Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avast meldet "schädliche Webseite blockiert " - svchost

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.06.2015, 00:26   #16
Weisswurst
 
Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Habe alles gemacht wie sie gesagt haben.
Habe versucht den Laptop auf und zuzuklappen bevor ich Chrome wieder installiere.
Selbes Problem. Auch nach Neuinstallation.
Hier der neue FRST log:


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Daniel (administrator) on SAMY on 13-06-2015 01:23:47
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\atwtusb.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Daniel\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-12-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2786032 2014-03-07] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe [1486128 2014-06-12] (Razer Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [Spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-18] (Spotify Ltd)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-18] ()
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\MountPoints2: {58c401d6-e550-11e4-8262-90489ac6f4b0} - "D:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-966064486-533638468-3639396968-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-966064486-533638468-3639396968-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-18]

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-06-13]
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-13]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-13]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-13]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-13]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-13]
CHR Extension: (rotoscope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhimnnhmaanmanmmokfpijgambokcpni [2015-06-13]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-13]
CHR Extension: (Stupeflix Video Maker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem [2015-06-13]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-13]
CHR Extension: (FabCam) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-06-13]
CHR Extension: (Pixect) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2015-06-13]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-06-13]
CHR Extension: (Google Play) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-06-13]
CHR Extension: (Evernote Web) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-13]
CHR Extension: (Webcam Toy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-06-13]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-13]
CHR Extension: (GIFPAL) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2015-06-13]
CHR Extension: (ProxPrice) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2015-06-13]
CHR Extension: (Picasa) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-06-13]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2013-11-12] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3301592 2014-02-20] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07] (Synaptics Incorporated)
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-13 01:23 - 2015-06-13 01:23 - 00026934 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-06-13 01:11 - 2015-06-13 01:11 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-13 01:11 - 2015-06-13 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-13 01:10 - 2015-06-13 01:21 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 01:10 - 2015-06-13 01:16 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-13 01:10 - 2015-06-13 01:16 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-13 01:10 - 2015-06-13 01:16 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-13 01:10 - 2015-06-13 01:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Deployment
2015-06-13 01:10 - 2015-06-13 01:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apps\2.0
2015-06-13 01:07 - 2015-06-13 01:07 - 00001280 _____ C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2015-06-13 01:07 - 2015-06-13 01:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-13 01:06 - 2015-06-13 01:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Daniel\Downloads\revosetup95.exe
2015-06-12 15:56 - 2015-06-12 15:56 - 00001868 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-06-11 21:33 - 2015-06-13 00:51 - 00001392 _____ C:\Windows\setupact.log
2015-06-11 21:33 - 2015-06-11 21:33 - 00000000 _____ C:\Windows\setuperr.log
2015-06-08 19:13 - 2015-06-08 19:13 - 00852639 _____ C:\Users\Daniel\Desktop\SecurityCheck.exe
2015-06-07 23:45 - 2015-06-07 23:45 - 02108928 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-06-07 23:16 - 2015-06-07 23:16 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SAMY-Windows-8.1-Pro-(64-bit).dat
2015-06-07 23:16 - 2015-06-07 23:16 - 00000000 ____D C:\RegBackup
2015-06-07 23:15 - 2015-06-07 23:15 - 02942406 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2015-06-05 00:01 - 2015-06-05 00:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Daniel\Desktop\tdsskiller.exe
2015-06-04 23:46 - 2015-06-04 23:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-04 23:43 - 2015-06-04 23:58 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2015-06-04 23:41 - 2015-06-04 23:42 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Daniel\Desktop\mbar-1.09.1.1004.exe
2015-06-04 18:46 - 2015-05-31 21:02 - 12007993 _____ C:\Users\Daniel\Desktop\寄生獣 セイの格率 Parasyte ED _IT'S THE RIGHT TIME_ Guitar Cover - Steve.mp4
2015-06-04 17:52 - 2015-06-13 01:23 - 00000000 ____D C:\FRST
2015-06-04 08:57 - 2015-06-04 23:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-03 22:49 - 2015-06-03 22:49 - 00000000 _____ C:\autoexec.bat
2015-06-03 16:16 - 2015-06-03 16:18 - 00010349 _____ C:\Users\Daniel\Desktop\Nisekoi Vine.odt
2015-06-03 00:11 - 2013-01-18 15:52 - 00022712 _____ C:\Users\Daniel\Desktop\Vater unser im Himmel.odt
2015-06-03 00:11 - 2012-12-10 23:27 - 00017248 _____ C:\Users\Daniel\Desktop\Wissenschaftlicher Beweis für Glauben.odt
2015-06-01 16:30 - 2015-06-01 16:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\GWX
2015-05-30 14:22 - 2013-05-05 16:32 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-05-30 01:58 - 2015-05-30 01:58 - 00001819 _____ C:\Users\Daniel\Desktop\Witcher III.lnk
2015-05-30 01:08 - 2015-06-03 23:56 - 00000000 ____D C:\Users\Daniel\Documents\The Witcher 3
2015-05-30 00:24 - 2015-05-30 00:57 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-05-29 17:02 - 2015-05-29 17:02 - 47569622 _____ C:\Users\Daniel\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English_Romaji Sub.mp4
2015-05-29 16:43 - 2015-05-29 16:43 - 02762978 _____ C:\Users\Daniel\Desktop\Kyoukai no Kanata 01.mp4
2015-05-29 00:51 - 2015-06-13 00:34 - 01342436 _____ C:\Windows\WindowsUpdate.log
2015-05-29 00:22 - 2015-05-29 00:22 - 00000000 ____D C:\Users\Daniel\AppData\Local\Steam
2015-05-28 23:52 - 2015-05-29 00:25 - 00000000 ____D C:\Users\Daniel\Desktop\Dick Production
2015-05-22 17:43 - 2015-05-22 17:43 - 139701583 _____ C:\Users\Daniel\Desktop\BIG amv till first spin.mp4
2015-05-14 01:41 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:41 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:32 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-14 01:32 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-14 01:32 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-14 01:32 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-14 01:31 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 01:31 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 01:31 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-14 01:31 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 01:31 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 01:31 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 01:31 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 01:31 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 01:31 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 01:31 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 01:31 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 01:31 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-14 01:31 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 01:31 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 01:31 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 01:31 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-14 01:31 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 01:31 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 01:31 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-14 01:31 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 01:31 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-14 01:31 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 01:31 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 01:31 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 01:31 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 01:31 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 01:31 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 01:31 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-14 01:31 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 01:31 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-14 01:31 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 01:31 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-14 01:31 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 01:31 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 01:31 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 01:31 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 01:31 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 01:31 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 01:31 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-14 01:31 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 01:31 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 01:31 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-14 01:31 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 01:31 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 01:31 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 01:31 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 01:31 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 01:31 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-14 01:31 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-14 01:31 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-14 01:31 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-14 01:31 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-14 01:31 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-14 01:31 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-14 01:31 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 01:31 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 01:31 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-14 01:31 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-14 01:31 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-14 01:31 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-14 01:31 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-14 01:31 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-14 01:31 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-14 01:31 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-14 01:31 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-14 01:31 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-14 01:31 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-14 01:31 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-14 01:31 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-14 01:31 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-14 01:31 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-14 01:31 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-14 01:31 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-14 01:31 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-13 01:14 - 2014-12-18 00:00 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-966064486-533638468-3639396968-1001
2015-06-13 01:11 - 2014-12-18 00:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google
2015-06-13 01:11 - 2014-12-18 00:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-13 01:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-12 17:20 - 2014-03-18 12:04 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 17:20 - 2014-03-18 11:25 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-06-12 17:20 - 2014-03-18 11:25 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-06-12 16:43 - 2014-12-18 02:04 - 00000000 ____D C:\Users\Daniel\Desktop\Otaku
2015-06-11 21:22 - 2014-12-28 13:42 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-06-10 19:19 - 2014-12-18 19:03 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-10 17:02 - 2015-04-06 19:37 - 00000000 ____D C:\Users\Daniel\Downloads\Nanatsu no Taizai - The Seven deadly Sins
2015-06-08 22:12 - 2014-12-28 13:47 - 00000000 ____D C:\Users\Daniel\Downloads\Utorrent
2015-06-08 19:19 - 2014-12-18 02:44 - 00000000 ___RD C:\Users\Daniel\Dropbox
2015-06-08 19:19 - 2014-12-18 02:43 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
2015-06-08 19:18 - 2014-12-18 01:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-08 19:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 19:18 - 2013-08-22 15:25 - 00000142 _____ C:\Windows\win.ini
2015-06-07 23:07 - 2014-12-18 02:07 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-06-06 20:56 - 2015-01-18 00:58 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SongBeamer
2015-06-06 20:56 - 2015-01-18 00:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\SongBeamer
2015-06-04 21:14 - 2015-02-18 23:03 - 00000000 ____D C:\Windows\Minidump
2015-06-04 09:11 - 2015-02-15 19:43 - 00000000 ____D C:\Windows\udtablet
2015-06-04 08:49 - 2014-12-18 02:01 - 00000000 ___RD C:\Users\Daniel\Desktop\Desktopmüll
2015-06-04 08:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-03 23:45 - 2014-12-18 02:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-03 23:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-03 22:49 - 2014-12-17 23:55 - 00000000 ____D C:\Users\Daniel
2015-06-02 17:28 - 2015-01-04 13:22 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-06-01 23:13 - 2014-12-18 02:01 - 00000000 ____D C:\Users\Daniel\Desktop\Bilder ^^
2015-06-01 15:18 - 2014-12-29 21:07 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-05-31 21:20 - 2015-04-03 22:06 - 00000000 ____D C:\Users\Daniel\Desktop\Make Music!
2015-05-31 14:16 - 2014-12-31 18:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-05-28 16:33 - 2015-04-04 02:16 - 00009895 _____ C:\Users\Daniel\Desktop\Amv Ideas.odt
2015-05-27 20:41 - 2015-04-27 20:16 - 00000000 ____D C:\Users\Daniel\Downloads\Ore Monogatari
2015-05-27 18:22 - 2015-05-08 16:52 - 00069306 _____ C:\Users\Daniel\Documents\pan zoom.aep
2015-05-21 22:36 - 2015-04-27 02:49 - 00014614 _____ C:\Users\Daniel\Desktop\AMV (Idol EDM Mashup).odt
2015-05-21 20:01 - 2015-05-06 23:15 - 00000880 _____ C:\Users\Daniel\Desktop\Handbrake.lnk
2015-05-20 08:45 - 2015-04-05 18:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 08:45 - 2015-04-05 18:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 08:45 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-19 22:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-18 22:50 - 2015-04-24 16:23 - 00016886 _____ C:\Users\Daniel\Desktop\AMV Sex Anime List.odt
2015-05-18 15:44 - 2013-08-22 16:44 - 04985736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-18 15:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-18 15:43 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-18 15:41 - 2014-12-18 14:58 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-05-15 15:48 - 2015-02-25 19:37 - 00000000 ____D C:\Program Files\CCleaner
2015-05-15 09:05 - 2014-12-18 02:01 - 00000000 ____D C:\Users\Daniel\Desktop\Musik
2015-05-14 01:41 - 2014-12-18 12:13 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 01:38 - 2014-12-18 12:13 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 01:38 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-04-08 11:57 - 2015-04-08 12:00 - 185214456 _____ () C:\Program Files (x86)\PowerDVD_14.0.4412.58_DVD150115-02.exe
2014-12-18 01:38 - 2014-12-18 01:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 12:43 - 2014-12-29 12:47 - 0000838 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\1871KrakenDevProps.dll
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpadcrvp.dll
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp57gxq.dll
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-07 12:33

==================== End of log ============================
         

Alt 13.06.2015, 14:01   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Hast DU Chrome auch nach Neuinstallation nochmal zurückgesetzt? Verbindest Du Chrome mit einem Google Konto?

Und die MEldung kommt nur bei Nutzung von Chrome, nicht von zB IE?

FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.
__________________

__________________

Alt 15.06.2015, 10:43   #18
Weisswurst
 
Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Ich habe Chrome dannach zurückgesetzt ja.
Ich verbinde mein Chrome zwar mit einem Google Konto, aber die Meldung trat auf bevor ich dies tat. Und die Meldung taucht auf noch bevor ich Chrome oder sonst irgendeinen Browser öffne.

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Daniel (administrator) on SAMY on 15-06-2015 11:38:46
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\atwtusb.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Daniel\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-12-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2786032 2014-03-07] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe [1486128 2014-06-12] (Razer Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [Spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-18] (Spotify Ltd)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-18] ()
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\MountPoints2: {58c401d6-e550-11e4-8262-90489ac6f4b0} - "D:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-966064486-533638468-3639396968-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-966064486-533638468-3639396968-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-18]

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-06-13]
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-13]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-13]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-13]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-13]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-13]
CHR Extension: (rotoscope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhimnnhmaanmanmmokfpijgambokcpni [2015-06-13]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-13]
CHR Extension: (Stupeflix Video Maker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem [2015-06-13]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-13]
CHR Extension: (FabCam) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-06-13]
CHR Extension: (Pixect) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2015-06-13]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-06-13]
CHR Extension: (Google Play) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-06-13]
CHR Extension: (Evernote Web) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-13]
CHR Extension: (Webcam Toy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-06-13]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-13]
CHR Extension: (GIFPAL) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2015-06-13]
CHR Extension: (ProxPrice) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2015-06-13]
CHR Extension: (Picasa) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-06-13]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2013-11-12] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3301592 2014-02-20] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07] (Synaptics Incorporated)
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 19:04 - 2015-06-15 11:38 - 00027244 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-06-14 19:03 - 2015-06-14 19:03 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
2015-06-14 01:03 - 2015-06-14 01:03 - 00000980 _____ C:\Users\Daniel\Desktop\2015.06.14.col
2015-06-14 00:12 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-14 00:12 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-14 00:12 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-13 01:11 - 2015-06-13 01:11 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-13 01:11 - 2015-06-13 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-13 01:10 - 2015-06-15 01:21 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 01:10 - 2015-06-13 01:16 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-13 01:10 - 2015-06-13 01:16 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-13 01:10 - 2015-06-13 01:16 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-13 01:10 - 2015-06-13 01:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Deployment
2015-06-13 01:10 - 2015-06-13 01:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apps\2.0
2015-06-13 01:07 - 2015-06-13 01:07 - 00001280 _____ C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2015-06-13 01:07 - 2015-06-13 01:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-12 15:56 - 2015-06-12 15:56 - 00001868 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-06-11 21:33 - 2015-06-14 22:08 - 00003248 _____ C:\Windows\setupact.log
2015-06-11 21:33 - 2015-06-11 21:33 - 00000000 _____ C:\Windows\setuperr.log
2015-06-08 19:13 - 2015-06-08 19:13 - 00852639 _____ C:\Users\Daniel\Desktop\SecurityCheck.exe
2015-06-07 23:45 - 2015-06-14 19:03 - 02109952 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-06-07 23:16 - 2015-06-07 23:16 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SAMY-Windows-8.1-Pro-(64-bit).dat
2015-06-07 23:16 - 2015-06-07 23:16 - 00000000 ____D C:\RegBackup
2015-06-07 23:15 - 2015-06-07 23:15 - 02942406 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2015-06-05 00:01 - 2015-06-05 00:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Daniel\Desktop\tdsskiller.exe
2015-06-04 23:46 - 2015-06-04 23:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-04 23:43 - 2015-06-04 23:58 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2015-06-04 23:41 - 2015-06-04 23:42 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Daniel\Desktop\mbar-1.09.1.1004.exe
2015-06-04 18:46 - 2015-05-31 21:02 - 12007993 _____ C:\Users\Daniel\Desktop\寄生獣 セイの格率 Parasyte ED _IT'S THE RIGHT TIME_ Guitar Cover - Steve.mp4
2015-06-04 17:52 - 2015-06-15 11:38 - 00000000 ____D C:\FRST
2015-06-04 08:57 - 2015-06-04 23:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-03 22:49 - 2015-06-03 22:49 - 00000000 _____ C:\autoexec.bat
2015-06-03 16:16 - 2015-06-03 16:18 - 00010349 _____ C:\Users\Daniel\Desktop\Nisekoi Vine.odt
2015-06-03 00:11 - 2013-01-18 15:52 - 00022712 _____ C:\Users\Daniel\Desktop\Vater unser im Himmel.odt
2015-06-03 00:11 - 2012-12-10 23:27 - 00017248 _____ C:\Users\Daniel\Desktop\Wissenschaftlicher Beweis für Glauben.odt
2015-06-01 16:30 - 2015-06-01 16:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\GWX
2015-05-30 14:22 - 2013-05-05 16:32 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-05-30 01:58 - 2015-05-30 01:58 - 00001819 _____ C:\Users\Daniel\Desktop\Witcher III.lnk
2015-05-30 01:08 - 2015-06-03 23:56 - 00000000 ____D C:\Users\Daniel\Documents\The Witcher 3
2015-05-30 00:24 - 2015-05-30 00:57 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-05-29 17:02 - 2015-05-29 17:02 - 47569622 _____ C:\Users\Daniel\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English_Romaji Sub.mp4
2015-05-29 16:43 - 2015-05-29 16:43 - 02762978 _____ C:\Users\Daniel\Desktop\Kyoukai no Kanata 01.mp4
2015-05-29 00:51 - 2015-06-15 11:29 - 01210246 _____ C:\Windows\WindowsUpdate.log
2015-05-29 00:22 - 2015-05-29 00:22 - 00000000 ____D C:\Users\Daniel\AppData\Local\Steam
2015-05-28 23:52 - 2015-05-29 00:25 - 00000000 ____D C:\Users\Daniel\Desktop\Dick Production
2015-05-22 17:43 - 2015-05-22 17:43 - 139701583 _____ C:\Users\Daniel\Desktop\BIG amv till first spin.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-14 12:27 - 2014-12-18 12:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-14 12:27 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-14 12:25 - 2014-12-18 12:13 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-14 01:03 - 2015-01-18 00:58 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SongBeamer
2015-06-14 01:03 - 2015-01-18 00:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\SongBeamer
2015-06-13 19:41 - 2014-03-18 12:04 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-13 19:41 - 2014-03-18 11:25 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-06-13 19:41 - 2014-03-18 11:25 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-06-13 01:14 - 2014-12-18 00:00 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-966064486-533638468-3639396968-1001
2015-06-13 01:11 - 2014-12-18 00:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google
2015-06-13 01:11 - 2014-12-18 00:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 16:43 - 2014-12-18 02:04 - 00000000 ____D C:\Users\Daniel\Desktop\Otaku
2015-06-11 21:22 - 2014-12-28 13:42 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-06-10 19:19 - 2014-12-18 19:03 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-10 17:02 - 2015-04-06 19:37 - 00000000 ____D C:\Users\Daniel\Downloads\Nanatsu no Taizai - The Seven deadly Sins
2015-06-08 22:12 - 2014-12-28 13:47 - 00000000 ____D C:\Users\Daniel\Downloads\Utorrent
2015-06-08 19:19 - 2014-12-18 02:44 - 00000000 ___RD C:\Users\Daniel\Dropbox
2015-06-08 19:19 - 2014-12-18 02:43 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
2015-06-08 19:18 - 2014-12-18 01:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-08 19:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 19:18 - 2013-08-22 15:25 - 00000142 _____ C:\Windows\win.ini
2015-06-07 23:07 - 2014-12-18 02:07 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-06-04 21:14 - 2015-02-18 23:03 - 00000000 ____D C:\Windows\Minidump
2015-06-04 09:11 - 2015-02-15 19:43 - 00000000 ____D C:\Windows\udtablet
2015-06-04 08:49 - 2014-12-18 02:01 - 00000000 ___RD C:\Users\Daniel\Desktop\Desktopmüll
2015-06-04 08:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-03 23:45 - 2014-12-18 02:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-03 23:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-03 22:49 - 2014-12-17 23:55 - 00000000 ____D C:\Users\Daniel
2015-06-03 18:18 - 2014-12-18 12:57 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-12-18 12:57 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 17:28 - 2015-01-04 13:22 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-06-01 23:13 - 2014-12-18 02:01 - 00000000 ____D C:\Users\Daniel\Desktop\Bilder ^^
2015-06-01 15:18 - 2014-12-29 21:07 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-05-31 21:20 - 2015-04-03 22:06 - 00000000 ____D C:\Users\Daniel\Desktop\Make Music!
2015-05-31 14:16 - 2014-12-31 18:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-05-28 16:33 - 2015-04-04 02:16 - 00009895 _____ C:\Users\Daniel\Desktop\Amv Ideas.odt
2015-05-27 20:41 - 2015-04-27 20:16 - 00000000 ____D C:\Users\Daniel\Downloads\Ore Monogatari
2015-05-27 18:22 - 2015-05-08 16:52 - 00069306 _____ C:\Users\Daniel\Documents\pan zoom.aep
2015-05-21 22:36 - 2015-04-27 02:49 - 00014614 _____ C:\Users\Daniel\Desktop\AMV (Idol EDM Mashup).odt
2015-05-21 20:01 - 2015-05-06 23:15 - 00000880 _____ C:\Users\Daniel\Desktop\Handbrake.lnk
2015-05-20 08:45 - 2015-04-05 18:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 08:45 - 2015-04-05 18:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 22:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-18 22:50 - 2015-04-24 16:23 - 00016886 _____ C:\Users\Daniel\Desktop\AMV Sex Anime List.odt
2015-05-18 15:44 - 2013-08-22 16:44 - 04985736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-18 15:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-18 15:43 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-18 15:41 - 2014-12-18 14:58 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2015-04-08 11:57 - 2015-04-08 12:00 - 185214456 _____ () C:\Program Files (x86)\PowerDVD_14.0.4412.58_DVD150115-02.exe
2014-12-18 01:38 - 2014-12-18 01:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 12:43 - 2014-12-29 12:47 - 0000838 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\1871KrakenDevProps.dll
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpadcrvp.dll
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp57gxq.dll
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-07 12:33

==================== End of log ============================
         
--- --- ---


Addtion

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Daniel at 2015-06-15 11:39:04
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-966064486-533638468-3639396968-500 - Administrator - Disabled)
Daniel (S-1-5-21-966064486-533638468-3639396968-1001 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-966064486-533638468-3639396968-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.1.1625 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
MK LOL (HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\MK LOL) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
osu! (HKLM-x32\...\{72000c6f-c98b-43c3-88a5-204633e9a838}) (Version: latest - ppy Pty Ltd)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24735 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0237 - REALTEK Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version:  - Roccat GmbH)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.5.0 - Lenovo Group Limited)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SongBeamer 4.31 (HKLM-x32\...\SongBeamer_Setup_is1) (Version:  - SongBeamer)
Spotify (HKU\S-1-5-21-966064486-533638468-3639396968-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.81 - Synaptics Incorporated)
The Witcher 3 Wild Hunt (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0047}) (Version: 6.0 - Black Box)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trust tablet driver (HKLM\...\RmTablet) (Version: 5.05 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warframe (HKLM-x32\...\{66E39DE0-F9A1-497B-9E69-D010E5F0EB08}) (Version: 1.0.0 - Digital Extremes)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-966064486-533638468-3639396968-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

27-05-2015 16:32:27 Geplanter Prüfpunkt
05-06-2015 09:05:07 Geplanter Prüfpunkt
12-06-2015 22:39:09 Geplanter Prüfpunkt
14-06-2015 12:24:36 Windows Modules Installer
14-06-2015 12:24:46 Windows Modules Installer

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05F38BE6-2B5A-4CA0-94F3-F7629B8BE98B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {078E0FFF-4C47-4367-9E05-EEC2BFF37644} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {0D504512-C6B4-44D9-938E-D32B026A048F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {0E728E7D-4A4A-477D-98CA-5E92F27D5BD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {14C33F99-7ACC-4C65-9C6C-1A052AE5E530} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {2BE6FB28-5426-46CD-BE4D-AFD060E53E77} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-07-09] ()
Task: {3E050B15-1D1C-497D-AE1A-244C12176563} - System32\Tasks\Chromium => C:\Users\Daniel\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE
Task: {535890E3-9AE7-40FE-B9FD-07A7A63C65A9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {594C1619-EFFA-48AE-B9CE-A3A4277F2592} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-18] ()
Task: {66B90169-8AA7-4A7E-881D-0E4BEED0AFD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {70800765-DE70-4DFA-8510-01402A5E1BE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {7DD3F058-7331-4B89-8F73-61A37CBED3F5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {83E4098B-CDC6-43BD-89E3-E0B720A45BA2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {A0C04A27-D165-459B-B338-10083E5C7BDA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-14] (Microsoft Corporation)
Task: {A803AEF0-60A6-4990-AB1E-B2C260B3E7ED} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {AE10DFA0-568C-45C1-B087-C8A8228599B5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B084C938-4EB8-4986-A89A-4A7F5F9DBE87} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C55C620A-FB1C-47BF-A826-D244E1FD0A60} - System32\Tasks\{B87E6E66-959F-41B0-A7C1-A41E365A9BE4} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {D8FD4C38-FD25-4836-9F55-8937BD263FA8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {E809E5A0-7963-48F2-980C-8C82010B9B97} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {EC1C3721-4C4C-4784-8A52-78A50D56C07D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: C:\Windows\Tasks\Chromium.job => C:\Users\Daniel\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-18 01:34 - 2014-11-12 23:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-15 19:43 - 2013-11-12 15:47 - 00582144 _____ () C:\Windows\system32\atwtusb.exe
2014-10-03 18:36 - 2014-10-03 18:36 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2014-03-26 13:50 - 2014-12-18 01:30 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2015-02-15 19:43 - 2012-09-10 14:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-14 07:49 - 2015-03-14 07:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-12-18 01:38 - 2013-10-01 18:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-04-22 17:54 - 2015-04-22 17:54 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 17:54 - 2015-04-22 17:54 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-08 14:55 - 2015-06-08 14:55 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060800\algo.dll
2015-06-15 10:58 - 2015-06-15 10:58 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061500\algo.dll
2014-12-18 12:57 - 2015-06-08 19:19 - 00619312 _____ () C:\Users\Daniel\AppData\Local\Temp\1871KrakenDevProps.dll
2015-06-08 19:19 - 2015-06-08 19:19 - 00043008 _____ () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp57gxq.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-22 17:54 - 2015-04-22 17:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-25 18:01 - 2012-10-01 19:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2015-04-08 14:49 - 2014-03-17 08:38 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-04-08 14:49 - 2013-12-10 09:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-04-08 14:49 - 2013-12-10 09:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-04-08 14:49 - 2013-12-10 09:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-04-08 14:49 - 2013-12-10 09:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2015-04-08 14:49 - 2014-03-17 08:38 - 00043784 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DHProcedure\DHProcedure.dll
2014-12-18 12:58 - 2014-11-26 04:12 - 40622592 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-12-18 12:58 - 2014-11-26 04:12 - 00911360 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2014-12-18 12:58 - 2014-11-26 04:12 - 00134144 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-06-13 01:11 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-13 01:11 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-13 01:11 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Daniel\Desktop\Vater unser im Himmel.odt:com.dropbox.attributes
AlternateDataStreams: C:\Users\Daniel\Desktop\Wissenschaftlicher Beweis für Glauben.odt:com.dropbox.attributes
AlternateDataStreams: C:\Users\Daniel\AppData\Local\nKOwNozGlZlsq:XZ5FvqNyzGhSvG63vQQlEAL
AlternateDataStreams: C:\Users\Daniel\AppData\Local\Temporary Internet Files:QB7w0PV6zwEIScit2qcf2MW

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-966064486-533638468-3639396968-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{548014D0-CBF8-46D4-B38B-2930C69A13EF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6C33DFBC-9342-492A-AC8E-1FF6A447C895}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{48625FDA-3F56-4AF9-A873-370A104E89BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72390EDB-865C-4B30-BD56-BC353DD541DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8F550F79-580A-4167-B5A6-37F5F538B4ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{66A59CFB-6694-4686-8E94-641A5D846766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DBC56051-5CDD-4096-AA70-3E689C6D6BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F143A844-74B3-4746-B0D8-55939FF0DAC0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6C2F5E90-0CDE-447F-ABD3-8BCF6E276883}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{AF082EAA-7105-4B42-8DF0-61C151BFA606}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D6C44860-E8DA-42D4-8F7B-557E8F8F856A}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3E2966E8-8839-4065-A30A-2E8385CD43B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CB3D311A-1338-43D4-96C4-464F2FE72D9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09202FC3-A43B-425E-A8C1-51F016CE0579}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9A1899C1-B27F-4C30-BEB5-98A050235916}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5824EFC0-5D8F-4C2F-A796-4A6BA5673938}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{D0D4DAC1-A101-4237-ABA3-D5E729DE90A8}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0C924296-1901-4321-B3AF-A5B2889A34A1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{132D07D2-5C60-4261-9C62-00BB2B2D117E}] => (Allow) LPort=2869
FirewallRules: [{96E0DF69-BD39-4068-A65C-59DE077D38CF}] => (Allow) LPort=1900
FirewallRules: [{0B57F2EE-C341-49E8-AE1B-3B183641CD96}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3178EA60-0A75-41E8-BDD5-1DE82AD3AB58}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6125F65-1988-4B46-8E39-94CD9338299D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6729034B-E16E-4FB2-B447-0F80D2DE222B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{637BD293-4DE6-431A-A25E-7D68D9B0B794}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B515A34D-C916-43CA-B378-DE961C4C37B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0CF68EE3-7FD2-4EA9-9795-AF2BC5E4628B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{31940751-8CEA-4F70-96CB-62633F2FEFC1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F3459CC2-4153-4020-B147-347C94D6837C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{745F2CBE-1049-43B9-87C9-9FB5798240C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{666CD25D-11E2-46D4-A19D-13FCB48F3430}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9003D925-8D28-4D7C-A40B-87E97950F221}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{6027856C-D8CC-4A50-B759-CD77A1090FEA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{CF00D7EB-73B1-4EE1-8DC5-0F3683B70C5D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D99AFAB2-664B-44FE-8A79-D46FB576BE86}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{126CD1A7-E7AC-41D9-9C10-0D02F63CC5DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{88BA3E3B-2957-4447-80AD-14A16EC16D16}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53F04EB6-540C-4C28-AE89-2EBA71FFC339}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8175D7F-D9A6-4CBB-B674-35DBE5FEE0CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{ADF53AF6-2B4F-4DAA-8554-56BBE8940A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{5E74E42E-12A7-47FC-86AD-D7632B7FDF5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{2517D99E-3E88-4A00-AF11-153D6DCF1AF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{CC8EE6EE-E176-46EF-8302-B9260A03B1BF}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{3A35F2CC-721D-4B52-AFDD-D1B05A0B5B7F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{13D43672-7F12-4776-9959-C200C9AE940A}] => (Allow) LPort=1689
FirewallRules: [{812A8135-6F0F-47EE-809C-8FA6E093CF8E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{32F0DDAB-3210-4409-8D93-46F515CA749A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{D041400F-8E53-4B79-A8AD-9047B3971CFB}] => (Allow) LPort=1688
FirewallRules: [{7A92649A-E61F-4B10-BEBB-9A219E3C5D04}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{6B4B5268-8053-499A-AFD7-FF6805211403}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{86408E50-184A-4734-84E0-4BF9BD37A355}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A07B5E81-A7A8-4DBB-A642-BFA38ED096A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{93BF8A03-7E1E-4ECD-8976-71E9B3998905}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{609E21CA-5809-4EB9-AB8E-B444CE5565B1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{31A73B5A-82D2-4FE1-B6C9-DBB34614FFBA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{97B853FF-45C5-4B49-971B-9FD282DB80F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{CC9A8FC3-032A-44F9-AC30-F47E262E5B09}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E4D89A10-741D-4186-804D-8578EB5BB08C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B6DE7CED-329F-4E0D-9264-530F3B456A77}] => (Allow) C:\Users\Daniel\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{9256512B-E181-44AD-832C-3DE0E2990EDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0B3B8BE1-91CD-40A7-BA93-AF344F4D3818}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{163AA716-D429-4545-B0F4-BFDEC6BA24CF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2344

Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2344

Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2015 09:57:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/15/2015 10:56:53 AM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/15/2015 10:56:23 AM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/14/2015 01:33:49 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/14/2015 01:33:19 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/14/2015 00:58:58 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/14/2015 00:58:28 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/14/2015 00:35:41 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/14/2015 00:35:11 PM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/13/2015 09:14:30 AM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/13/2015 09:14:00 AM) (Source: DCOM) (EventID: 10010) (User: Samy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office:
=========================
Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2344

Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2344

Error: (06/15/2015 09:57:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (06/15/2015 09:57:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2015 09:57:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406

Error: (06/15/2015 02:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2015-04-06 11:44:44.363
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-06 11:44:41.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-06 11:43:50.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-22 14:43:04.596
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-22 14:43:03.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-22 14:37:20.232
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-22 14:37:19.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-21 16:57:39.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-21 16:57:39.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-11 16:09:00.186
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16300.36 MB
Available physical RAM: 11211.43 MB
Total Pagefile: 32684.36 MB
Available Pagefile: 26077.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.13 GB) (Free:22.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---
__________________

Alt 16.06.2015, 05:55   #19
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Downloade dir bitte Rogue Killer von hier.
  • Speichere das Tool auf deinem Desktop !
  • Schließe alle laufenden Programme.
  • Starte die RogueKiller.exe
  • Warte bis Prescan abgeschlossen erscheint und klicke dann auf Scannen.
  • Wenn der Scan beendet wurde, klicke auf Bericht und poste diesen hier.
  • Du findest die Logdatei RKreport[1].txt auch auf deinem Desktop.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.06.2015, 09:16   #20
Weisswurst
 
Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Code:
ATTFilter
RogueKiller V10.8.3.0 (x64) [Jun 15 2015] by Adlice Software
Mail : hxxp://www.adlice.com/contact/
Feedback : hxxp://forum.adlice.com
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 8.1 (6.3.9200 ) 64 bits version
gestarted in : normaler Modus
User : Daniel [Administrator]
Started from : C:\Users\Daniel\Desktop\RogueKillerX64.exe
Modus : Scannen -- Datum : 06/16/2015  10:05:49

¤¤¤ Prozesse : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Aufgaben : 0 ¤¤¤

¤¤¤ Dateien : 0 ¤¤¤

¤¤¤ Host Dateien : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: geladen) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ MBR Überprüfung : ¤¤¤
+++++ PhysicalDrive0: LITEONIT LCS-256M6S +++++
--- User ---
[MBR] f778df182e57c31059dbc3026221e762
[BSP] dbcf146c463bbc7c9a28454074d03841 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 243846 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Photosmart C4700 USB Device +++++
Error reading User MBR! ([15] Das Gerät ist nicht bereit. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Die Anforderung wird nicht unterstützt. )
         


Alt 17.06.2015, 05:26   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Bitte mal einen Screenshot von der Meldung, wenn sie wieder kommt.
__________________
--> Avast meldet "schädliche Webseite blockiert " - svchost

Alt 18.06.2015, 18:47   #22
Weisswurst
 
Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Name:  Screenshot 2015-06-17 22.16.38.png
Hits: 304
Größe:  68,4 KB

Name:  Screenshot 2015-06-17 22.16.52.png
Hits: 246
Größe:  48,1 KB

Alt 19.06.2015, 15:56   #23
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet "schädliche Webseite blockiert " - svchost - Standard

Avast meldet "schädliche Webseite blockiert " - svchost



Setz mal bitte den Router auf Werkseinstellungen zurück. Dann bitte schauen ob es nochmal kommt. Wenn ja:

http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Avast meldet "schädliche Webseite blockiert " - svchost
adware, anime, antivirus, avast, blockiert, bonjour, browser, converter, cpu, defender, desktop, device driver, downloader, explorer, feedback, home, hotspot, internet, mozilla, neustart, realtek, registry, rundll, scan, security, software, super, svchost, system, url mal, viren ?, windows




Ähnliche Themen: Avast meldet "schädliche Webseite blockiert " - svchost


  1. Avast meldet "Bedrohung blockiert"
    Plagegeister aller Art und deren Bekämpfung - 07.10.2015 (7)
  2. Ständiger Hinweis "Avast! Web-Schutz hat eine schädliche Website oder Datei blockiert"
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (7)
  3. Avast meldet blockierte Infektionen in Prozess svchost.exe vom Typ "URL:Mal"
    Log-Analyse und Auswertung - 13.07.2015 (17)
  4. Avast meldet "Eine Bedrohung wurde gefunden" - svchost.exe beteiligt
    Plagegeister aller Art und deren Bekämpfung - 18.06.2015 (33)
  5. Avast meldet "schädliche Webseite blockiert " - svchost
    Plagegeister aller Art und deren Bekämpfung - 13.06.2015 (18)
  6. Trojaner "c:\windows\system32\svchost.exe "Avast - Infektion geblockt"
    Log-Analyse und Auswertung - 07.06.2015 (16)
  7. Avast meldet ständig bösartige Website blockiert (URL:Mal) - Prozess "svchost.exe"
    Plagegeister aller Art und deren Bekämpfung - 07.04.2015 (9)
  8. Ständiger Hinweis "Avast! Web-Schutz hat eine schädliche Website oder Datei blockiert"
    Plagegeister aller Art und deren Bekämpfung - 30.08.2014 (7)
  9. Windows 8.1: Avast meldet im Uninetz ständig "schädliche Website blockiert.."
    Log-Analyse und Auswertung - 11.06.2014 (17)
  10. Windows 8: Avast blockiert beim Aufrufen von Internetseiten in Firefox ständig scheinbar schädliche Webseite
    Log-Analyse und Auswertung - 13.05.2014 (11)
  11. Windows 7: Avast meldet bei JEDER Website "schädliche Website blockiert"!
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (20)
  12. Winows 7: Avast meldet ständig "Bösartige Website blockiert"
    Log-Analyse und Auswertung - 21.10.2013 (25)
  13. Win 8 (64bit): Avast meldet "FileRepMalware" & "Win32:evo-gen [Susp]"
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (20)
  14. Avast meldet permanent "Bösartige Website blockiert"
    Log-Analyse und Auswertung - 30.06.2013 (5)
  15. Avast meldet bösartige Website blockiert (URL:Mal) - Prozess: "svchost.exe
    Log-Analyse und Auswertung - 14.11.2012 (5)
  16. Avast meldet "Bösartige Webseite blockiert"
    Log-Analyse und Auswertung - 05.10.2012 (7)

Zum Thema Avast meldet "schädliche Webseite blockiert " - svchost - Habe alles gemacht wie sie gesagt haben. Habe versucht den Laptop auf und zuzuklappen bevor ich Chrome wieder installiere. Selbes Problem. Auch nach Neuinstallation. Hier der neue FRST log: Code: - Avast meldet "schädliche Webseite blockiert " - svchost...
Archiv
Du betrachtest: Avast meldet "schädliche Webseite blockiert " - svchost auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.