Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firefox plötzlich schwarz

Firefox plötzlich schwarz


Plagegeister aller Art und deren Bekämpfung: Firefox plötzlich schwarz

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.06.2015, 10:06   #1
Betti05
 
Firefox plötzlich schwarz - Standard

Firefox plötzlich schwarz


Hallo liebe Helfer, seit 3 Tagen habe ich plötzlich das Problem, dass Firefox plötzlich schwarz wird und ich nicht mehr klicken kann, auch stehen dann so komische Buchstaben durcheinander wenn das Popup zum schließen des Browsers aufgeht. Wenn ich die Internetverbindung trenne, ist allkes wieder ok.
Habe ich mir ein Rootkit oder was auch immer eingefangen?
Scan mit Eset Antivirus und Mcafee sowie Avira ergab nichts.

Alt 26.06.2015, 10:07   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox plötzlich schwarz - Standard

Firefox plötzlich schwarz


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 04.07.2015, 19:21   #3
Betti05
 
Firefox plötzlich schwarz - Standard

Firefox plötzlich schwarz


Hallo Schrauber, es gab keine Funde und das Problem tauchte auch nicht mehr auf .
FRST log:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by sephiroth at 2015-07-04 20:15:01
Running from C:\Users\sephiroth\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3549694130-846552002-615965096-500 - Administrator - Disabled)
bebi-admin (S-1-5-21-3549694130-846552002-615965096-1002 - Administrator - Enabled) => C:\Users\bebi-admin
Gast (S-1-5-21-3549694130-846552002-615965096-501 - Limited - Disabled)
sephiroth (S-1-5-21-3549694130-846552002-615965096-1003 - Administrator - Enabled) => C:\Users\sephiroth
UpdatusUser (S-1-5-21-3549694130-846552002-615965096-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version:  - Electronic Arts)
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version:  - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{DA4D8108-E2CC-49D2-AF4B-43C39FFE6072}) (Version: 2.5.2.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GOLDPATT V1.30 (HKLM-x32\...\{E0E4D444-6898-42D0-9A9C-F2B3790B2820}) (Version: 1.30.0000 - Jörg Schwanz Projekt golden-pattern)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3089 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Leawo Blu-ray Player version  1.8.8.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.8.8.0 - leawo Software)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.1076 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.316 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SimPE 0.68 (alpha) (HKLM-x32\...\SimPE_is1) (Version:  - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-06-2015 15:04:57 Removed Bonjour
25-06-2015 16:01:04 Windows Update
29-06-2015 12:50:45 Windows Update
03-07-2015 18:45:24 McAfee  Vulnerability Scanner

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2015-05-19 16:21 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0242D6EA-EA92-4C22-97E4-709AE43C60D4} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {1732388F-C119-4034-A98B-35BB927B43F2} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {2DAE5F33-0139-481D-9B34-FCDA253FD75B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3E4F9312-9C7F-43E7-B11F-B8BE878AC8B6} - System32\Tasks\EPSON XP-610 Series Update {A54D32B5-2772-4970-831E-FECBD81EF020} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {479C5B7A-E657-472E-90B2-D7817E8A7ADE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {75C9A623-69EA-4A39-B105-67D37DB96281} - System32\Tasks\AdobeAAMUpdater-1.0-bebispc-sephiroth => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {BD887E96-55F4-4F2D-AA3E-CBAF92492AB5} - System32\Tasks\EPSON XP-610 Series Invitation {A54D32B5-2772-4970-831E-FECBD81EF020} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {BE9137BD-F160-4683-A479-20516A91A838} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {D16B063E-6B69-4369-BC40-2FD5AA69CA6A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {E576FDAE-886B-43DB-A9B9-403F02B97955} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {FC5E2EAA-149A-445B-AFEE-F582A75F1A73} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {A54D32B5-2772-4970-831E-FECBD81EF020}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {A54D32B5-2772-4970-831E-FECBD81EF020}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{A54D32B5-2772-4970-831E-FECBD81EF020} /F:UpdateWORKGROUP\BEBISPC$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-29 10:53 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-29 11:08 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-11-29 10:50 - 2013-01-23 09:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-29 11:08 - 2013-02-20 23:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\bebi-admin\Downloads\Firefox Setup Stub 35.0.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\vlc-2.1.5-win32.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson377464eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379560eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379671eu.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3549694130-846552002-615965096-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\sephiroth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Agent"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "CAHeadless"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "pdiface"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7CCA9B0D-53A9-4466-A45C-AEAC97EBFBCA}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{C448AD7A-4408-457A-8032-7206CE94AE3C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7DA8A1D5-94A4-4BF0-9A11-07CFB414DB9A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A1BB9B59-879B-4EEE-98CE-F9F8216228A2}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{0C734922-2F5C-415D-9E1F-3E3423CA2EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{04F29660-4613-456B-B3F0-5A4732C186F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9636C431-1CBE-4427-B9F1-6D80040BD530}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{83B56B15-DE7E-4E80-A7EE-789D9DCDEBF8}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9422DAB6-0692-4D5D-9FCE-28C155A68F74}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C494BE99-384C-41AD-8E80-81C016762D7C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{23D241DF-C9BA-49A6-84F6-47A6472D8C16}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{B617AB0A-1E03-4AB7-8131-4470C803EA05}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{84473C5C-02EC-4FD0-8F94-B44334348049}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{346123E9-3BE3-4599-B6E6-BA51E29DD636}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{6C778DC2-86E2-4080-98F1-E5B54C1A6DAA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{446EFD01-5A4E-4C02-B58E-307FD6C64DE3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{98A2DACE-B05D-476D-8C4A-51A3A26FFC0E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{51A4ACB9-E4ED-40A6-8A6F-D37793388BA8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{8D119F86-3EFC-4CAB-B82F-ACEE343C5A6D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{AAB31E5E-34B4-4F25-B233-A09E5EFAB7B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{358D0982-D9C4-485A-8329-CFB71D2BE8A0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{3396864B-F3EE-4873-AF6D-74E0205F83DD}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{4BF83CE8-F2C2-4007-B640-0AF7CBFD8DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{15BEEE06-917E-4CF0-86A6-BEDA2B849AE2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{FDFBBDBA-767A-47DC-B5D1-B8D90375775B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{F3EE67CC-B707-4BA0-ADA7-6D7FADEC8B47}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{C0249DE3-C92F-41F9-97CF-FF8CCAD0DC8D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{8E64A390-A375-4BEF-A754-7AC4AF0A66CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37FD520F-7294-41B4-9DD7-513974E4FB83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7037AD4-788D-49E6-BD71-DD9C31AFB83A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{2E1DF438-85C7-491F-B611-61148A55519B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0D0DB660-62A7-463C-8704-0CDA07A1A861}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{BF8D60BD-8256-4F5F-A4F7-FE8AD6C2F6FD}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{9D80A892-7F5E-415E-B07A-FF30872B4F2E}] => (Allow) C:\Users\sephiroth\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{52897E34-CE42-4200-91F6-33FBFA127927}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6676BCDB-2CD1-42BC-98D2-8E9234B59CA4}] => (Allow) LPort=2869
FirewallRules: [{4B603595-171E-4F2F-BEED-C90A17F030D2}] => (Allow) LPort=1900
FirewallRules: [{0A36AF9A-583E-41CD-B929-5CC31FB9993E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B5AD9E24-BF1C-4C23-80AE-C37522C640DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{14ABBDF8-CD53-4591-A7F3-5F55808A1D1B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7EF5ABC2-8224-4284-A972-4CD7E81F1DA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2015 08:12:26 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/04/2015 08:11:58 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/04/2015 09:05:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/03/2015 04:08:05 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/02/2015 11:13:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2015 03:57:02 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (06/29/2015 02:13:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.

Error: (06/29/2015 02:00:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.3.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14cc

Startzeit: 01d0b261edbaac8b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: 78b3287f-1e56-11e5-be90-0c54a52bf2d6

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/29/2015 00:50:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/27/2015 10:14:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (07/03/2015 05:44:40 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{4C027189-88FD-454F-9CFF-83B06802C1E5} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (06/25/2015 07:21:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/25/2015 07:21:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (06/25/2015 07:21:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/25/2015 07:21:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (06/25/2015 07:21:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/25/2015 07:21:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (06/20/2015 11:57:01 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (06/20/2015 11:57:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/20/2015 11:57:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.


Microsoft Office:
=========================
Error: (07/04/2015 08:12:26 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/04/2015 08:11:58 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/04/2015 09:05:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/03/2015 04:08:05 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (07/02/2015 11:13:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2015 03:57:02 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (06/29/2015 02:13:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestc:\users\sephiroth\downloads\programme\esetsmartinstaller_deu.exe

Error: (06/29/2015 02:00:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.3.0.10114cc01d0b261edbaac8b4294967295C:\Program Files (x86)\Skype\Phone\Skype.exe78b3287f-1e56-11e5-be90-0c54a52bf2d6

Error: (06/29/2015 00:50:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/27/2015 10:14:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


CodeIntegrity Errors:
===================================
  Date: 2015-05-19 16:20:46.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 19%
Total physical RAM: 16264.27 MB
Available physical RAM: 13102.17 MB
Total Virtual: 18568.27 MB
Available Virtual: 15097.57 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.22 GB) (Free:104.55 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:756.37 GB) NTFS
Drive f: () (Removable) (Total:14.73 GB) (Free:12.92 GB) FAT32
Drive g: (SHIFT7) (Removable) (Total:5 GB) (Free:4.81 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 69C3CD7C)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69C3CD56)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 14.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by sephiroth (administrator) on BEBISPC on 04-07-2015 20:14:19
Running from C:\Users\sephiroth\Downloads
Loaded Profiles: UpdatusUser & sephiroth (Available Profiles: UpdatusUser & bebi-admin & sephiroth)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [Amazon Music] => C:\Users\sephiroth\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-05-07] ()
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [pdiface] => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [283608 2013-10-30] (Bitdefender)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-03-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-02-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3549694130-846552002-615965096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3549694130-846552002-615965096-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> DefaultScope {EE3CD9A1-0CAF-4D73-B138-15FA14C31E69} URL = https://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20150415&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> {EE3CD9A1-0CAF-4D73-B138-15FA14C31E69} URL = https://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20150415&p={searchTerms}
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{4C027189-88FD-454F-9CFF-83B06802C1E5}: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=C111DE0D20150415&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\searchplugins\youtube-videosuche.xml [2015-05-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-29]
FF Extension: WOT - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-28]
FF Extension: boost project boost-Bar - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\Extensions\jid1-43E5o59FVrjLig@jetpack.xpi [2015-04-12]
FF Extension: NoScript - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-06]
FF Extension: Adblock Plus - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-17]
FF Extension: BetterPrivacy - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\44lmlutz.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-01-17]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-04-15]
FF HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-08]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-06-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [334608 2013-04-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-12] (Electronic Arts)
R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc.)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-05-08] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-04 20:14 - 2015-07-04 20:14 - 00022304 _____ C:\Users\sephiroth\Downloads\FRST.txt
2015-07-04 20:10 - 2015-07-04 20:10 - 02112512 _____ (Farbar) C:\Users\sephiroth\Downloads\FRST64.exe
2015-07-03 14:47 - 2015-07-03 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 15:45 - 2015-07-02 15:55 - 1003845736 _____ (Adobe Systems Incorporated) C:\Users\sephiroth\Downloads\Lightroom_5_LS11_win_5_7_1.exe
2015-07-01 13:22 - 2015-07-01 13:22 - 00006472 _____ C:\Users\sephiroth\Desktop\lyricsbb.txt
2015-07-01 13:19 - 2015-07-01 13:19 - 00000187 _____ C:\Users\sephiroth\Desktop\ärzte0ma.txt
2015-06-29 20:03 - 2015-06-29 20:03 - 00002441 _____ C:\Users\sephiroth\Desktop\homemade softener.txt
2015-06-29 13:51 - 2015-06-29 13:51 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-29 13:51 - 2015-06-29 13:51 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-29 12:53 - 2015-06-29 12:53 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\Skype
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Skype
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ____D C:\ProgramData\Skype
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-29 12:53 - 2015-06-29 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-29 12:52 - 2015-06-29 12:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-29 12:52 - 2015-06-29 12:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-29 12:52 - 2013-08-30 00:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-29 12:52 - 2013-08-30 00:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-29 12:52 - 2013-08-29 22:28 - 03349466 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-29 12:48 - 2015-04-30 22:20 - 05331968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-06-29 12:48 - 2015-04-30 22:20 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-06-29 12:48 - 2015-04-30 22:20 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-06-29 12:47 - 2015-05-22 22:46 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-29 12:47 - 2015-05-22 22:44 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-29 12:47 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-29 12:47 - 2015-05-12 00:49 - 00527704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 12:47 - 2015-05-07 15:05 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-29 12:47 - 2015-04-30 15:44 - 00478296 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-29 12:47 - 2015-04-30 15:44 - 00478296 _____ C:\WINDOWS\system32\locale.nls
2015-06-29 12:47 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-29 12:47 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-29 12:47 - 2015-03-27 10:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2015-06-29 12:47 - 2015-03-14 10:07 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-29 12:47 - 2015-03-14 08:33 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-29 12:47 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-29 12:47 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-29 12:47 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2015-06-29 12:47 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-29 12:47 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-29 12:47 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-06-29 12:47 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2015-06-29 12:47 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-29 12:47 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2015-06-29 11:21 - 2015-06-29 11:21 - 00000244 _____ C:\Users\sephiroth\Desktop\anderes.txt
2015-06-28 14:36 - 2015-06-28 14:46 - 00001024 _____ C:\Users\sephiroth\Desktop\sprücheengl.txt
2015-06-27 15:41 - 2015-06-27 15:41 - 00002171 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-06-27 15:41 - 2015-06-27 15:41 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-06-26 11:08 - 2015-06-26 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-26 11:08 - 2015-06-26 11:08 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-26 11:07 - 2015-06-26 11:07 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-26 10:57 - 2015-06-26 11:13 - 00000000 ____D C:\Users\sephiroth\Desktop\mbar
2015-06-25 19:30 - 2015-06-25 19:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\sephiroth\Downloads\mbar-1.09.1.1004.exe
2015-06-25 19:30 - 2015-06-25 19:30 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\sephiroth\Downloads\tdsskiller.exe
2015-06-24 19:02 - 2015-06-24 19:02 - 00000532 _____ C:\Users\sephiroth\Desktop\reis.txt
2015-06-20 11:58 - 2015-05-08 01:42 - 00076064 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys
2015-06-20 11:57 - 2015-06-20 11:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-06-20 11:57 - 2015-04-27 08:02 - 00198448 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-06-19 09:54 - 2015-06-19 15:29 - 00000660 _____ C:\Users\sephiroth\Desktop\klassenwechsel.txt
2015-06-15 09:52 - 2015-06-18 15:07 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-15 09:11 - 2015-06-15 09:12 - 152428336 _____ (Apple Inc.) C:\Users\sephiroth\Downloads\itunes6464setup.exe
2015-06-10 09:10 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-10 09:10 - 2015-05-28 04:03 - 02237440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 09:10 - 2015-05-28 04:03 - 01409024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 09:10 - 2015-05-28 04:03 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-06-10 09:10 - 2015-05-28 04:03 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 09:10 - 2015-05-28 04:03 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-06-10 09:10 - 2015-05-28 04:02 - 19291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 09:10 - 2015-05-28 04:02 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 09:10 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-06-10 09:10 - 2015-05-28 04:02 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 02656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-06-10 09:10 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-06-10 09:10 - 2015-05-28 04:00 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 09:10 - 2015-05-28 02:45 - 01763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 09:10 - 2015-05-28 02:45 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 09:10 - 2015-05-28 02:45 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 09:10 - 2015-05-28 02:45 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-06-10 09:10 - 2015-05-28 02:44 - 14383104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 09:10 - 2015-05-28 02:44 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 09:10 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-06-10 09:10 - 2015-05-28 02:44 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 13771776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 09:10 - 2015-05-28 02:43 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-06-10 09:10 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-06-10 09:10 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-06-10 09:10 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-06-10 09:10 - 2015-05-28 02:22 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2015-06-10 09:10 - 2015-05-28 02:20 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2015-06-10 09:10 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 09:10 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 09:10 - 2015-05-28 00:14 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-06-10 09:10 - 2015-05-21 20:07 - 04067840 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 09:10 - 2015-05-09 01:39 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-06-10 09:10 - 2015-05-08 22:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-06-10 09:10 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 09:10 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-07 21:45 - 2015-06-07 21:45 - 00001096 _____ C:\Users\sephiroth\Desktop\zuckermasse.txt
2015-06-07 12:59 - 2015-06-07 12:59 - 00002674 _____ C:\Users\sephiroth\Desktop\schokolikör.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-04 20:14 - 2015-05-10 07:41 - 00000000 ____D C:\FRST
2015-07-04 20:01 - 2015-01-22 13:01 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {A54D32B5-2772-4970-831E-FECBD81EF020}.job
2015-07-04 20:01 - 2015-01-22 13:01 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {A54D32B5-2772-4970-831E-FECBD81EF020}.job
2015-07-04 20:01 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-07-04 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-04 19:48 - 2013-11-29 10:22 - 01519223 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-04 19:22 - 2015-01-30 12:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-04 19:06 - 2015-01-28 11:06 - 00001456 _____ C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2015-07-04 18:18 - 2015-01-16 14:22 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Adobe
2015-07-04 12:19 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-04 09:35 - 2015-01-16 13:53 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3549694130-846552002-615965096-1003
2015-07-04 08:39 - 2015-04-15 07:07 - 00000000 __RSD C:\Users\sephiroth\Documents\McAfee-Tresore
2015-07-03 18:39 - 2015-06-03 18:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2015-07-03 18:39 - 2015-01-16 13:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 14:33 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-07-02 19:46 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-01 15:57 - 2013-11-29 19:15 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-01 15:57 - 2013-11-29 19:15 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-01 15:57 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-30 06:05 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AppCompat
2015-06-29 14:01 - 2015-03-13 11:56 - 00362528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-29 14:01 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-29 14:01 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-29 13:51 - 2013-11-29 10:53 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 13:50 - 2015-04-15 07:07 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-06-29 13:50 - 2015-01-16 14:12 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-29 13:50 - 2015-01-16 14:12 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-29 13:50 - 2013-04-18 12:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-29 13:50 - 2013-04-18 11:11 - 00155950 _____ C:\WINDOWS\PFRO.log
2015-06-29 13:50 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-06-29 12:53 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-27 15:41 - 2015-02-25 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-06-27 15:41 - 2015-01-22 12:48 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-06-26 11:08 - 2015-01-18 16:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-25 19:21 - 2015-04-15 07:57 - 00000000 ____D C:\Users\sephiroth\Downloads\Programme
2015-06-25 15:53 - 2015-01-20 18:18 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 11:36 - 2015-01-30 12:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-20 11:57 - 2015-04-15 06:59 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-06-20 11:57 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-06-20 05:48 - 2012-07-26 10:14 - 00792024 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:48 - 2012-07-26 10:14 - 00177624 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 10:07 - 2015-03-13 11:55 - 00000000 ____D C:\ProgramData\McAfee
2015-06-18 15:08 - 2015-04-06 22:35 - 00000000 ____D C:\ProgramData\Apple
2015-06-16 13:17 - 2015-05-10 11:37 - 00000000 ____D C:\Users\sephiroth\Downloads\referenzen_male
2015-06-15 10:08 - 2015-02-26 18:24 - 00000000 ____D C:\Users\sephiroth\AppData\Local\CrashDumps
2015-06-14 17:41 - 2015-01-22 13:06 - 00000367 _____ C:\Users\sephiroth\Sti_Trace.log
2015-06-14 12:34 - 2015-01-22 13:07 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\EPSON
2015-06-14 11:33 - 2015-04-16 13:53 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\Coronic
2015-06-11 21:25 - 2012-07-26 09:21 - 00692076 _____ C:\WINDOWS\setupact.log
2015-06-11 05:56 - 2015-04-03 10:35 - 00001644 _____ C:\WINDOWS\SecuniaPackage.log
2015-06-10 09:20 - 2015-01-16 13:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 09:18 - 2015-01-16 13:25 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-07 10:30 - 2015-02-24 23:59 - 00001110 _____ C:\Users\sephiroth\Desktop\Amazon Music.lnk

==================== Files in the root of some directories =======

2015-01-28 11:06 - 2015-07-04 19:06 - 0001456 _____ () C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2015-04-03 16:35 - 2015-04-03 16:35 - 0003584 _____ () C:\Users\sephiroth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-29 10:58 - 2013-11-29 10:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\sephiroth\AppData\Local\Temp\AutoRun.exe
C:\Users\sephiroth\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\sephiroth\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\sephiroth\AppData\Local\Temp\Quarantine.exe
C:\Users\sephiroth\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 15:00

==================== End of log ============================
Danke für deine Hilfe.
__________________
Antwort

Themen zu Firefox plötzlich schwarz
antivirus, avira, buchstaben, durcheinander, eingefangen, eset, firefox, gefangen, interne, internetverbindung, klicke, klicken, komische, mcafee, nicht mehr, nichts, plötzlich, popup, problem, rootkit, schließe, schließen, schwarz, stehe, verbindung


« Trojaner auf dem PC? | Analyse erbeten »


Ähnliche Themen: Firefox plötzlich schwarz


  1. Desktop wird plötzlich schwarz, wenn ich im Internet bin.
    Plagegeister aller Art und deren Bekämpfung - 30.12.2014 (53)
  2. Bildschirmhintergrund plötzlich schwarz, FRST mit Trojan.generic
    Log-Analyse und Auswertung - 12.11.2014 (10)
  3. Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz
    Log-Analyse und Auswertung - 11.11.2014 (15)
  4. Firefox bleibt schwarz, keine Befehlsleiste. Win7x64, Avast
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (21)
  5. Firefox Fenster ist schwarz und kann nicht benutzt werden
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (24)
  6. Beim Baspielen von Videos unter Firefox flimmert das Bild schwarz und ruckelt bei Volbbildmodus
    Alles rund um Mac OSX & Linux - 19.07.2014 (14)
  7. Firefox wird teilweise schwarz
    Plagegeister aller Art und deren Bekämpfung - 04.03.2014 (3)
  8. QVO6 Virus / Firefox plötzlich verändert
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (20)
  9. plötzlich sämtliche Dateien/Ordner/Programme weg, Desktop schwarz
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (36)
  10. Firefox öffnet plötzlich Werbung
    Log-Analyse und Auswertung - 23.01.2012 (5)
  11. Firefox 3.6.13 und Java-Programme schließen plötzlich
    Plagegeister aller Art und deren Bekämpfung - 15.01.2011 (2)
  12. Laptop-Monitor wird plötzlich schwarz
    Plagegeister aller Art und deren Bekämpfung - 05.10.2010 (0)
  13. XXX plötzlich als Seitenname bei Firefox!
    Log-Analyse und Auswertung - 10.09.2010 (18)
  14. Windows ist Plötzlich Schwarz-Weiss
    Mülltonne - 16.08.2010 (0)
  15. Bildschirm wurde plötzlich Schwarz/ Service.exe zeigt eine starke CPU-Auslastung!
    Log-Analyse und Auswertung - 27.04.2009 (0)
  16. Internet ging nicht/Firefox war plötzlich weg
    Log-Analyse und Auswertung - 18.12.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox plötzlich schwarz - Hallo liebe Helfer, seit 3 Tagen habe ich plötzlich das Problem, dass Firefox plötzlich schwarz wird und ich nicht mehr klicken kann, auch stehen dann so komische Buchstaben durcheinander wenn - Firefox plötzlich schwarz...
Archiv
Du betrachtest: Firefox plötzlich schwarz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131