24 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-24 13:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-24 13:24 - 2015-01-24 13:24 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Arbeit Daniel\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-24 13:14 - 2015-01-24 13:14 - 00000000 ____D () C:\ProgramData\43a438fc00001e7f
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Program Files\BubbleSound
2015-01-24 13:10 - 2015-01-24 13:10 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Acer Aspire R7 Tutorial
2015-01-24 13:08 - 2015-01-24 17:14 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\InetStat
2015-01-24 13:08 - 2015-01-24 13:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2015-01-24 13:04 - 2014-12-05 00:09 - 00370880 _____ (Abengine) C:\Windows\system32\abengine64.dll
2015-01-24 13:03 - 2015-01-24 13:03 - 00000002 _____ () C:\END
2015-01-24 13:02 - 2015-01-24 17:15 - 00001384 _____ () C:\Windows\Tasks\SWRDAM.job
2015-01-24 13:02 - 2015-01-24 13:02 - 00004402 _____ () C:\Windows\System32\Tasks\SWRDAM
2015-01-24 13:02 - 2015-01-24 13:02 - 00000000 ____D () C:\Program Files (x86)\99d5089f-8116-4850-8c55-0f51a9c108f8
2015-01-24 13:01 - 2015-01-24 17:14 - 00000000 ____D () C:\ProgramData\TPMRZi
2015-01-23 23:18 - 2015-01-25 15:29 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 23:18 - 2015-01-24 17:16 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 23:18 - 2015-01-23 23:24 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-23 23:18 - 2015-01-23 23:24 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Google
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 23:16 - 2015-01-24 14:00 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-23 23:15 - 2015-01-23 23:15 - 00003472 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2015-01-23 23:15 - 2015-01-23 23:15 - 00003208 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2015-01-23 23:14 - 2015-01-25 16:40 - 00001384 _____ () C:\Windows\Tasks\WDXJHF.job
2015-01-23 23:14 - 2015-01-24 17:58 - 00001384 _____ () C:\Windows\Tasks\QKTMVX.job
2015-01-23 23:14 - 2015-01-24 17:12 - 00000000 ____D () C:\Program Files (x86)\BWSRappSev2
2015-01-23 23:14 - 2015-01-23 23:14 - 01878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\QKTMVX
2015-01-23 23:13 - 2015-01-23 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-01-23 23:11 - 2015-01-25 16:53 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-372149687-12892241-2324643792-1001
2015-01-23 23:11 - 2015-01-25 14:27 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0236F925-95AD-4D52-86AE-38EFBEF32D33}
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieUserList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieSiteList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Macromedia
2015-01-23 23:09 - 2015-01-24 13:01 - 00002163 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Public\Pokki
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\AOP SDK
2015-01-23 23:08 - 2015-01-24 17:17 - 00002334 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-23 23:07 - 2015-01-23 23:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\clear.fi
2015-01-23 23:07 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel\PicStream
2015-01-23 23:06 - 2015-01-23 23:06 - 00001272 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-01-23 23:05 - 2015-01-25 15:02 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Packages
2015-01-23 23:05 - 2015-01-23 23:38 - 00001450 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 23:05 - 2015-01-23 23:05 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-23 23:05 - 2015-01-23 23:05 - 00000020 ___SH () C:\Users\Arbeit Daniel\ntuser.ini
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Vorlagen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Startmenü
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Netzwerkumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Lokale Einstellungen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Eigene Dateien
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Druckumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Musik
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Bilder
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Verlauf
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Adobe
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\VirtualStore
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Program Files\Accessory Store
2015-01-23 23:04 - 2015-01-25 14:24 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Pokki
2015-01-23 23:04 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel
2015-01-23 23:04 - 2014-09-25 10:54 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-23 23:04 - 2014-03-18 11:33 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-23 23:01 - 2015-01-25 17:05 - 01619561 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-25 16:56 - 2013-08-22 15:46 - 00022048 _____ () C:\Windows\setupact.log
2015-01-25 16:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-25 14:28 - 2014-09-25 10:46 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 14:28 - 2014-09-25 10:46 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 14:28 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 17:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-24 17:15 - 2014-05-16 10:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-24 17:15 - 2014-03-18 10:54 - 00131226 _____ () C:\Windows\PFRO.log
2015-01-24 17:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 17:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\tracing
2015-01-24 17:14 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-24 17:12 - 2014-05-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-24 17:12 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-24 17:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-24 13:06 - 2014-05-16 10:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-23 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-23 23:09 - 2014-05-16 11:03 - 00000000 ___HD () C:\OEM
2015-01-23 23:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-23 23:05 - 2014-05-16 11:09 - 00000000 ____D () C:\Windows\Panther
2015-01-23 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-23 22:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-23 22:59 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

==================== Files in the root of some directories =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 1878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2014-09-25 01:18 - 2014-09-25 01:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Arbeit Daniel\AppData\Local\Temp\60B625C8-ACFD-E501-3BD2-DB933563EF4C.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.dll
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\Launcher__10272.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\oct3B7.tmp.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\optprosetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\setup_337.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-05-16 10:10

==================== End Of Log ============================
         
--- --- ---


Alt 25.01.2015, 19:04   #6
schrauber
/// the machine
/// TB-Ausbilder
 

neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



AdwCleaner auch löschen lassen. Du hast nur Suchen lassen.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> neuer Laptop Win 8.1 total langsam

Alt 25.01.2015, 20:50   #7
boulderman
 
neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 16:38:37
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-24.3 [Local]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Arbeit Daniel - DANIEL
# Gestartet von : C:\Users\Arbeit Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\LFGU6VHS\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Windows\System32\abengine64.dll
Ordner Gefunden : C:\Program Files (x86)\BWSRappSev2
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\ProgramData\186fef6e00000659
Ordner Gefunden : C:\ProgramData\43a438fc00001e7f
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Local\Pro_PC_Cleaner
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Roaming\InetStat
Ordner Gefunden : C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gefunden : C:\Users\Arbeit Daniel\Documents\Optimizer Pro
Ordner Gefunden : C:\Users\Arbeit Daniel\Documents\ProPCCleaner
Ordner Gefunden : C:\Users\ARBEIT~1\AppData\Local\Temp\CommonShare

***** [ Tasks ] *****

Task Gefunden : ProPCCleaner_Start
Task Gefunden : ProPCCleaner_Popup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BWSRappSev2
Schlüssel Gefunden : HKCU\Software\Classes\Applications\inetstat.exe
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\GAMESDESKTOP
Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\InetStat
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF9F6E42-A85C-42CC-82C6-BB102DEF23E1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\Pokki
Schlüssel Gefunden : HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : HKCU\Software\Super Optimizer
Schlüssel Gefunden : HKCU\Software\Tutorials
Schlüssel Gefunden : HKCU\Software\Wnkey
Schlüssel Gefunden : [x64] HKCU\Software\GAMESDESKTOP
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\InetStat
Schlüssel Gefunden : [x64] HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF9F6E42-A85C-42CC-82C6-BB102DEF23E1}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro
Schlüssel Gefunden : [x64] HKCU\Software\Pokki
Schlüssel Gefunden : [x64] HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : [x64] HKCU\Software\Super Optimizer
Schlüssel Gefunden : [x64] HKCU\Software\Tutorials
Schlüssel Gefunden : [x64] HKCU\Software\Wnkey
Schlüssel Gefunden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\BWSRappSev2
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Schlüssel Gefunden : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gefunden : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d50b5ca-fe9d-4541-9d77-3d5b61048592}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae85ed90-359d-4da3-b794-6936929b7340}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BWSRappSev2
Schlüssel Gefunden : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d50b5ca-fe9d-4541-9d77-3d5b61048592}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae85ed90-359d-4da3-b794-6936929b7340}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://tikotin.com

-\\ Google Chrome v40.0.2214.91

[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=58&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&q={searchTerms}&SSPV=
[C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=58&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [13134 octets] - [25/01/2015 16:38:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13195 octets] ##########
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee Anti-Virus und Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader XI  
 Google Chrome (39.0.2171.65) 
 Google Chrome (40.0.2214.91) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel (administrator) on DANIEL on 25-01-2015 20:48:28
Running from C:\Users\Arbeit Daniel\Downloads
Loaded Profiles: Arbeit Daniel (Available profiles: Arbeit Daniel)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Users\Arbeit Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\LFGU6VHS\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe [14115328 2015-01-09] (zik.mu)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
         

Alt 26.01.2015, 09:58   #8
schrauber
/// the machine
/// TB-Ausbilder
 

neuer Laptop Win 8.1 total langsam - Standard

neuer Laptop Win 8.1 total langsam



Ehm.....

Zitat:
AdwCleaner auch löschen lassen. Du hast nur Suchen lassen.
Zitat:
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 16:38:37
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-24.3 [Local]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Arbeit Daniel - DANIEL
# Gestartet von : C:\Users\Arbeit Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\LFGU6VHS\AdwCleaner_4.109.exe
# Option : Suchen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu neuer Laptop Win 8.1 total langsam
appdata, arbeit, default, folge, folgende, google, html, ics, install, langsam, laptop, laufen, logdatei, logfile, malwarebytes, microsoft, neuer, rootkits, software, startup, system, total, version, win, windows, windows8.1




Ähnliche Themen: neuer Laptop Win 8.1 total langsam


  1. Neuer Laptop
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (3)
  2. Relativ neuer Laptop langsam geworden. Viren?
    Plagegeister aller Art und deren Bekämpfung - 11.06.2015 (21)
  3. Neuer Laptop! Unzählige Pop-Ups, teilweise langsam, Browserinhalt verschiebt sich.
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (13)
  4. Neuer Laptop total langsam
    Plagegeister aller Art und deren Bekämpfung - 14.09.2014 (7)
  5. Laptop total langsam
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (11)
  6. Laptop auf einmal total langsam und hängt sich oft auf.
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (7)
  7. Laptop plötzlich total langsam..Funde durch adwCleaner
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (9)
  8. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  9. Laptop mit Win7 läuft plötzlich total langsam
    Log-Analyse und Auswertung - 22.02.2013 (18)
  10. laptop spin6n6t total
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (1)
  11. [doppelt] Sound Total Verzerrt, MBAM 25 Funde, Pc total Langsam
    Mülltonne - 02.01.2012 (0)
  12. Laptop total überlastet - QtZyEmachine.exe
    Log-Analyse und Auswertung - 15.06.2010 (1)
  13. Laptop total langsam trotz neuinstallation
    Log-Analyse und Auswertung - 06.04.2009 (0)
  14. Laptop spinnt total - Virus???
    Log-Analyse und Auswertung - 08.09.2008 (3)
  15. Laptop total langsam
    Log-Analyse und Auswertung - 28.01.2008 (1)
  16. PC und Laptop total verhunst?
    Log-Analyse und Auswertung - 05.02.2007 (3)
  17. Mein Pc spinnt total und mein Internet ist total langsam,bitte um hilfe!
    Log-Analyse und Auswertung - 23.01.2005 (2)

Zum Thema neuer Laptop Win 8.1 total langsam - Malwarebytes hab ich schon mal laufen lassen und folgende Logdatei bekommen. HTML-Code: <?xml version= "1.0" encoding= "UTF-16" ?> - <mbam-log> - <header> <date> 2015/01/24 17:25:14 +0100 </date> <logfile> mbam-log-2015-01-24 (17-25-14).xml - neuer Laptop Win 8.1 total langsam...
Archiv
Du betrachtest: neuer Laptop Win 8.1 total langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.