Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Irgendwas Installiert immer programme und öffnet denn Internet Explorer

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Plagegeister aller Art und deren Bekämpfung: Irgendwas Installiert immer programme und öffnet denn Internet Explorer

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 3 von 5 12 3 45
Alt 01.05.2015, 18:23   #31
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Luke at 2015-05-01 19:21:38
Running from C:\Users\Luke\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2833233637-2508301349-1291184669-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2833233637-2508301349-1291184669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2833233637-2508301349-1291184669-1003 - Limited - Enabled)
Luke (S-1-5-21-2833233637-2508301349-1291184669-1001 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{8FAAC5E4-3361-726A-9F42-F0414FD1D3BC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GUPlayer (remove only) (HKLM-x32\...\GUPlayer) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.5.1000 - Maxthon International Limited)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MyPC Backup  (HKLM-x32\...\OLBPre) (Version:  - MyPC Backup) <==== ATTENTION
MyPCBU version 2.25 (HKLM-x32\...\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1) (Version: 2.25 - )
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{F7AA162F-C617-4A02-8AC3-42774F81B979}) (Version: 6.1.4.0 - Husdawg, LLC)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-04-25 02:16 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AB538-E1B7-4977-9FF8-8DBE8A90E6B1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {2A704CC2-462E-4532-9931-74B084990D74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74B63A07-B7A3-40D9-ADA9-CE63E179A1C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {794707B3-4E0D-41F6-BA1F-F940E3F8EDCB} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8F932E87-673D-4CE2-88F5-029E39D77643} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {97B375BE-318B-4783-B3A9-01C18B3AF650} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-04-21] (Maxthon International ltd.)
Task: {9832B521-2E64-4246-8503-7FA5BF751DCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.)
Task: {A238561D-DA95-4A84-BC5C-1CA22C559710} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {B5A08449-CFFB-4405-8147-3B1BA272191D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CEE9A210-CE7B-4EFF-A8CF-5B5A2332E578} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DA53913E-B6AA-4817-BC03-4BED60ACFAC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {DA9BF4EE-B068-4D93-B13D-2F9D8FF2FC9E} - System32\Tasks\AVAST Software\Avast Integrity Check => C:\WINDOWS\AswCheck.exe [2015-04-29] (AVAST Software s. r. o.)
Task: {DB5406F1-B383-4F63-B395-4E03D22051DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.)
Task: {F4647AF3-5B2C-4CC0-9EED-A434C537A9A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-21 00:28 - 2015-04-21 00:28 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-06-27 22:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-27 21:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-17 07:19 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-17 07:19 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-17 07:19 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-27 22:29 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-04-17 07:19 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-17 07:19 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 02128152 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
2013-06-06 23:59 - 2013-06-06 23:59 - 00158744 _____ () C:\Program Files (x86)\Aeria Games\Ignite\AGAkamai.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 04055504 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 16843952 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\Npplugins\NPSWF32_16_0_0_235.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Luke\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Luke\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\StartupFolder: => "Download.lnk"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "iDevice Manager Launcher"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E7554797-41BE-420B-9F5C-1EBE27688857}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2D338243-2018-4788-BABE-837BD8E40F68}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{59A37F2E-AD53-4FDF-B9F1-9C048715B665}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3CBCB046-FAA3-4709-AA4B-D4E6BFB00084}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3FF686FB-07B4-4F92-BEAD-C4CCA423F721}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E73394DC-5A9B-418B-923A-76099AE77896}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{69655989-5BB2-4CA9-AC4D-22BB40F4CE79}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A8DD827D-44B7-4F01-9B10-6C8C7B2421CF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A6019CFC-B626-4EBA-98CE-122F82B963D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{000F2993-3D1D-4E9F-B5BE-C4F377CD4C39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{6B553771-7C53-4E02-86EA-CC4FC5659276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1B71D00-1D43-4E67-B6A0-2A69DB6C4849}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3295121D-F072-4A5D-92B9-31306F4D56A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B33FC17-3AD8-46E8-89F3-241795832DDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FB9D8A30-EA0A-4AE0-A143-0D9822556BFA}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{622F1F22-B0E0-4602-88FF-7E4BE5665939}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1E7D9559-63EC-4D32-BA88-C969DB527D05}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{962B1694-7C6A-48D4-8964-346C11450F03}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FF8F480F-D39F-4359-BBF4-C1A00B76E43B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{68A1B8D1-6863-4F95-9021-C40449AF7F56}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{60C2F3C5-B1EE-429A-975A-90F0093A4260}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C72CCF90-1969-46E3-8254-E873C1E820C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{4B863526-F96D-4A1C-BC11-34D96CED5B7B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{C7007839-AAB2-4721-82DB-41C334145BC6}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F1561C61-0CC3-453E-AA96-80A50073F933}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{0956945E-ECEB-454F-AA7E-3E4E416B94EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8483553C-17C6-40E6-8C14-FED5CDA1A2B5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7219418A-0269-43F4-8637-E3BF19C0C338}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4A54BFC3-D4FE-4C4C-AFC7-69A630C66FC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D23B23B3-01CE-400B-A884-9762D24CC810}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{59FED6E3-EF16-46D3-8DD8-C36DF47F912B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E54F8976-3F9C-4949-A45A-1539FF2E344C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F48263C3-F917-409F-9702-CF9C9C198F9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{0D06A8F2-5F3B-4F05-B642-959DB220A0C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{5EE6C1DA-08E6-4857-ADF3-D0A43994F7F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{FEE32B52-2861-4E12-8DE6-F5612EE38C50}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{83022108-C32A-40A8-92E9-A3F4808BC15A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8EBBC63A-315B-4834-88B2-CAEC6FFBC836}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{784E8EFF-739D-44EE-91EB-FCE0AEE7368F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDD272BD-F836-46B5-97DA-6445F9FBE302}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55F745E5-9DD0-4AC1-8670-C8A746E1204C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{256972A2-5F68-4277-BC1E-0A9C3FAC9B05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{34228308-62F7-4877-8EB9-ACEE6E3F24BE}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{ACA4E598-83A4-4F7C-A0DF-2574CDD03756}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4A3DC8F5-7AE0-415E-9D44-2758E8B2CD40}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9C10FC-2D80-4E62-8008-D520DB981432}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F9439EE-2590-47EE-892D-EA1106AA5869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EFA6776B-4BFD-4C91-AB95-547A8168AF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{70E3E026-F6FB-473B-BAD8-D0DDFDD905B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0770D0BE-C57E-4C92-86F3-C4C54587DC3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C6FCE1E-66FA-4C9B-8B43-776910F0D503}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8CBBA233-C5F1-419B-9353-9C5711233715}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7BC554F-8F33-4328-9B65-1F5E75E4427F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{FACEFBF5-B11E-4156-85D6-F7DBAA63C276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{383B2C2F-786C-499B-A717-18C52C712CB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{E4E54C7E-2E6C-4088-9F0C-658C8521734E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{546DAEFA-E7CC-44DD-B2D9-5BBB431C7D58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{82DF21ED-5735-49CC-A071-9D72E599A137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A5732DD7-EBCB-496A-A89B-51C1A5E1A2F4}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{8824542F-F357-4151-A2EF-7E986145C905}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{87C2D4A0-4619-44B1-AB75-BEC3E782F729}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{6D569F9A-2AB3-4629-A8FD-BA0FF9C7D927}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{306237A1-8C6E-44E1-974C-4E904A8ED4CB}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{19765BC9-502D-43BE-8F46-8FC6B53A86BE}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{F3E80958-FB79-45FE-9676-3FA5CC8553D0}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{012F5B9B-3A58-4797-A685-CB5D046D8039}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [TCP Query User{577A31B1-FC0D-4E81-BEB7-3ECC9F7F0093}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{B0AE0150-6D84-41BF-8675-51328C75E02D}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{EB6CD351-3EC1-4251-85C3-1FC9B26D44E7}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{97A3EED2-4418-4B92-A793-B38A40803068}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5894B1E8-8FFE-445F-B183-FDC1665C601C}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2C988805-8DA8-4342-A87A-0C3083029CD3}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3377194A-0E72-4CA6-8B4B-A638DCD001BC}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{D45510EC-5B2C-4C45-A8BE-4A23B16F4255}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{4DD39C25-CB56-4F35-BB9F-CEB53C9D378F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{91607FB7-616A-401E-B22E-CC3E2842FDAE}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{FFBA80FC-9BF7-4BAE-9829-D60CF37B2120}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6C0FC17-EB84-461A-A7A8-E8E85DAB2237}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ABE424B3-2C9D-4B8B-A053-0E4E58A723CC}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EAAF7A58-520C-48A2-9EB2-6C403AF6ADFB}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{E6704CC5-FDBD-45A8-9858-FA3C61B4A567}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{43569F6A-E34E-42FD-B924-5F64E8531891}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F6318D68-0C39-49D6-88C8-E94174EE956E}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{2F9F0EDE-F98A-48FD-9311-8EBCD66D54A3}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{BA102D17-2FF9-47CC-8098-0708CEBC3DE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3E8C8F-2743-4502-A1A0-99294CD3508D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9CD8245-4C79-483C-B399-3735C8A4A978}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{170C9D24-870A-4752-88D0-39D7F47515BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{870B228C-8B91-4066-90C7-6AFABE147E24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F97EB000-B010-4F53-9CD9-5BFA2FF8AEAA}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{77974C3F-126D-4BE9-B13E-E61B8E6CEFE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{AECA3B0D-05E3-4D86-81B1-327E1BDC5095}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{8E3C3A08-08F8-41C7-ACCA-78DAAFEB4F82}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{1F4F3D50-A2AE-492F-B2D6-B4BD662677CF}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{0A819849-291C-4D86-B2A8-4533197A3331}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{79EF5871-5713-4449-AAA6-C4D3CE263C5B}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{E3E31E13-DEEB-4634-9B54-27C81E766235}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{F67540D9-1ADD-4F24-9D06-DB41FC2ABF80}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{F341A0F9-79CA-4754-B6F2-66BDB236230C}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [UDP Query User{6570CFC7-2BF5-4430-97B1-0A6298175165}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [TCP Query User{A3C6189A-22D7-459D-B5AC-347B014566BC}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{23988B52-A1DC-4C7A-AAE6-F9A72A414644}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{6B6DC1FA-C976-4F84-A119-97D9EFF98D9B}] => (Allow) LPort=12000
FirewallRules: [{58612240-A7A8-4BC5-BF08-C018B433E4CF}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{3AB22375-CAF2-4628-B14D-BD254A903407}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F44DE5B0-95ED-41C2-A771-C4057269AEB3}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A23FBA4D-C174-49C9-A879-FE982548980F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{4B78278C-B488-4C26-88E1-8FB2129C64C0}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{5617ABCE-4A30-4B1C-9B38-DF22AEBD1872}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{182203E0-806E-4661-A4C1-B59EE10E5C26}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C46AECDE-EFCF-441A-A813-1D460B73E1C9}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5FAC95F-A382-4D6D-BA68-4A972637E584}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B197CC8A-CC1F-4121-B4E1-91A402DB5198}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{20B023C1-D6DC-4A6A-AE97-3515B9511E6C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{26C6452A-F41B-49FC-B057-3A1C51068125}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DF503139-67E5-43CA-BD72-A33D8084E6FE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{6046E8C7-C1B5-4244-8988-A43A930BD440}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{0582EEDD-AC07-4A67-B04A-03CC5CDBF7F4}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{51D43F3B-405F-438A-8125-9E123F8486ED}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [TCP Query User{0604BDC8-3442-494A-AB98-6907E965EB58}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EC7FB41E-5EE3-47AB-8EDE-AE5D89B955BF}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7C878BA3-8079-4ED6-9925-48A0C2CB1815}] => (Allow) LPort=54712
FirewallRules: [{D6442184-D1E0-4FC7-B1D2-14374720CC0B}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{32923B18-C9C9-47E4-8959-A193AA718D6D}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{93E413CE-4029-481B-8A3B-6C02A45DB000}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Rhyveeos WT Hack.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 454

Startzeit: 01d08429425de629

Endzeit: 4294967295

Anwendungspfad: C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exe

Berichts-ID: bcaa7fd6-f01c-11e4-8266-f8a963069189

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TribesAscend.exe, Version: 1.0.1268.1, Zeitstempel: 0x5137c5a5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x0685eebe
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0xTribesAscend.exe0
Pfad der fehlerhaften Anwendung: TribesAscend.exe1
Pfad des fehlerhaften Moduls: TribesAscend.exe2
Berichtskennung: TribesAscend.exe3
Vollständiger Name des fehlerhaften Pakets: TribesAscend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TribesAscend.exe5

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406


System errors:
=============
Error: (05/01/2015 06:00:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/01/2015 02:06:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80010108 fehlgeschlagen: MAGIX.MusicMakerJam

Error: (05/01/2015 02:05:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (05/01/2015 02:03:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/01/2015 02:03:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/01/2015 02:03:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/30/2015 08:32:16 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}

Error: (04/30/2015 08:28:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (04/30/2015 08:26:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/30/2015 08:26:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Rhyveeos WT Hack.exe1.0.0.045401d08429425de6294294967295C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exebcaa7fd6-f01c-11e4-8266-f8a963069189

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TribesAscend.exe1.0.1268.15137c5a5unknown0.0.0.000000000c00001a50685eebe19c801d0841402a71e82C:\Program Files (x86)\Steam\steamapps\common\tribes\binaries\Win32\TribesAscend.exeunknowndafacff3-f007-11e4-8266-f8a963069189

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406


CodeIntegrity Errors:
===================================
  Date: 2015-05-01 02:05:02.011
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-30 20:28:27.986
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 21:22:55.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 14:23:18.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 10:12:39.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:53:51.635
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:04:21.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-26 16:04:21.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-25 02:08:49.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-25 02:08:49.281
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 31%
Total physical RAM: 8072.27 MB
Available physical RAM: 5503.38 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 12701.5 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.7 GB) (Free:759.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F153F78B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 01.05.2015, 18:39   #32
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


OK, dann jetzt bitte einen Suchscan mit ESET:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________
Alt 01.05.2015, 21:03   #33
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=af337b45d2e8044a8c532e9b4de740ad
# engine=23654
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-01 07:14:56
# local_time=2015-05-01 09:14:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 17182 7590088 0 0
# scanned=221589
# found=55
# cleaned=55
# scan_time=4583
sh=6162C3EBB455616EA663E557BB201F58E932E263 ft=1 fh=de6eea9bfc2c4ca8 vn="Variante von Win32/Toolbar.CrossRider.CL evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-2833233637-2508301349-1291184669-1001\$RO3XHHM\utility.exe"
sh=56AC31EBC54597C6E194D9B5ADDF6B29458245F9 ft=1 fh=5f3daecbd404e087 vn="Win32/Toolbar.Perion.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\grunt.exe.vir"
sh=66608BCB88F6457E34237167FA6FBC49DD251CED ft=1 fh=d4755eb64e31f0fe vn="Variante von Win32/Toolbar.BitCocktail.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\kasumi32.dll.vir"
sh=A2778D4B49DA215BBD11D9D8CF67F97DF9455757 ft=1 fh=ec14f6e921ad2e8b vn="Variante von Win64/Toolbar.Perion.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\kasumi64.dll.vir"
sh=B3B169E220BD591802B05759ADEE1C353E15B112 ft=1 fh=9d6c1fda665ceb54 vn="Variante von Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios.dll.vir"
sh=014302BCFCE8E95F675D856ADC42614B6769BD78 ft=1 fh=d796cde0598a222b vn="Variante von Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios64.dll.vir"
sh=F5E9CFA83893B70D39165F042DBE6BBDC5BC9DF3 ft=1 fh=cef96969f9ed33f7 vn="Variante von Win64/Toolbar.Perion.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\liara64.dll.vir"
sh=F640C06B85B961C0E251E1302D2913EDD8B44292 ft=1 fh=f978b8eb4c0264ff vn="Variante von Win32/Toolbar.Perion.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\tsoni.dll.vir"
sh=2F4C208655A7EC2BA1D2EE29C6383AAC17948A9E ft=1 fh=e78b89200277aa28 vn="Win32/Toolbar.Perion.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\wrex.exe.vir"
sh=5A10F30C11DCE52228B78385750B0B8BC1ABC042 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Firefox\chrome\content\main.js.vir"
sh=475675CE3DA8A21B0A19168B648659CEAA9D8BE4 ft=1 fh=b2747827ba3c0ab8 vn="Variante von Win32/TrojanDropper.Addrop.F Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe.vir"
sh=E0359B12A990BB29A0DB03E0FEDD5D84FB760EB3 ft=1 fh=600949467ccd7b6e vn="Variante von Win32/Adware.Vitruvian.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe.vir"
sh=3D3CF6DD590E5D3D4350AA5556BFC083F23399E8 ft=1 fh=0b9a4d1394aa1459 vn="Variante von Win32/BrowseFox.AE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\MetalMakerbho.dll.vir"
sh=49292E75F83A34CFF770DC833335EB15E3B8453B ft=1 fh=31da4f96eac29ca0 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\updateMetalMaker.exe.vir"
sh=512DBFA22B77113A45660E969C776BF0EE28196A ft=1 fh=adf4d8a5ab057422 vn="Variante von Win32/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dc.dll.vir"
sh=172E4C933605C12EE0F85662D66F5F133DB62949 ft=1 fh=97879c0fc9497b72 vn="Variante von Win64/BrowseFox.CI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dc64.dll.vir"
sh=4B6B489055C9167D53E3219E47D7C3BB730094E4 ft=1 fh=98f70c4b772cf65c vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dcf0bcf79c44cc.dll.vir"
sh=8318D170860719F44AD3A5D36B38229BD290FF9B ft=1 fh=b933ecff1af5bfec vn="Variante von Win64/BrowseFox.CK evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dcf0bcf79c44cc64.dll.vir"
sh=FED419E2F869209D36EF6D04B16A351A815EC593 ft=1 fh=5cfa0585439b97fc vn="Variante von Win32/BrowseFox.AA evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.expext.exe.vir"
sh=C78C136529EA3B14A6C4E268A874F7C2F0425037 ft=1 fh=65c3afd72e40d529 vn="Variante von Win64/BrowseFox.CJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.expextdll.dll.vir"
sh=35688A20A537EAA767BFAB411DD25CDDC394CB0A ft=1 fh=c6afef4d7d30b975 vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.PurBrowse64.exe.vir"
sh=49292E75F83A34CFF770DC833335EB15E3B8453B ft=1 fh=31da4f96eac29ca0 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\utilMetalMaker.exe.vir"
sh=3B59A5D90CE64BE7E656C435B9891BCC9029402D ft=1 fh=d70e01cc7c367b15 vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.BrowserAdapter.dll.vir"
sh=5C2C61076D4BC339C9F0E8B43FBE9A81A688C264 ft=1 fh=014bd216b4eaff1e vn="Variante von MSIL/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.CompatibilityChecker.dll.vir"
sh=E96CC45495EA27590EC763C68546CC0E3337BC84 ft=1 fh=7f59a34eb4139869 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.ExpExt.dll.vir"
sh=1177C53B9DE5BE9B315046C0028CFBB0ED6FDC5F ft=1 fh=6769511bcdb28cbe vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.FFUpdate.dll.vir"
sh=AD9DD5E13C2AD445CD96EFBF2CBD15881E6E3F5C ft=1 fh=296170edf6b7434c vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.GCUpdate.dll.vir"
sh=1003653ECA5E21EEBB77C1E24C5CBEEF712C9FBD ft=1 fh=33744a8ab8b6ca75 vn="Variante von MSIL/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.PurBrowseG.dll.vir"
sh=5424684425CB556C39036E36DBF62808C7E346BE ft=1 fh=7f02cd4631e874fb vn="Variante von Win32/LiMo.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\fsf_luckysearches.exe.vir"
sh=A9EF12C7BF25D85DFAD98B5194B16BDAC475BCE1 ft=1 fh=468636d7038cc053 vn="Variante von Win64/Adware.MultiPlug.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\ieIvQ8uRteeneE.x64.dll.vir"
sh=097FBA7CE18A98F929922A317781DC56A9F40D12 ft=1 fh=468636d7034faa75 vn="Variante von Win64/Adware.MultiPlug.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\wCVy4eyEgARmDz.x64.dll.vir"
sh=810C1517C36278077DAB711A8F81B9F9D08E43F0 ft=1 fh=d5a7903e1ff68e8e vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir"
sh=7E105A4FE49D55CB3B71D8A91E6AD207E3BE1976 ft=1 fh=c5e772386234733f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir"
sh=07097986407A53ADBFC7C2A6BCCBACF41F8971B7 ft=1 fh=f231f1e4c2bc3212 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir"
sh=4E409DDB2156AF741787458B35CECE4AC41FD8B0 ft=1 fh=33cac8fcf432a6a1 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir"
sh=4E26DB266B754B627810C44A82C7484086F1CB3E ft=1 fh=8c26b72adef72cc0 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir"
sh=443E85926A955DB76F781D664702BB9D09D99E3E ft=1 fh=866e3f1468aa3f56 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir"
sh=E5CDD06C50650131591DAE0945340AA6ADC55E02 ft=1 fh=aaaec5f7af2e8f4b vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=3010EFD51E26234903A4940B8FD5FFE041C5B3E7 ft=1 fh=d7420a3702832fd1 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\DDYvwy.exe.vir"
sh=916C74D4E0DBD698830C3B354FAB81E0A82A0359 ft=1 fh=756b3818801f591f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\dUNSRf.dll.vir"
sh=CCB217F4410CF9CD047E5BA70754BABD78C3AB5C ft=1 fh=2aa92707f099d5ed vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\jHZIZzHDQ.exe.vir"
sh=19B0F2DC985715E7A670237B0A64CE34174B6B01 ft=1 fh=e3714fb3c80678fb vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\rNFyYk.exe.vir"
sh=1CA2FF0ADAC6F5DDD4B0D40A4C4400CE5BC9F364 ft=1 fh=4812958a0b79b25f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\rXrDvsjSWn.dll.vir"
sh=472BDCD077DC2243545BA27BC616A3A20D75AF96 ft=1 fh=e18e48c24834fa94 vn="Variante von Win32/Adware.MultiPlug.JM Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\Download.exe.vir"
sh=6142578CD21CF27FD3C1B3A4F0626DE9FC6DF275 ft=1 fh=a0b7e9a9340cf144 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\SmartWebApp.exe.vir"
sh=AA2BA9D6607589A3C93D1C760E3512EC8E61F968 ft=1 fh=f770637cdb111250 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\SmartWebHelper.exe.vir"
sh=080016256C564232771ED8D6EFFC94ECAECAD316 ft=1 fh=bfc1d533ef10baf8 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\swhk.dll.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\ASPackage\ASPackage.exe.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\B835A680-1430335704-E311-B039-F8A963069189\vnse71BE.tmp.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\B835A680-1430417623-E311-B039-F8A963069189\vnsk6FE8.tmp.vir"
sh=5558E78B1FE15A8C632C0CA2B1E3DF9A3D5EAB36 ft=1 fh=ddeea299b57e1104 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=4508C462C2F088919418F35A16E617FCCEB7839C ft=1 fh=0e258cef64efb25f vn="Variante von Win32/Adware.ConvertAd.KY Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\IE\WAL98EJJ\CASrv[1].exe"
sh=FB5D3C024D8252E2BB2E98DD6DD5D487BEDF5D44 ft=1 fh=9e70f47c3a7b9e39 vn="Win32/VOPackage.BV evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\IE\WAL98EJJ\count_vc[1].htm"
sh=CDFBA8C29E7E30F1B3D0CDB992EED4792A18010B ft=1 fh=e7539694541621ce vn="Variante von Win32/Adware.ConvertAd.KS Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Temp\_avast_\unp177670351.tmp"
__________________
Alt 02.05.2015, 12:32   #34
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Hi,

Google Chrome bitte mit Revo deinstallieren. Wenn benötigt, neue Version installieren.

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-29]
C:\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicy: Group Policy on Chrome detected 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction 
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {BB866FE7-57AF-456D-B09C-81C3118619DA} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {141c9d6a-65cf-4420-b8e4-88b4268a9e14} ->  No File
BHO: No Name -> {5fb97375-172f-4a69-89f0-bc02a68bacee} ->  No File
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Nach dem Reboot:

Schritt 2



Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs. (Der erste Teil des Logs - bis One Month Created Files and Folders - reicht aus...)

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 13:10   #35
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


wenn ich auf denn Fix button drücke steht da No fiixlist.txt found


Alt 02.05.2015, 13:15   #36
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Hast die Fixlist auch auf dem Desktop abgespeichert?
__________________
--> Irgendwas Installiert immer programme und öffnet denn Internet Explorer

Alt 02.05.2015, 14:15   #37
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:14:38 Run:1
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog 15:14:38 ====

Alt 02.05.2015, 14:16   #38
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Bitte lies nochmal die Anleitung zur Erstellung der Fixlist.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 14:19   #39
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:18:09
Running from C:\Users\Luke\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2833233637-2508301349-1291184669-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2833233637-2508301349-1291184669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2833233637-2508301349-1291184669-1003 - Limited - Enabled)
Luke (S-1-5-21-2833233637-2508301349-1291184669-1001 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{8FAAC5E4-3361-726A-9F42-F0414FD1D3BC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.5.1000 - Maxthon International Limited)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{F7AA162F-C617-4A02-8AC3-42774F81B979}) (Version: 6.1.4.0 - Husdawg, LLC)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

01-05-2015 20:00:47 Removed Aeria Ignite

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-04-25 02:16 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AB538-E1B7-4977-9FF8-8DBE8A90E6B1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {2A704CC2-462E-4532-9931-74B084990D74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74B63A07-B7A3-40D9-ADA9-CE63E179A1C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {794707B3-4E0D-41F6-BA1F-F940E3F8EDCB} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8F932E87-673D-4CE2-88F5-029E39D77643} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {97B375BE-318B-4783-B3A9-01C18B3AF650} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-04-21] (Maxthon International ltd.)
Task: {A238561D-DA95-4A84-BC5C-1CA22C559710} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {B5A08449-CFFB-4405-8147-3B1BA272191D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CEE9A210-CE7B-4EFF-A8CF-5B5A2332E578} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DA53913E-B6AA-4817-BC03-4BED60ACFAC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {DA9BF4EE-B068-4D93-B13D-2F9D8FF2FC9E} - System32\Tasks\AVAST Software\Avast Integrity Check => C:\WINDOWS\AswCheck.exe [2015-04-29] (AVAST Software s. r. o.)
Task: {F4647AF3-5B2C-4CC0-9EED-A434C537A9A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)

==================== Loaded Modules (whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-21 00:28 - 2015-04-21 00:28 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-06-27 22:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-27 21:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Luke\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Luke\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\StartupFolder: => "Download.lnk"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "iDevice Manager Launcher"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E7554797-41BE-420B-9F5C-1EBE27688857}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2D338243-2018-4788-BABE-837BD8E40F68}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{59A37F2E-AD53-4FDF-B9F1-9C048715B665}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3CBCB046-FAA3-4709-AA4B-D4E6BFB00084}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3FF686FB-07B4-4F92-BEAD-C4CCA423F721}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E73394DC-5A9B-418B-923A-76099AE77896}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{69655989-5BB2-4CA9-AC4D-22BB40F4CE79}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A8DD827D-44B7-4F01-9B10-6C8C7B2421CF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A6019CFC-B626-4EBA-98CE-122F82B963D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{000F2993-3D1D-4E9F-B5BE-C4F377CD4C39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{6B553771-7C53-4E02-86EA-CC4FC5659276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1B71D00-1D43-4E67-B6A0-2A69DB6C4849}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3295121D-F072-4A5D-92B9-31306F4D56A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B33FC17-3AD8-46E8-89F3-241795832DDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FB9D8A30-EA0A-4AE0-A143-0D9822556BFA}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{622F1F22-B0E0-4602-88FF-7E4BE5665939}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1E7D9559-63EC-4D32-BA88-C969DB527D05}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{962B1694-7C6A-48D4-8964-346C11450F03}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FF8F480F-D39F-4359-BBF4-C1A00B76E43B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{68A1B8D1-6863-4F95-9021-C40449AF7F56}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{60C2F3C5-B1EE-429A-975A-90F0093A4260}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C72CCF90-1969-46E3-8254-E873C1E820C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{4B863526-F96D-4A1C-BC11-34D96CED5B7B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{C7007839-AAB2-4721-82DB-41C334145BC6}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F1561C61-0CC3-453E-AA96-80A50073F933}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{0956945E-ECEB-454F-AA7E-3E4E416B94EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8483553C-17C6-40E6-8C14-FED5CDA1A2B5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7219418A-0269-43F4-8637-E3BF19C0C338}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4A54BFC3-D4FE-4C4C-AFC7-69A630C66FC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D23B23B3-01CE-400B-A884-9762D24CC810}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{59FED6E3-EF16-46D3-8DD8-C36DF47F912B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E54F8976-3F9C-4949-A45A-1539FF2E344C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F48263C3-F917-409F-9702-CF9C9C198F9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{0D06A8F2-5F3B-4F05-B642-959DB220A0C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{5EE6C1DA-08E6-4857-ADF3-D0A43994F7F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{FEE32B52-2861-4E12-8DE6-F5612EE38C50}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{83022108-C32A-40A8-92E9-A3F4808BC15A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8EBBC63A-315B-4834-88B2-CAEC6FFBC836}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{784E8EFF-739D-44EE-91EB-FCE0AEE7368F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDD272BD-F836-46B5-97DA-6445F9FBE302}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55F745E5-9DD0-4AC1-8670-C8A746E1204C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{256972A2-5F68-4277-BC1E-0A9C3FAC9B05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{34228308-62F7-4877-8EB9-ACEE6E3F24BE}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{ACA4E598-83A4-4F7C-A0DF-2574CDD03756}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4A3DC8F5-7AE0-415E-9D44-2758E8B2CD40}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9C10FC-2D80-4E62-8008-D520DB981432}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F9439EE-2590-47EE-892D-EA1106AA5869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EFA6776B-4BFD-4C91-AB95-547A8168AF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{70E3E026-F6FB-473B-BAD8-D0DDFDD905B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0770D0BE-C57E-4C92-86F3-C4C54587DC3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C6FCE1E-66FA-4C9B-8B43-776910F0D503}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8CBBA233-C5F1-419B-9353-9C5711233715}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7BC554F-8F33-4328-9B65-1F5E75E4427F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{FACEFBF5-B11E-4156-85D6-F7DBAA63C276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{383B2C2F-786C-499B-A717-18C52C712CB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{E4E54C7E-2E6C-4088-9F0C-658C8521734E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{546DAEFA-E7CC-44DD-B2D9-5BBB431C7D58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{82DF21ED-5735-49CC-A071-9D72E599A137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A5732DD7-EBCB-496A-A89B-51C1A5E1A2F4}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{8824542F-F357-4151-A2EF-7E986145C905}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{87C2D4A0-4619-44B1-AB75-BEC3E782F729}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{6D569F9A-2AB3-4629-A8FD-BA0FF9C7D927}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{306237A1-8C6E-44E1-974C-4E904A8ED4CB}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{19765BC9-502D-43BE-8F46-8FC6B53A86BE}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{F3E80958-FB79-45FE-9676-3FA5CC8553D0}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{012F5B9B-3A58-4797-A685-CB5D046D8039}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [TCP Query User{577A31B1-FC0D-4E81-BEB7-3ECC9F7F0093}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{B0AE0150-6D84-41BF-8675-51328C75E02D}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{EB6CD351-3EC1-4251-85C3-1FC9B26D44E7}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{97A3EED2-4418-4B92-A793-B38A40803068}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5894B1E8-8FFE-445F-B183-FDC1665C601C}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2C988805-8DA8-4342-A87A-0C3083029CD3}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3377194A-0E72-4CA6-8B4B-A638DCD001BC}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{D45510EC-5B2C-4C45-A8BE-4A23B16F4255}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{4DD39C25-CB56-4F35-BB9F-CEB53C9D378F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{91607FB7-616A-401E-B22E-CC3E2842FDAE}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{FFBA80FC-9BF7-4BAE-9829-D60CF37B2120}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6C0FC17-EB84-461A-A7A8-E8E85DAB2237}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ABE424B3-2C9D-4B8B-A053-0E4E58A723CC}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EAAF7A58-520C-48A2-9EB2-6C403AF6ADFB}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{E6704CC5-FDBD-45A8-9858-FA3C61B4A567}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{43569F6A-E34E-42FD-B924-5F64E8531891}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F6318D68-0C39-49D6-88C8-E94174EE956E}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{2F9F0EDE-F98A-48FD-9311-8EBCD66D54A3}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{BA102D17-2FF9-47CC-8098-0708CEBC3DE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3E8C8F-2743-4502-A1A0-99294CD3508D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9CD8245-4C79-483C-B399-3735C8A4A978}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{170C9D24-870A-4752-88D0-39D7F47515BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{870B228C-8B91-4066-90C7-6AFABE147E24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F97EB000-B010-4F53-9CD9-5BFA2FF8AEAA}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{77974C3F-126D-4BE9-B13E-E61B8E6CEFE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{AECA3B0D-05E3-4D86-81B1-327E1BDC5095}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{8E3C3A08-08F8-41C7-ACCA-78DAAFEB4F82}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{1F4F3D50-A2AE-492F-B2D6-B4BD662677CF}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{0A819849-291C-4D86-B2A8-4533197A3331}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{79EF5871-5713-4449-AAA6-C4D3CE263C5B}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{E3E31E13-DEEB-4634-9B54-27C81E766235}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{F67540D9-1ADD-4F24-9D06-DB41FC2ABF80}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{F341A0F9-79CA-4754-B6F2-66BDB236230C}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [UDP Query User{6570CFC7-2BF5-4430-97B1-0A6298175165}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [TCP Query User{A3C6189A-22D7-459D-B5AC-347B014566BC}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{23988B52-A1DC-4C7A-AAE6-F9A72A414644}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{6B6DC1FA-C976-4F84-A119-97D9EFF98D9B}] => (Allow) LPort=12000
FirewallRules: [{58612240-A7A8-4BC5-BF08-C018B433E4CF}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{3AB22375-CAF2-4628-B14D-BD254A903407}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F44DE5B0-95ED-41C2-A771-C4057269AEB3}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A23FBA4D-C174-49C9-A879-FE982548980F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{4B78278C-B488-4C26-88E1-8FB2129C64C0}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{5617ABCE-4A30-4B1C-9B38-DF22AEBD1872}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{182203E0-806E-4661-A4C1-B59EE10E5C26}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C46AECDE-EFCF-441A-A813-1D460B73E1C9}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5FAC95F-A382-4D6D-BA68-4A972637E584}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B197CC8A-CC1F-4121-B4E1-91A402DB5198}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{20B023C1-D6DC-4A6A-AE97-3515B9511E6C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{26C6452A-F41B-49FC-B057-3A1C51068125}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DF503139-67E5-43CA-BD72-A33D8084E6FE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [TCP Query User{0582EEDD-AC07-4A67-B04A-03CC5CDBF7F4}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{51D43F3B-405F-438A-8125-9E123F8486ED}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [TCP Query User{0604BDC8-3442-494A-AB98-6907E965EB58}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EC7FB41E-5EE3-47AB-8EDE-AE5D89B955BF}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{32923B18-C9C9-47E4-8959-A193AA718D6D}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{93E413CE-4029-481B-8A3B-6C02A45DB000}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [{88E3A456-76DF-45D5-992F-71E222F9001E}] => (Allow) LPort=49445
FirewallRules: [{30473293-12A7-480D-8372-7FE00E3CC6CC}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{72EA2587-4950-4468-B960-44D451FCEA80}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2248DE7F-CD32-4469-8388-278BF0BB2B69}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7242014B-C658-4C4B-BC01-C08991D9BC8D}] => (Allow) LPort=49832
FirewallRules: [{DBA9A556-34E3-4B63-B679-4697616A3050}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 10:02:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 10:02:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 10:01:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 07:54:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Rhyveeos WT Hack.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 454

Startzeit: 01d08429425de629

Endzeit: 4294967295

Anwendungspfad: C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exe

Berichts-ID: bcaa7fd6-f01c-11e4-8266-f8a963069189

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TribesAscend.exe, Version: 1.0.1268.1, Zeitstempel: 0x5137c5a5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x0685eebe
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0xTribesAscend.exe0
Pfad der fehlerhaften Anwendung: TribesAscend.exe1
Pfad des fehlerhaften Moduls: TribesAscend.exe2
Berichtskennung: TribesAscend.exe3
Vollständiger Name des fehlerhaften Pakets: TribesAscend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TribesAscend.exe5

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.


System errors:
=============
Error: (05/02/2015 01:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (05/02/2015 01:08:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/02/2015 01:08:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/02/2015 01:07:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/02/2015 01:07:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎05.‎2015 um 00:42:28 unerwartet heruntergefahren.

Error: (05/01/2015 09:58:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.11
registriert werden. Der Computer mit IP-Adresse 192.168.1.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/01/2015 09:58:28 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/01/2015 09:58:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (05/01/2015 09:56:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/01/2015 09:56:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3


Microsoft Office Sessions:
=========================
Error: (05/01/2015 10:02:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (05/01/2015 10:02:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\Desktop\esetsmartinstaller_deu.exe

Error: (05/01/2015 10:01:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\Desktop\esetsmartinstaller_deu.exe

Error: (05/01/2015 07:54:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\AppData\Local\Temp\esetsmartinstaller_deu.exe

Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Rhyveeos WT Hack.exe1.0.0.045401d08429425de6294294967295C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exebcaa7fd6-f01c-11e4-8266-f8a963069189

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TribesAscend.exe1.0.1268.15137c5a5unknown0.0.0.000000000c00001a50685eebe19c801d0841402a71e82C:\Program Files (x86)\Steam\steamapps\common\tribes\binaries\Win32\TribesAscend.exeunknowndafacff3-f007-11e4-8266-f8a963069189

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4


CodeIntegrity Errors:
===================================
  Date: 2015-05-02 01:10:08.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-01 21:58:00.893
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-01 02:05:02.011
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-30 20:28:27.986
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 21:22:55.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 14:23:18.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 10:12:39.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:53:51.635
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:04:21.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-26 16:04:21.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8072.27 MB
Available physical RAM: 4677.14 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 12857.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.7 GB) (Free:791.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F153F78B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 02.05.2015, 14:20   #40
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Ne, ne...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 14:25   #41
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


das habe ich gemacht und habe nochmal denn Fixbutton gedrückt und nur dies steht in der fixlog.txt

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Luke (administrator) on LUKAS on 02-05-2015 15:15:30
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Electronic Arts, Inc.) C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-29]
ShortcutTarget: Download.lnk -> C:\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\Download.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {BB866FE7-57AF-456D-B09C-81C3118619DA} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {141c9d6a-65cf-4420-b8e4-88b4268a9e14} ->  No File
BHO: No Name -> {5fb97375-172f-4a69-89f0-bc02a68bacee} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\ce36tu02.default
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-05-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-31]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-10] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-24] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-04-21] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 kygyhosy; No ImagePath
S2 mewobidy; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2015-04-21] () [File not signed]
R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
S3 xspirit; \??\C:\WINDOWS\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

Alt 02.05.2015, 14:25   #42
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Die Fixlist war aber leer.

Zitat:
Content of fixlist:
*****************

*****************
Bitte die angehängte mal auf dem Desktop abspeichern und die Schritte wiederholen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 14:27   #43
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


würde vielleicht ein neustart Helfen?? könnte es daran liegen?.

Alt 02.05.2015, 14:27   #44
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Bitte das machen was ich gepostet habe.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 14:28   #45
doublepack
Gesperrt
 
Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Standard

Irgendwas Installiert immer programme und öffnet denn Internet Explorer


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:20:28 Run:2
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog 15:20:28 ====

Antwort
Seite 3 von 5 12 3 45

Themen zu Irgendwas Installiert immer programme und öffnet denn Internet Explorer
automatisch, dringend, eingefangen, explore, explorer, gefangen, installier, installiert, inter, interne, internet, internet explorer, problem, programme, öffnet


« Internetverbindung wird kontrolliert | Seltsamer Blue-Screen... . »


Ähnliche Themen: Irgendwas Installiert immer programme und öffnet denn Internet Explorer


  1. Win 7 Der Internet Explorer öffnet sich immer
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (15)
  2. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten ...Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 12.06.2011 (17)
  3. Internet Explorer öffnet immer Werbung
    Log-Analyse und Auswertung - 26.01.2011 (16)
  4. Internet explorer öffnet immer neue Fenster
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (48)
  5. Internet Explorer öffnet immer wieder Werbung
    Antiviren-, Firewall- und andere Schutzprogramme - 27.04.2010 (7)
  6. internet explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 25.04.2010 (2)
  7. Internet Explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 10.04.2010 (6)
  8. Internet Explorer öffnet sich immer + Werbung
    Log-Analyse und Auswertung - 13.10.2009 (18)
  9. Internet Explorer öffnet immer selbe Seite
    Plagegeister aller Art und deren Bekämpfung - 13.09.2009 (5)
  10. internet Explorer öffnet sich immer automatisch
    Log-Analyse und Auswertung - 16.07.2009 (9)
  11. internet explorer öffnet sich immer
    Log-Analyse und Auswertung - 22.05.2009 (3)
  12. Internet Explorer öffnet immer Werbung
    Log-Analyse und Auswertung - 17.03.2009 (1)
  13. Internet Explorer öffnet immer weisse seite
    Log-Analyse und Auswertung - 02.12.2008 (0)
  14. Internet Explorer öffnet immer Werbefenster!
    Plagegeister aller Art und deren Bekämpfung - 30.05.2008 (17)
  15. Internet Explorer 7 öffnet sichohne grund und andere programme werden geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.10.2007 (0)
  16. Internet-Explorer öffnet immer neue Fenster
    Log-Analyse und Auswertung - 10.02.2006 (4)
  17. Internet Explorer öffnet immer wieder automatisch
    Log-Analyse und Auswertung - 08.02.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Irgendwas Installiert immer programme und öffnet denn Internet Explorer - Code: Alles auswählen Aufklappen ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01 Ran by Luke at 2015-05-01 19:21:38 Running from C:\Users\Luke\Desktop Boot Mode: Normal ========================================================== - Irgendwas Installiert immer programme und öffnet denn Internet Explorer...
Archiv
Du betrachtest: Irgendwas Installiert immer programme und öffnet denn Internet Explorer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131